docs
/
Documentation
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
Browse Source

docs sensor-mote

master
zeus 3 years ago
parent
8aefaa6537
commit
65b766d5f9
2 changed files with 241 additions and 187 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 2
      sensor-node/modules/ROOT/nav.adoc
  2. 426
      sensor-node/modules/ROOT/pages/index.adoc

2
sensor-node/modules/ROOT/nav.adoc
View File

@ -1,2 +1,2 @@
* xref:index.adoc[Network Scanning]
* xref:index.adoc[Sensor node]
* xref:exer.adoc[Exercises]

426
sensor-node/modules/ROOT/pages/index.adoc
View File

@ -1,329 +1,383 @@
= Network Scanning!
= Sensor node!
image::ROOT:swarmlab.png[swarmlab,150,float=right]
This tutorial demonstrates some common nmap port scanning scenarios and explains the output.
This tutorial demonstrates: *a.* howto create a mote with Raspberry Pi and Arduino *b.* howto use it
====
A sensor node, also known as a mote, is a node in a sensor network that is capable of performing some processing, gathering sensory information and communicating with other connected nodes
====
== Find IP
[source,bash]
----
# ifconfig ή ip a
== Create a mote with Raspberry Pi
eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 172.21.0.2 netmask 255.255.0.0 broadcast 172.21.255.255
ether 02:42:ac:15:00:02 txqueuelen 0 (Ethernet)
RX packets 61 bytes 9309 (9.3 KB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 0 bytes 0 (0.0 B)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
The Raspberry Pi is a low-cost credit-card sized single-board computer. The Raspberry Pi was created in the UK by the Raspberry Pi Foundation. The Raspberry Pi Foundation's goal is to "advance the education of adults and children, particularly in the field of computers, computer science and related subjects."
lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536
inet 127.0.0.1 netmask 255.0.0.0
loop txqueuelen 1000 (Local Loopback)
RX packets 248 bytes 14260 (14.2 KB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 248 bytes 14260 (14.2 KB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
----
https://simple.wikipedia.org/wiki/Raspberry_Pi[Wikipedia]
TIP: inet ***172.21.0.2*** netmask 255.255.0.0 broadcast 172.21.255.255
== Find live hosts
.Raspberry Pi 2 Model B
image:./Raspberry_Pi_2_Model_B_v1.1_top_new.jpg[alt="Raspberry Pi 2 Model B"]
[source,bash]
----
nmap -sP 172.21.0.*
[NOTE]
.Remember
====
A mote is a node but a node is not always a mote!
Nmap scan report for 172.21.0.1 (172.21.0.1)
Host is up (0.00028s latency).
MAC Address: 02:42:56:48:D0:61 (Unknown)
Nmap scan report for testnetwork2_worker_1.testnetwork2_net (172.21.0.3)
Host is up (0.00015s latency).
MAC Address: 02:42:AC:15:00:03 (Unknown)
Nmap scan report for testnetwork2_worker_3.testnetwork2_net (172.21.0.4)
Host is up (0.00018s latency).
MAC Address: 02:42:AC:15:00:04 (Unknown)
Nmap scan report for testnetwork2_worker_4.testnetwork2_net (172.21.0.5)
Host is up (0.00015s latency).
MAC Address: 02:42:AC:15:00:05 (Unknown)
Nmap scan report for testnetwork2_worker_2.testnetwork2_net (172.21.0.6)
Host is up (0.00017s latency).
MAC Address: 02:42:AC:15:00:06 (Unknown)
Nmap scan report for 9110d42e466b (172.21.0.2)
image:./arduino-connect-pi.jpg[alt="Raspberry Pi and Arduino"]
====
nmap -sP 172.21.0.* | grep Nmap | cut -d' ' -f5-6
172.21.0.1 (172.21.0.1)
testnetwork2_worker_1.testnetwork2_net (172.21.0.3)
testnetwork2_worker_3.testnetwork2_net (172.21.0.4)
testnetwork2_worker_4.testnetwork2_net (172.21.0.5)
testnetwork2_worker_2.testnetwork2_net (172.21.0.6)
9110d42e466b (172.21.0.2)
=== Install Raspberry Pi
----
==== Step 1: Download Raspbian
https://www.raspberrypi.org/downloads/raspbian/[Download] the Raspbian disc image - Choose Raspbian Lite
.What is Nmap?
[NOTE]
.Why Raspbian Lite?
====
Nmap, short for Network Mapper, is a free, open-source tool for vulnerability scanning and network discovery. Network administrators use Nmap to identify what devices are running on their systems, discovering hosts that are available and the services they offer, finding open ports and detecting security risks.
Because it is a lightweight version of the Raspbian and it doesn’t have a graphical user interface installed.
See https://en.wikipedia.org/wiki/Nmap[Nmap-wikipedia^]
