Mentions légales du service

Skip to content
Snippets Groups Projects
Commit 07bafbb4 authored by FARHI RIVASSEAU Guillaume's avatar FARHI RIVASSEAU Guillaume
Browse files

Merge branch 'master' into 'main' 

playbooks docs

See merge request gfarhiri/mitik-mgmt-mod!2
parents 3a93b5b0 4b1a572c
No related branches found
No related tags found
1 merge request!1Refactoring, new features
Hide whitespace changes
Inline Side-by-side
CHANGELOG.md deleted 100644 → 0
+ 0
54
View file @ 3a93b5b0
# Additions
# Modifications
## First master-nodes connection: SSH setup
In order to ease configuring ssh keys and passwordless authentication, the playbook **ssh_setup.yml** (previously **playbook_SSH_keygen.yml**) has been re-written.
- Asks for password and username
- Installs sshpass and keychain (master)
- Creates a ssh key (master)
- Copy public ssh key to authorized_hosts (nodes)
- Using .bashrc, autoload the ssh key (master)
## Nodes configuration
- install git, bc, + other optional packages (nodes)
- Switch off predictable netfowk interface naming (nodes)
- set up udev rules for forced interface naming (nodes)
- clone, build and install custom rtl8188 module (nodes)
- set up networkmanager to ignore wifi5..7
- copy script to setup interfaces monitor mode
- create crontab to run that cript when rebooted
## Data transfer (fetch results)
- Renamed playbook_data_transfer to data_transfer
- Move results to ../results/DATE/GROUP NAME, like SS1/INVENTORY NAME, like S1/filename"
## Update hosts
- Renamed from playbook_hosts to hosts_update
- Fix it
- Added super-sniffer inside hosts
ex: `192.168.1.244 ss2-s6`
## Hostame setup
- renamed from playbook_hostname to hostname_update
- added group (super-sniffer) to hostname: `ss2-s6`
## Experiment start
- renamed from playbook_scapy-sniffer_GPS.yml to start_sens_sniffer.yml
- Added and removed parameters to make it usable with mitik-sens
## Experiment interrupt
- Removes related crontabs
- Stops current sniffer.py processes
README.md
+ 1
1
View file @ 07bafbb4
......@@ -33,7 +33,7 @@ Basically this tool enables the management of sniffers through a "sniffer manage
## **Sniffer manager**
See [DOCUMENTATION.md](./docs/INSTALL_SETUP.md) for installation, setup and usage instructions.
See [DOCUMENTATION.md](./docs/INSTALL_SETUP.md) for installation, setup and usage instructions.\
See [PLAYBOOKS.md](./docs/PLAYBOOKS.md) for information about the available playbooks.
The sniffer manager comprises several functions:
......
docs/DOCUMENTATION.md 0 → 100644
+ 180
0
View file @ 07bafbb4
# Documentation
[MITIK-MGMT](https://gitlab.inria.fr/mitik/measurement-management/mitik-mgmt/) is the tool used to start and sync the experiments.\
It contains scripts and playbooks that can be ran with [Ansible](https://wiki.archlinux.org/title/Ansible), which uses SSH to control fleets of devices remotely (`nodes`).
> Ansible is a radically simple IT automation engine that automates cloud provisioning, configuration management, application deployment, intra-service orchestration, and many other IT needs.
## Installation
It requires installing ansible on your controlling computer (`master`):
```bash
sudo apt install ansible -y
```
Then clone the MITIK-MGMT repository and enter that folder :
```bash
git clone https://gitlab.inria.fr/mitik/measurement-management/mitik-mgmt
cd mitik-mgmt
```
### Folders structure
```bash
mitik-mgmt
├── config # Configuration files for Ansible. Run commands from here.
├── docs # Documentation for MITIK-MGMT
├── figures # Illustrations for documentation
├── files # Files sent to nodes for configuration
├── playbooks # Instruction lists to be used with ansible commands
└── results # Output of remote devices
```
Enter the `config` folder. When running ansible from this folder, it will read configuration files that are in that current directory.
### `inventory` file
==This step is mandatory==. Devices (`nodes`) you'll control (your `inventory`) are described inside the `inventory` file. [[Ansible documentation](https://docs.ansible.com/ansible/latest/inventory_guide/intro_inventory.html)]
In order yo fill your inventory, you'll need to know your nodes' username and IP address. A static IP for each node is highly recommended.
