IT Security Stack Exchange
IT Security Stack Exchange

Questions tagged [raspberry-pi]

A series of tiny hobbyist computing devices designed and developed in the UK by the Raspberry Pi Foundation with the aim of teaching basic computing and programming in schools.

Raspberry Pi is series of tiny hobbyist computing devices designed and developed in the UK by the Raspberry Pi Foundation with the aim of teaching basic computing and programming in schools.

Related reading

79 questions
73
votes
2 answers

Diffie Hellman parameters still calculating after 24 hours

I have a fresh install of Arch Linux on a RaspberryPi model B. I'm setting up OpenVPN and using easy-rsa with OpenSSL 1.0.2d to generate initial keys and certificates. All went fine until I ran ./build-dh(script here). It was 24 hours later when I…
kgizdov
  • 853
  • 1
  • 7
  • 6
12
votes
7 answers

Testing a hardware random number generator

The Raspberry Pi has a built in hardware random number generator but there doesn't appear to be any public documentation on the hardware, and even if there were it would be questionable (what company is going to publically admit that there might be…
Cromulent
  • 1,103
  • 1
  • 9
  • 13
12
votes
4 answers

Is the Raspberry Pi vulnerable to injection beyond the SD Card?

I understand that it is possible for a code to be crafted for a given hardware/firmware to inject a virus that would not be removed by a wipe of the hard disk. Video card, and BIOS are examples of a possible destination for this type of badware to…
700 Software
  • 13,807
  • 3
  • 52
  • 82
11
votes
1 answer

wget: what security issues am I not considering?

Questions: based on the details provided below, (a) what potential security vulnerabilities and threats might I face in my use of wget and (b) what recommendations would you give for mitigating those vulnerabilities and threats? Goals: as per a…
Tigelle
  • 187
  • 2
  • 9
11
votes
3 answers

Turn RPi3 Wi-Fi adapter into monitor mode using airmon-ng

For some reason, I can't turn the built-in Wi-Fi adapter on the new Raspberry Pi 3 into monitor mode like I used to do on other platforms. First I kill the processes that interfere with sudo airmon-ng check kill: Found 4 processes that could cause…
eden881
  • 237
  • 1
  • 2
  • 7
9
votes
3 answers

MSFConsole/Kali Linux - gain root access to unix system

I am messing around with Kali Linux, MSFConsole and DVWA (Damn Vulnerable Web Application). I have successfully been able to get into the system (Raspberry Pi) by creating a PHP backdoor and uploaded it via SQL injection. Now I have access the…
iProgram
  • 1,187
  • 3
  • 9
  • 15
7
votes
1 answer

Locking Linux system to work on certain hardware only

Is there a way of locking a Linux system to work with a specific (pre-defined) hardware only? I am developing a commercial product and want to make it a bit harder for someone to clone the whole working system so I am thinking of tying the SW and HW…
Kozuch
  • 209
  • 1
  • 7
7
votes
1 answer

How can I exploit a Buffer Overflow on a Raspberry Pi 4?

I am trying to exploit a bufferoverflow on raspberry pi 4 which makes use of Cortex-A72 (ARM v8) 64-bit SoC. The linux kernel version is v4.19 and the OS a Debian Buster compiled for the raspberry pi arm architecture. Vulnerable code #include…
Safe'nSound
  • 71
  • 1
7
votes
1 answer

Hashing password longer than 14 characters in wpa_supplicant.conf

My college has a WPA2 Enterprise network, which I can connect to on my Pi after configuring the network in wpa_supplicant.conf. I don't want my Wi-Fi password stored in plain text, so I use echo -n $password | iconv -t utf16le | openssl md4 to hash…
tjohnson
  • 121
  • 3
6
votes
1 answer

SSH raspberry pi security

I've setup an SSH server on my Raspberry Pi. I use RSA keys to login, I disabled root login, password authentication and I use port forwarding to login from outside my network. I can see the connection logs from the file /var/log/auth.log but I…
Matteo
  • 243
  • 1
  • 7
6
votes
4 answers

Protect Raspberry Pi's physical sd card to be swapped

Scenario: In a company there are Raspberry Pis which are connected to its network environment. A person with bad intentions could swap the SD card and replace it by his own which makes the Pi to a "sniffer" or the person could use it in other…
GotAQuestion
  • 75
  • 1
  • 4
5
votes
1 answer

How to prevent ARP poisoning with hostapd and iptables?

I have a raspberry pi and hostapd and iptables are running on my pi. However iptables cannot block the wifi clients from communicating with each other, thus I cannot prevent them from sending out ARP packets with iptables. It's not possible to run…
vincent163
  • 191
  • 4
4
votes
2 answers

How does processor architecture affect password hashing speed?

Does hashing speed vary significantly using different architectures (x86 vs ARM)? Scenario I am investigating the possibility of using a cluster of Raspberry Pi for cracking passwords hashed with bcrypt or scrypt. As the Raspberry Pi use a CPU chip…
user10211
4
votes
1 answer

How should I use Facebook while giving as little information as possible?

As a college student, Facebook and Messenger are virtually necessary to have in my life for communicating with clubs, classmates, finding housing, and more. As much as I want to get rid of them, it's not an option. Still, how can I reduce the amount…
Leo Adberg
  • 141
  • 4
4
votes
2 answers

How to connect a Raspberry Pi IDS to the home router to detect intrusions network wide?

I'm configuring a raspberry pi IDS/IPS with ELK stack on a separate machine, my problem is to connecting it to the router in a way it can read traffic on the whole network and drop the suspicious packets. The way I came up with is to configure Pi as…
Vidura supun
  • 43
  • 1
  • 4
1
2 3 4 5 6