This means that it doesn’t have any unnecessary software installed that we don’t need for our projects, so this makes it the perfect solution for future automation projects.
====
==== Step 2: Unzip the file
== Scan Ports
- Windows users, you’ll want 7-Zip.
- Linux users will use the appropriately named Unzip.
=== Scan a Single Port, All Ports, or Series
[source,bash]
----
Nmap commands can be used to scan a single port or a series of ports:
----
==== Step 3: Write the disc image to your microSD card
=== Scan port 80 on the target system:
Next, pop your microSD card into your computer and write the disc image to it. You’ll need a specific program to do this:
[source,bash]
----
nmap –p 80 172.21.0.3
----
- Windows users, your answer is https://sourceforge.net/projects/win32diskimager/[Win32 Disk Imager].
- Linux people, https://www.balena.io/etcher/[Etcher – which also works on Windows – is what the Raspberry Pi Foundation recommends.]
=== Scan ports 1 through 200 on the target system:
The process of actually writing the image will be slightly different across these programs, but it’s pretty self-explanatory no matter what you’re using.
[source,bash]
----
nmap –p 1-200 172.21.0.3
----
- Each of these programs will have you select the destination (make sure you’ve picked your microSD card!) and the disc image (the unzipped Raspbian file).
- Choose, double-check, and then hit the button to write.
=== Scan (Fast) the most common ports:
[source,bash]
----
nmap –F 172.21.0.3
----
=== To scan all ports (1 – 65535):
[source,bash]
----
nmap –p– 172.21.0.3
----
==== Step 4: Enabling SSH
- Windows users
.Create ssh file (no extension)
image:./ssh-file-to-sd-card.jpg[alt="Create ssh file"]
=== Scan All TCP UDP Ports
- Linux Users
Scan all UDP and TCP ports in a single command. We will use -sU for UDP and sT for TCP protocol.
.Create ssh file
[source,bash]
----
nmap -sU -sT -p0-65535 IP
sudo fdisk -l
# find dev and Boot partition
sudo mkdir /mnt/sdcardP1
sudo mount /dev/device_partion_boot /mnt/sdcardP1 -rw
cd /mnt/sdcardP1
sudo touch ssh
----
==== Step 5: Put the microSD card in your Pi and boot up
.What Are Ports?
[NOTE]
====
On modern operating systems, ports are numbered addresses for network traffic. Different kinds of services use different ports by default.
For example, normal web traffic uses Port 80, while POP3 email uses Port 110. One of the ways that a firewall works is by allowing or restricting traffic over a particular port.
Your default credentials are username **pi** and password **raspberry**
Because the ports into your computer can cause a security risk, it’s critical to know which ports are open and which are blocked.
====
==== Step 6: Access via SSH
== netstat
=== Listing (Almost all)
- The boot protocol for the ethernet interface is set to DHCP by default
[source,bash]
----
netstat -antlupe
----
You can find the open SSH ports on your network using the nmap utility:
=== Listing TCP Ports connections
.find ports on Network
[source,bash]
----
netstat -at
nmap -p 22 --open -sV 192.168.1.0/24
----
.Netstat
[NOTE]
====
Netstat command displays various network related information such as network connections, routing tables, interface statistics, masquerade connections, multicast memberships etc.,
====
You should find your pi listed in the output along with the IP assigned to the pi.
=== Listing UDP Ports connections
- You can change the boot protocol to static and define a static IP address for the pi by editing the ifcfg-eth0 file:
.static IP address
[source,bash]
----
netstat -au
sudo fdisk -l
# find dev and Boot partition
sudo mkdir /mnt/sdcardP1
sudo mount /dev/device_partion_ext /mnt/sdcardP1 -rw
cd /mnt/sdcardP1
vi /etc/sysconfig/network-scripts/ifcfg-eth0
----
Then edit the file to suit your needs
=== Listing all LISTENING Connections
.static IP address
[source,bash]
----
netstat -l
DEVICE=eth0
BOOTPROTO=static
ONBOOT=yes
NETWORK=192.168.1.0
NETMASK=255.255.255.0
IPADDR=192.168.1.200
GATEWAY=192.168.1.1
----
=== Listing all TCP Listening Ports
==== Step 7: Configure your Raspberry Pi.
[source,bash]
----
netstat -lt
----
**raspi-config** is the Raspberry Pi configuration tool
=== Listing all UDP Listening Ports
.config Pi
[source,bash]
----
netstat -lu
sudo raspi-config
----
It has the following options available:
=== Listing all UNIX Listening Ports
.config options
[source,bash]
----