In the following example, we create a group of devices `ss1` with two nodes inside. They are locally nicknamed `s1` and `s2`, and they are reachable using their respective IP addresses. Username is set to be `user` for `s1`. Inline variables set here override variables defined globally.
```ini
[ss1]
s1 ansible_host=192.168.1.184
s2 ansible_host=192.168.1.231
```
---
The following adds members of the `ss1` and `ss2` groups to the `sniffers` group. Upon creating new groups, you might want to add them to the `sniffers`. This will let you run commands on all of its children at once.
```ini
[sniffers:children]
ss1
ss2
```
---
The following sets variables for all devices listed. More variables are available and described in the Ansible documentation. These values override those of `ansible.cfg`.
```ini
[all:vars]
ansible_connection=ssh
ansible_ssh_user=tribe
ansible_python_interpreter=/usr/bin/python3
```
---
### `ansible.cfg` file
This is more or less the default configuration file, generated running `ansible-config init --disabled > ansible.cfg`.
The following option has been changed :
```!yaml=137
inventory=./inventory ; Inline comment.
```
This sets the location of our inventory file, relative to the `config` folder.
## Usage
Please run your playbooks from the config folder.
You can make sure you're at the right place by typing `pwd` in your terminal.
By default, all playbooks target the group `sniffers`. View the setup instructions if you're unsure what this means.
You can run simple bash commands to nodes and view their results using:
```bash
ansible sniffers -m command -a "echo hello"
```
### First connection and ssh access
If you didn't configure it before, your `master` device isn't authorized to connect to your remote device yet.
For this to be solved, we're going to transfer the master's ssh key to the nodes so that it lets us in without password.
++This is a one-time process.++
Run the `ssh_setup.yml` playbook from the `config` folder :
```
ansible-playbook ../playbooks/ssh_setup.yml
```
Fill in the prompt for nodes' ssh passord and your master's admin password, then wait for completion. From there on, you won't need to provide authentication.
### Testing the connection to your nodes
Once your nodes are configured, test connections using:
```bash
ansible all -m ping
```
Green means good, red is bad.
:::spoiler Sample output
```bash
$ ansible all -m ping
rp4 | SUCCESS => {
"changed": false,
"ping": "pong"
}
s4 | SUCCESS => {
"changed": false,
"ping": "pong"
}
s2 | SUCCESS => {
"changed": false,
"ping": "pong"
}
s1 | SUCCESS => {
"changed": false,
"ping": "pong"
}
s3 | SUCCESS => {
"changed": false,
"ping": "pong"
}
s6 | SUCCESS => {
"changed": false,
"ping": "pong"
}
s5 | SUCCESS => {
"changed": false,
"ping": "pong"
}
```
:::
If you're still skeptical about it working, run
```
ansible-playbook ./test_echo.yml
```
which will make stuff appear in your nodes' tty1 (the one you see when you plug in a screen).
#### Setting up nodes using ansible
In order for your sniffers to work correctly, they need some configuration (installing some packages, the driver for the network adapters, the network interface names, etc).\
If you've just flashed your sniffers with the official Lite image, ++do not skip this step++.\
Detailed description of what this script does is to be found inside [Nodes setup and configuration](./PLAYBOOKS#nodes-setup-and-configuration)
Simply run the `sniffer-setup` playbook :
```
ansible-playbook ../playbooks/sniffer_setup.yml
```
This can be ran just to make sure things are set up properly.
