Raspbery Pi Project
Introduction
This project was suggested by Wayne Snyder (instructor Oxnard College, CA - CNIT 143 Linux Essentials).
In order to keep the noise factor down, a minimum of documentation and screencasts have been used. The project is divided into two different machine configurations. The documentation consists of this document and two screencasts. Boot videos can be provided if required.
The screencast for the Pi-hole machine was recorded using built-in Chromebook software in .webm (HTML5) format. The screencast for the Pi-kali machine was recorded using the Kazam screencast software in .mp4 format.
I’ve tried to make the screencasts as professional as possible. However, this is the first time I have ever made any screencasts. Please bear this in mind while viewing and determining my grade ;-). Also I do not have any editing facilities so this is essentially LIVE with occasional awkward pauses.
Pi-hole Project
Pi-hole is software designed to act as a DNS server. However this DNS server has the special ability of dropping into a black hole all advertisements. IOW, Pi-hole is a network level AD blocker. This is supported by third party black hole lists. Whitelists are also possible to override any imporperly blacklisted sites.
Starting with a standard Raspian Lite 2021-03-04 installation (no desktop) the Pi-hole software was intalled with a standard configuration. The installation from GitHub is fairly straightforward. This included setting a static ip addresses (IPv4 and IPv6), installing the web based admin site, etc. A detailed PDF of the installation process can be provided if required.
To qualify as a “Raspberry Pi Project” the Pi-hole has been modified and reconfigured to use recursive DNS as well as an AD blocker. To accomplish this the Unbound DNS server software was installed. This server is configured to do recursive DNS straight from the ROOT DNS servers. IOW, it safely and securely looks up and caches ip addresses without third party interference (no snooping or redirection antics). Pi-hole is also configured to provide local DNS for the Zero-Tier Virtual Private Network (see Pi-kali Project below). A detailed PDFs of the installation processes can be provided if required.
Post Installation and Verification
Once installed these two components need to be configured to work with each other and the local Router and DHCP server. The highlights of this configuration and verifcation process are presented in the screencast.
Pi-kali Project
Kali is a linux distribution designed for the Cyber Secrity Set. It has pre-installed cutting edge cyber security tools and is useful as a network enumeration and penetration testing tool. By using an itsy-bitsy Rasberry Pi 4 utilizing a PoE HAT with it’s own Zero-Tier virtual private network (VPN) and remote access capabilitly using X2Go (GUI) and OpenSSH (terminal) it can be a great way to create a cigarette-pack sized appliance that can be dropped off at a client’s premises to remotely perform lengthy network enumeration and penetration testing.
I have also equipped this system with a Cyber Project (SuperDemo [VPN only]) website
and a git and jekyll based Content Management System (CMS).
A detailed PDFs of the installation processes can be provided if required.
Post Installation and Verification
Once installed the compnents need to be configured and verified. The highlights of this configuration process are presented in the screencast.
References
All references are provided inline as links to associated sources. These links are to the standard download and installation sites for relevant software.