netstat -lx
┌───────────────────┤ Raspberry Pi Software Configuration Tool (raspi-config) ├────────────────────┐
│ │
│ 1 Change User Password Change password for the current user │
│ 2 Network Options Configure network settings │
│ 3 Boot Options Configure options for start-up │
│ 4 Localisation Options Set up language and regional settings to match your location │
│ 5 Interfacing Options Configure connections to peripherals │
│ 6 Overclock Configure overclocking for your Pi │
│ 7 Advanced Options Configure advanced settings │
│ 8 Update Update this tool to the latest version │
│ 9 About raspi-config Information about this configuration tool │
│ │
│ │
│ │
│ <Select> <Finish> │
│ │
└──────────────────────────────────────────────────────────────────────────────────────────────────┘
----
=== Showing Statistics by Protocol
=== Arduino Uno Raspberry Pi Serial Communication
[source,bash]
----
netstat -s
----
==== Serial config on Raspi
=== Showing Statistics by TCP Protocol
.config 1 (recommended)
[source,bash]
----
netstat -st
whoami
sudo usermod -a -G dialout pi
reboot
----
=== Showing Statistics by UDP Protocol
This gives read/write permission for all users to the Raspberry Pi (potentially unsafe):
.config 2
[source,bash]
----
netstat -su
sudo chmod 777 /dev/ttyACM0
----
=== Displaying Service name with PID
This provides some configuration for the Arduino serial connection:
.configuration for the Arduino serial connection
[source,bash]
----
netstat -tp
sudo stty -F /dev/ttyACM0 cs8 9600 ignbrk -brkint -icrnl -imaxbel -opost -onlcr -isig -icanon -iexten -echo -echoe -echok -echoctl -echoke noflsh -ixon -crtscts
----
==== Reading in arduino
=== Displaying Promiscuous Mode
Displaying Promiscuous mode with -ac switch, netstat print the selected information or refresh screen every five second. Default screen refresh in every second. +
.C code in the arduino
[source,bash]
----
netstat -ac 5 | grep tcp
void loop() {
meas = analogRead(a);
if (Serial.available())
{
if (Serial.read() == '1')
{
Serial.println(meas);
}
}
}
----
=== Setting Promiscuous Mode
==== Python
[source,bash]
.Python code in Raspberry Pi
[source,python]
----
ifconfig eth0 promisc
import serial
from datetime import datetime
from time import sleep
now = datetime.now()
OR
ser = serial.Serial('/dev/ttyACM0', 9600)
ser.write("1".encode())
sleep(0.05);
s = ser.readline()
ip link set eth0 promisc on
file = open("dataset", "a")
file.write(now.strftime("%Y-%m-%d %H:%M") + " Sensor Value:" + str(s)+ "\n")
file.close()
----
=== Remove Promiscuous Mode
==== PHP
[source,bash]
----
ifconfig eth0 –promisc
[NOTE]
.PHP Class
====
https://gist.github.com/gravataLonga/6c89821b845d15e939a0/archive/0d0063684d388a8ff53df8e73e55f4cb1187d7cd.zip[Download Class]
====
.PHP code in Raspberry Pi - read
[source,php]
----
<?php
include "php_serial.class.php";
.Promiscuous Mode
[NOTE]
====
Promiscuous mode is a mode for a wired network interface controller (NIC) or wireless network interface controller (WNIC) that causes the controller to pass all traffic it receives to the central processing unit (CPU) rather than passing only the frames that the controller is specifically programmed to receive.
$serial = new phpSerial();
$serial->deviceSet("/dev/ttyACM0");
$serial->confBaudRate(9600);
$serial->confParity("none");
$serial->confCharacterLength(8);
$serial->confStopBits(1);
$serial->confFlowControl("none");
When a capable NIC is placed in Promiscuous Mode, it allows the NIC to intercept and read each arriving network packet in its entirety.
$serial->deviceOpen();
$read = $serial->readPort();
$serial->deviceClose();
If the NIC is not in Promiscuous Mode, it will only receive packets that are specifically addressed to the NIC. Promiscuous Mode must be supported by the NIC and by the operating system and any associated driver. Not all NICs support Promiscuous Mode, however it is pretty easy to determine if you have a NIC and OS capable of Promiscuous Mode.
====
echo $read
----
=== check if promiscuous mode is enabled on network interface
Sends a string to the Arduino.
[source,bash]
.PHP code in Raspberry Pi - send
[source,php]
----
<?php
netstat -i
error_reporting(E_ALL);
ini_set('display_errors', '1');
include "php_serial.class.php";
Iface MTU RX-OK RX-ERR RX-DRP RX-OVR TX-OK TX-ERR TX-DRP TX-OVR Flg