#### Planning a sniffing session with cron and sens
Detailed description of what this script does is to be found inside [Starting and Stopping mitik-sens](./PLAYBOOKS#starting-and-stopping-mitik-sens).\
Run the `start_sens_sniffer.yml` playbook:
```
ansible-playbook ../playbooks/start_sens_sniffer.yml
```
And fill in the parameters to pass to the `sniffer.py` script.\
When running this command, note that it expects all sniffers to have the same amount of external adapters plugged in the same interfaces
#### Cancelling a future or running sniffing session
Detailed description of what this script does is to be found inside [Starting and Stopping mitik-sens](./PLAYBOOKS#starting-and-stopping-mitik-sens).\
Run the `stop_sens_sniffer.yml` playbook:
```
ansible-playbook ../playbooks/start_sens_sniffer.yml
```
#### Cancelling a future or running sniffing session
Detailed description of what this script does is to be found inside [Starting and Stopping mitik-sens](./PLAYBOOKS#starting-and-stopping-mitik-sens).\
Run the `stop_sens_sniffer.yml` playbook:
```
ansible-playbook ../playbooks/stop_sens_sniffer.yml
```
#### Testing current nodes statuses
Detailed description of what this script does is to be found inside [Starting and Stopping mitik-sens](./PLAYBOOKS#testing-devices-and-statuses).\
Run the `test_meta.yml` playbook:
```
ansible-playbook ../playbooks/test_meta.yml
```
docs/PLAYBOOKS.md
+ 77
99
View file @ 07bafbb4
# **Sniffers' configuration**
Ansible[^1] involves a common set of concepts and tools for system automation. An inventory to define the hosts and groups of hosts participants that will be operated by the playbooks. Once the inventory has been defined, a set of playbooks have been programmed to perform tasks on the sniffers. The execution of the playbooks depends on the modules available in the Ansible platform. Finally, the system global interpreter is based on Python.
[^1]: https://www.ansible.com/
The proposed topology is shown in Figure 1. One goal of using Ansible-based automation is to configure all sniffers simultaneously to guarantee that all nodes receive the same configuration, in addition to facilitating the manipulation of each device to be configured.
<center>
<figure>
<img src="https://gitlab.inria.fr/fmorlano/mitik_management/-/raw/main/Figures/mitik_topology.png" width="70%" height="70%" alt="mitik_topology"/>
<figcaption>Figure 1. Topology of Mitik project.</figcaption>
</figure>
</center>
The sniffers' deployment require two roles to be developed. The first environment has been created to perform the installation and configuration tasks required on the hardware and the O.S.; the second environment executes the tasks necessary to start the sniffer according to the required parameters, in addition to synchronizing the data with the sniffer manager (Mitik laptop) and the Mitik server. Figure 3 shows the scenario to be automated by the Ansible management tool.
<center>
<figure>
<img src="https://gitlab.inria.fr/fmorlano/mitik_management/-/raw/main/Figures/ansible_implementation.png" width="70%" height="70%" alt="ansible_implementation"/>
<figcaption>Figure 3. Automating super-sniffers deployment.</figcaption>
</figure>
</center>
## **Role 1. Hardware and software requirements**
A modified version of Raspian has been provided by [1], as part of the experiments evaluating the performance of low-level libraries to capture network traffic in the sniffer. However, it is necessary to carry out additional configurations in the sniffer to add new functionalities on it.
## **Sniffer manager**
A sniffer manager is defined in a Mitik laptop (Macbook Pro). All the instructions executed in the sniffers are defined in the sniffer manager. To establish communication with the sniffers, an inventory with specific parameters is defined. Each sniffer is assigned a static IP. Besides that, sniffers are organized in groups (super-sniffers). _inventory_ shows the definition for each sniffer. Four groups (super-sniffers) are defined (ss1 to ss4), and each one contains five sniffers (sniffer#-ss#).
In addition to the inventory, the sniffer manager sends all the instructions and configurations contained in the playbooks to be executed in each sniffer.
### **Authentication**
SSH key-based is used as authentication method between the sniffer manager and the sniffers. It is indispensable for the secure exchange information and data between the entities (sniffer manager and sniffers), besides of the execution of specific functions that requires SSH authentication. To enable the SSH Key-based authentication setup between the sniffer manager and the sniffers, _playbook_SSH_Keygen_ generates the public key of each sniffer, and also copy their SSH public keys to the sniffer manager.
### **Sniffer Identification**
Since each sniffer uses the O.S. from [1], _playbook_hostname_ and _playbook_hosts_ to redefine the hostname and local DNS of each sniffer based on the _inventory_ file and the static IP defined there.
### **GPS Synchronization**
Each step described in [README](https://gitlab.inria.fr/fmorlano/mitik_management/-/blob/main/docs/Installation%20manual.md) is executed in _playboork_GPS_sync_.
### **Wireless Interfaces**
To avoid randomness in the network interface names, the **Predictable network interface names** is disabled, and new udev rules are defined for assigning static interface names for each USB port.
