We recently developed a plug-and-play vulnerability scanner built on a Raspberry Pi. And by plug-and-play, we actually mean that; you plug in the Raspberry Pi to your router, and within a few hours, you will receive an OpenVas network vulnerability report to your email.
For those that thought “YUM!” when mentioned above, a Rasberry Pi (RPi) is actually a single-board computer that costs around $100 and can be used for a vast range of applications, including home automation and education. If a fruity pastry had the same capabilities, that would be an impressive, albeit slightly expensive, treat!
The entire project is open source, and once you buy the device and peripheral set-up equipment, the scanner is FREE to run as many times as you want! This article will walk you through the “why” you’d want this and “how” you can create your own home network vulnerability scanner. Let’s jump in!
A study from Deloitte found that U.S. households own an average of 11 internet-enabled devices. With devices such as Amazon Alexa, Google Home, Ring cameras, computers, smartphones, and tablets, it’s easy to quickly lose sight of what is running on your home network and if these devices contain any known security vulnerabilities.
Vulnerability scanners are software tools that probe and enumerate a set of targets (such as devices on your home network) and then attempt to identify security vulnerabilities on those devices. Most vulnerability scanners create a report revealing an overview of the devices identified and a list of vulnerabilities discovered. Vulnerability scanners are frequently used by IT companies to compile a network security baseline quickly, but you can apply the same tools to your own home network.
One downside to vulnerability scanners is that they require significant technical experience to configure and run properly. On top of that, commercial vulnerability scanners are expensive (Nessus license costs at least $2,790 per year).
We have developed a Raspberry Pi vulnerability scanner that is extremely easy to use (just plug it into your router) and completely open-source. In addition to scanning your own home network, you could also use it to scan networks at AirBNBs or any network you don’t trust. We use the open-source vulnerability scanner “OpenVAS” to do the heavy lifting, and we’ve created a supporting infrastructure that makes running a vulnerability scan on your home network foolproof. Thanks to the creator of OpenVAS Docker Lite for the dockerized version of OpenVAS this project is based on.
Once the Raspberry Pi is configured, you simply plug it into the back of your wireless router with an ethernet cable and plug the power source into your wall. The RPi will automatically boot up, send you an email letting you know the scan has started, enumerate and scan your network automatically, and then email you the results via an encrypted link that only you have access to. Want to rerun the scan? Just unplug the RPi and plug it back in.
As for configuring the Raspberry Pi in the first place, you can follow our instructions below to configure the device yourself, or you can email us at firstname.lastname@example.org, and we’ll be happy to create it for you and ship it to you.
Depending on your technical background, creating your own RPi vulnerability scanner may be extremely straightforward or extremely difficult. If you’ve never used a command line or terminal before, you may struggle to follow these steps. If you’d rather not struggle, email us at email@example.com, and we’d be happy to send you a pre-configured device.
For everyone else, let’s dive in.
If you’re going to make a Raspberry Pi vulnerability scanner, you’re going to need some ingredients:
- CanaKit Raspberry Pi 4, 4GB RAM Started Kit
- Ethernet Cable
- USB Keyboard and USB Mouse
- Computer Monitor (with HDMI port)
It’s likely you already own items 2-4, but we’ve included everything you could possibly need to be sure. We linked some items on Amazon for convenience, but feel free to look around and find something else equivalent.
- Install Raspberry Pi Imager for your Operating System (https://www.raspberrypi.org/downloads/)
- After it downloads, open the Imager, plug your Raspberry Pi micro SD card into the USB adapter and plug the USB adapter into your computer
- Use Raspberry Pi Imager to install Raspberry Pi OS onto the micro SD card
- Set up your Raspberry Pi according to the CanaKit instructions (attach heatsinks, fan, and cover)
- Put your configured Raspberry Pi micro SD card into the port on the Raspberry Pi
- Plug one end of your HDMI cable (included in the CanaKit) into your Raspberry Pi HDMI port and the other end into your monitor
- Plug in your USB Mouse/Keyboard to the USB spots on the RPi
- Plug in the RPi power cable and wait for it to boot up
- Once the Pi boots up, follow the prompts to configure the Pi with your country and timezone. Change the password to something besides the default.
- Configure the Raspberry Pi’s internet access, which can be done wirelessly or via your Ethernet cable. Allow the software update. Allow the Pi to reboot once the update finishes.
- Once the Pi restarts, open up a terminal window on your RPi (you may also want to open this blog post in a browser on the RPi so that you can copy and paste the command below easily)
- Copy and paste the following command into the terminal. Note: You will be prompted to enter the email address you want to receive the report to when the scan finishes.
/bin/bash -c "$(curl -fsSL https://raw.githubusercontent.com/lukewegryn/rpi-vuln-scan/master/rpi/rpi-install.sh)"
- Once the script finishes the installation process, unplug your RPi, and all of its connections (HDMI, mouse, keyboard, etc.).
- Plug an Ethernet cable from your RPi to the back of your router.
- Plug the RPi into a power source and power it on.
- After a couple of minutes, you should receive an email telling you the scan has started.
- Several hours later, you will receive the scan results via email.
- Anytime you want to rerun the script, power cycle the Pi.
Once you have the vulnerability report, you may be wondering what to do with it. There are two high-level things you should look at:
- How many IPs did the scan identify on your network? Do you recognize the hostnames of these devices, or are any of them mystery devices? If you don’t recognize them, it’s a good idea to look into what they might be to ensure that you are aware of all the devices on your network.
- Were any medium or high severity issues reported? Most of the time, low severity issues can be safely ignored. Still, if there are any medium or high severity issues, they should be reviewed to determine the security risk they present to your network.
Each issue reported should have a reference section that will help point you in the right direction to understand the security issue. Google can get you a long way in understanding what these vulnerabilities mean. If you’d like to talk to us about any of the issues the vulnerability scanner found, please reach out to us at firstname.lastname@example.org.