Project Overview:
In essence this is a project to build an OS with capable tools to detect wireless access points and bluetooth, using the raspberry pi (and the additional USB cards)
To install a custom and hardened Debian Linux OS for an ARM based architecture, that will have its own repository for tool and script file updates. The OS will be placed on a Raspberry Pi. The Debian repository's do not have the latest tools and drivers for what I need, so these will need to be installed along side the drivers. The OS needs to be hardened and locked down, so unneeded binaries should not exist on the system (for example I don't need vim and nano, (just one), I don't need TFTP, FTP, gcc).
Requirements:
Tools To Be Installed:
All raspberry pi drivers
AIDE
SSH
tcpdump
OpenSSL
Driver installation for all RTL81xx chipsets - patched where required (mac80211 driver?)
Driver installation for Atheros and Broadcom chipset
gpsd
sqlite
hostap
Installation of SMTP server to send emails
drivers must be patched to support raw packet injection and work with the kernel version and aircrack.
Binaries to be created from source and used on my own repository
nMap
Kismet
aircrack
- Daily updates and automated installation of package updates
- Password policy enforced on SSH
- Options to enable OTP / two factor authentication
- Disable root login
- ensure no unwanted services are running
- Firewall / iptables configured
- disk quotas enforced
- log all login's
Deliverable:
- ISO of custom Debian Image
- Documentation that includes
- How drivers were patched and installed
- Source code configure directives used
- How to create my own online repository for binaries
- Setup of airodump to log to an sqlite db
- have email alerts sent when a new AP is detected
I will write a complete scope of how I expect the system to work, to ensure everything is captured here.
I am also looking at creating another project that uses HTML5 to report on all this information through a browser.