eth0 1500 8352 0 0 0 12677 0 0 0 BMRU
lo 65536 14656 0 0 0 14656 0 0 0 LRU
$serial = new phpSerial;
$serial->deviceSet("/dev/ttyAMA0");
$serial->confBaudRate(115200);
$serial->confParity("none");
$serial->confCharacterLength(8);
$serial->confStopBits(1);
$serial->deviceOpen();
$serial->sendMessage("Hello from my PHP script, say hi back!");
ifconfig eth0 promisc
$serial->deviceClose();
netstat -i
echo "I've sended a message! \n\r";
----
Iface MTU RX-OK RX-ERR RX-DRP RX-OVR TX-OK TX-ERR TX-DRP TX-OVR Flg
eth0 1500 8352 0 0 0 12677 0 0 0 BMPRU
lo 65536 14696 0 0 0 14696 0 0 0 LRU
==== NodeJS
ifconfig eth0 -promisc
[NOTE]
====
Read the writing carefully on your Raspberry Pi circuit board to confirm it indicates something like “Raspberry Pi 4 Model B” or “Raspberry Pi 2 Model B”. If in doubt, run the following command in the terminal:
netstat -i
$ uname -m
Iface MTU RX-OK RX-ERR RX-DRP RX-OVR TX-OK TX-ERR TX-DRP TX-OVR Flg
eth0 1500 8353 0 0 0 12677 0 0 0 BMRU
lo 65536 15232 0 0 0 15232 0 0 0 LRU
If the result returned starts with **“armv6”**, you are running a Raspberry Pi based on the older ARMv6 chipset and the next Node.js installation step **will not work**; otherwise, you are ready for the next step.
====
.Install NodeJS
[source,bash]
----
curl -sL https://deb.nodesource.com/setup_13.x | sudo -E bash -
sudo apt install -y nodejs
npm install raspi-serial
----
.Promiscuous Mode
[NOTE]
====
Look under the last column “Flg” for value “P”. If it’s there, it means promiscuous mode is enabled for that network interface +
B flag is for broadcast +
M flag is for multicast +
P flag is for promisc mode +
R is for running +
U is for up +
====
.Install NodeJS - armv6
[source,bash]
----
cd ~
wget http://nodejs.org/dist/v6.2.1/node-v6.2.1-linux-armv6l.tar.gz
tar -xzf node-v6.2.1-linux-armv6l.tar.gz
cd node-v6.2.1-linux-armv6l/
sudo cp -R * /usr/local/
export PATH=$PATH:/usr/local/bin
npm install raspi-serial
----
.NodeJS code in Raspberry Pi - read
[source,c]
----
mport { init } from 'raspi';
import { Serial } from 'raspi-serial';
init(() => {
var serial = new Serial();
serial.open(() => {
serial.on('data', (data) => {
process.stdout.write(data);
});
serial.write('Hello from raspi-serial');
});
});
----
[appendix]
== How to use Nmap
While the basis of Nmap's functionality is port scanning, it allows for a variety of related capabilities including:
=== Send data2server
- Network mapping: Nmap can identify the devices on a network (also called host discovery), including servers, routers and switches, and how they're physically connected.
- OS detection: Nmap can detect the operating systems running on network devices (also called OS fingerprinting), providing the vendor name, the underlying operating system, the version of the software and even an estimate of devices' uptime.
- Service discovery: Nmap can not only identify hosts on the network, but whether they're acting as mail, web or name servers, and the particular applications and versions of the related software they're running.
- Security auditing: Figuring out what versions of operating systems and applications are running on network hosts lets network managers determine their vulnerability to specific flaws. If a network admin receives an alert about a vulnerability in a particular version of an application, for example, she can scan her network to identify whether that software version is running on the network and take steps to patch or update the relevant hosts. Scripts can also automate tasks such as detecting specific vulnerabilities.
==== NodeJS
.NodeJS code in Raspberry Pi - send
[source,c]
----
...
var serverIOT=IP_SERVER
const socket = require('socket.io-client')('https://'+serverIOT+':9080');
socket.on('connect', function () {
socket.emit('subscribe', log);
var obj = new Object();
obj.room = log;
obj.message = data;
var text = JSON.stringify(obj);
var text1 = Buffer.from(text);
var text5 = text1.toString('base64');
socket.emit('log', text5, log )
//console.log(util.inspect(text5, false, null, true /* enable colors */))
res.json({
'message':"ok"
});
});
...
----
TIP: You can find more information https://git.swarmlab.io:3000/zeus/iot-swarm-example/src/branch/master[here^] and http://docs.swarmlab.io/SwarmLab-HowTos/index-lab.adoc.html#_iot_swarm_implementation[here^]

Write Preview
Loading…
Cancel
Save