```
#
# +---------------+
# | wifi1 | wifi3 |
# +-------+-------+
# | wifi2 | wifi4 |
# +---------------+ (RPI USB ports distribution)
#
# | wifi0 | (onboard wifi)
#
ACTION=="add", SUBSYSTEM=="net", SUBSYSTEMS=="sdio", ATTR{address}=="<MAC address onboard antenna>", KERNELS=="brcmfmac", NAME="wifi0"
ACTION=="add", SUBSYSTEM=="net", SUBSYSTEMS=="usb", KERNELS=="1-1.3", NAME="wifi1"
ACTION=="add", SUBSYSTEM=="net", SUBSYSTEMS=="usb", KERNELS=="1-1.4", NAME="wifi2"
ACTION=="add", SUBSYSTEM=="net", SUBSYSTEMS=="usb", KERNELS=="1-1.1", NAME="wifi3"
ACTION=="add", SUBSYSTEM=="net", SUBSYSTEMS=="usb", KERNELS=="1-1.2", NAME="wifi4"
# Playbooks
Playbooks are ran by ansible using `ansible-playbook path/to/playbook.yml`.
The ansible commands should be ran from the `mitik-mgmt/config` folder.
There are five main playbooks :
```bash
- device_setup.yml # set up a new device, or update configuration
- ssh_setup.yml # set up ssh keys
- start_sens_sniffer.yml
- stop_sens_sniffer.yml
- test_meta.yml # test functions
```
It is also defined a wireless network to connect each sniffer to the remote server through wifi0. These parameters are defined in _playbook_NIC_config_. It is worth noting that all wireless interfaces used to sniff must be connected in the same USB port for all sniffers.
## **Role 2. Sniffer parameters**
Unlike the single execution tasks of role 1, the tasks of role 2 can be executed multiple times, as long as they correspond to execution variables of the sniffer script. It is necessary to enter the online parameters to run the sniffer described in [1]. Host variables are defined in _playbook_scapy-sniffer_. Also, a timeout to stop sniffer execution has been added. By last, a job scheduling utility has been added to ensure that network time protocol set by Chrony is up to date for all sniffers.
To start the sniffers, following parameters must be defined:
- Hour to start the experiment,
- Minutes to start the experiment,
- Runtime duration in seconds,
- Wireless interface (by default, wifi1),
- Packet capture filter (by default, probe-req, probe-resp, beacon),
- Channel (by default, system),
- Hash funtion (by default, MD5),
- Hash pattern (by default, 15),
- Folder destination.
The capture filename structure produced by sniffers will have the next format: packet_capture_{sniffer_i-super-sniffer_id}-ts-{timestamp}-ch{channel}-gps{lat/lon}.pcap
On the other hand, each single capture file from the sniffers is sent via SSH connection to the Mitik laptop or Mitik server to be analyzed in the **Trace handling engine** and the **Trace production engine**. The _playbook_data_transfer_ contains the instructions to send the data to the Mitik laptop or Mitik server.
# ------------------ **TODO** --------------------
Tasks:
- [x] UPLOAD FUNCTIONAL PLAYBOOKS OF THE FIRST TESTBED
- [x] SPECIFY FEATURES OF EACH PLAYBOOK
- [x] ORGANIZE FEATURES IN PLAYBOOKS BY TASK TYPE
- [ ] CREATE MAIN.YML TO EXECUTE ALL THE PLAYBOOKS
## **References**
[1] Fernando Dias de Mello Silva, Abhishek Kumar Mishra, Aline Carneiro Viana, Nadjib Achir, Anne Fladenmuller, and Lu ́ıs Henrique M. K. Costa. Performance analysis of a privacy-preserving frame sniffer on a raspberry pi. In 6th Cyber Security in Networking Conference (CSNet), pages 1–7, October 2022.
## First master-nodes connection: SSH setup
In order to ease configuring ssh keys and passwordless authentication, the playbook `ssh_setup.yml` (previously `playbook_SSH_keygen.yml`) has been re-written.
- Asks for SSH password
- Installs sshpass and keychain (master) (needs superuser powers)
- Creates a ssh key (master)
- Copy public ssh key to authorized_hosts (nodes)
- Using `.bashrc`, autoload and load the ssh key (master)
## Nodes setup and configuration
Multiple configuration scripts, here called microstasks, have been put into a single playbook `device_setup.yml`
- `microtask_network_drivers_update.yml` (nodes)
- install git and bc
- clone https://github.com/aircrack-ng/rtl8188eus/
- build and load driver
- `microtask_networking_naming_scheme_udev_setup.yml` (nodes)
- Switch off predictable netfowk interface naming
- set up udev rules for forced interface naming
- if any interface is named "wlanX", copy current active connection to work with wifi0
- `microtask_networkmanager_un_manager_setup.yml` (nodes)
- set up networkmanager to ignore wifi..8
- `microtask_interfaces_monitor_mode_cron_setup.yml` (nodes)
- copy bash script to set interfaces wifi.8 to monitor mode
- set up a cron task to run this script on reboot
- `microtask_hostname_update.yml` (nodes)
- update device hostname to [group]-[inventory name]: ss1-s1
- `microtask_hosts_update.yml` (nodes)
- Add addresses of all other sniffers to each sniffer's hosts file
- `microtask_getty_autologin_setup.yml` (nodes)
- Sets up automatic login for internal console (accessible by connecting a keybpard to your node)
- `microtask_mitik_sens_update.yml` (nodes)
- Gets and updates the mitik-sens files from git
- `microstask_GPS_setup.yml` (nodes)
- Sets timezone to Europe/Paris
- enable GPIO
- install gpsd, gpsd-client, pps-tools, chrony
- enable gpsd, chrony systemctl units
- enable pps-gpio device tree inside /boot/firmware/config.txt
- configure gpsd to make ttyS0 use the socket /var/run/gpsd.sock
- copy the gpsd config file to `/etc/default/gpsd`
- reconfigure gpsd
- copy another config file to `/lib/systemd/system/gpsd.socket`
- uninstall ntp
- copy chrony config file `/etc/chrony/chrony.conf`
- `microtask_reboot.yml` (nodes)
- ask the user if they want to reboot
## Starting and Stopping mitik-sens
The playbook `start_sens_sniffer.yml` asks parameters to run mitik-sens :
- The folder of mitik-sens on the nodes. Defaults to `/home/tribe/mitik-sens-mod/`
- hour and minute at which to start the experiment. Defaults to current time +15m
- Timeout after which to stop the experiment in seconds. Defaults to 3600 (1h)
- The interfaces on which to run the experiment, separated by commas (e.g. `wifi5,wifi6`). Defaults to `wifi5`. Order matters.
- The channels on which to start the interface, separated by commas. (e.g. `6,11`). Defaults to `1`. Order matters.
- The subtype filter to choose which requests to capture. Defaults to `458`
- The interval in seconds for channel hopping. Defaults to 0 (disabled)
- The hashing function. Defaults to SHA256, can be MD5 and None
- The fields to anonymize. All MACs and ssids is 15; not ssid is 14; nothing is 0. Defaults to 15
Then it checks if the length of interfaces and channels is the same.
If they are, we set up a crontab to run the sniffer when planned.
**`stop_sens_sniffer.yml`**
This playbook interrupts any running `sniffer.py`, and cancels planned crontabs.
## Testing devices and statuses
`test_meta.yml` runs all tests playbooks.
[TODO] detailler les tests
docs/PLAYBOOKS_old.md 0 → 100644
+ 100
0
View file @ 07bafbb4
# **Sniffers' configuration**
Ansible[^1] involves a common set of concepts and tools for system automation. An inventory to define the hosts and groups of hosts participants that will be operated by the playbooks. Once the inventory has been defined, a set of playbooks have been programmed to perform tasks on the sniffers. The execution of the playbooks depends on the modules available in the Ansible platform. Finally, the system global interpreter is based on Python.
[^1]: https://www.ansible.com/
The proposed topology is shown in Figure 1. One goal of using Ansible-based automation is to configure all sniffers simultaneously to guarantee that all nodes receive the same configuration, in addition to facilitating the manipulation of each device to be configured.
<center>
<figure>
<img src="https://gitlab.inria.fr/fmorlano/mitik_management/-/raw/main/Figures/mitik_topology.png" width="70%" height="70%" alt="mitik_topology"/>
<figcaption>Figure 1. Topology of Mitik project.</figcaption>
</figure>
</center>
The sniffers' deployment require two roles to be developed. The first environment has been created to perform the installation and configuration tasks required on the hardware and the O.S.; the second environment executes the tasks necessary to start the sniffer according to the required parameters, in addition to synchronizing the data with the sniffer manager (Mitik laptop) and the Mitik server. Figure 3 shows the scenario to be automated by the Ansible management tool.
<center>
<figure>
<img src="https://gitlab.inria.fr/fmorlano/mitik_management/-/raw/main/Figures/ansible_implementation.png" width="70%" height="70%" alt="ansible_implementation"/>
<figcaption>Figure 3. Automating super-sniffers deployment.</figcaption>
</figure>
</center>
## **Role 1. Hardware and software requirements**
A modified version of Raspian has been provided by [1], as part of the experiments evaluating the performance of low-level libraries to capture network traffic in the sniffer. However, it is necessary to carry out additional configurations in the sniffer to add new functionalities on it.
## **Sniffer manager**
A sniffer manager is defined in a Mitik laptop (Macbook Pro). All the instructions executed in the sniffers are defined in the sniffer manager. To establish communication with the sniffers, an inventory with specific parameters is defined. Each sniffer is assigned a static IP. Besides that, sniffers are organized in groups (super-sniffers). _inventory_ shows the definition for each sniffer. Four groups (super-sniffers) are defined (ss1 to ss4), and each one contains five sniffers (sniffer#-ss#).
In addition to the inventory, the sniffer manager sends all the instructions and configurations contained in the playbooks to be executed in each sniffer.
### **Authentication**
SSH key-based is used as authentication method between the sniffer manager and the sniffers. It is indispensable for the secure exchange information and data between the entities (sniffer manager and sniffers), besides of the execution of specific functions that requires SSH authentication. To enable the SSH Key-based authentication setup between the sniffer manager and the sniffers, _playbook_SSH_Keygen_ generates the public key of each sniffer, and also copy their SSH public keys to the sniffer manager.
### **Sniffer Identification**
Since each sniffer uses the O.S. from [1], _playbook_hostname_ and _playbook_hosts_ to redefine the hostname and local DNS of each sniffer based on the _inventory_ file and the static IP defined there.
### **GPS Synchronization**
Each step described in [README](https://gitlab.inria.fr/fmorlano/mitik_management/-/blob/main/docs/Installation%20manual.md) is executed in _playboork_GPS_sync_.
### **Wireless Interfaces**
To avoid randomness in the network interface names, the **Predictable network interface names** is disabled, and new udev rules are defined for assigning static interface names for each USB port.
```
#
# +---------------+
# | wifi1 | wifi3 |
# +-------+-------+
# | wifi2 | wifi4 |
# +---------------+ (RPI USB ports distribution)
#
# | wifi0 | (onboard wifi)
#
ACTION=="add", SUBSYSTEM=="net", SUBSYSTEMS=="sdio", ATTR{address}=="<MAC address onboard antenna>", KERNELS=="brcmfmac", NAME="wifi0"
ACTION=="add", SUBSYSTEM=="net", SUBSYSTEMS=="usb", KERNELS=="1-1.3", NAME="wifi1"
ACTION=="add", SUBSYSTEM=="net", SUBSYSTEMS=="usb", KERNELS=="1-1.4", NAME="wifi2"
ACTION=="add", SUBSYSTEM=="net", SUBSYSTEMS=="usb", KERNELS=="1-1.1", NAME="wifi3"
ACTION=="add", SUBSYSTEM=="net", SUBSYSTEMS=="usb", KERNELS=="1-1.2", NAME="wifi4"
```
It is also defined a wireless network to connect each sniffer to the remote server through wifi0. These parameters are defined in _playbook_NIC_config_. It is worth noting that all wireless interfaces used to sniff must be connected in the same USB port for all sniffers.
## **Role 2. Sniffer parameters**
Unlike the single execution tasks of role 1, the tasks of role 2 can be executed multiple times, as long as they correspond to execution variables of the sniffer script. It is necessary to enter the online parameters to run the sniffer described in [1]. Host variables are defined in _playbook_scapy-sniffer_. Also, a timeout to stop sniffer execution has been added. By last, a job scheduling utility has been added to ensure that network time protocol set by Chrony is up to date for all sniffers.
To start the sniffers, following parameters must be defined:
- Hour to start the experiment,
- Minutes to start the experiment,
- Runtime duration in seconds,
- Wireless interface (by default, wifi1),
- Packet capture filter (by default, probe-req, probe-resp, beacon),
- Channel (by default, system),
- Hash funtion (by default, MD5),
- Hash pattern (by default, 15),
- Folder destination.
The capture filename structure produced by sniffers will have the next format: packet_capture_{sniffer_i-super-sniffer_id}-ts-{timestamp}-ch{channel}-gps{lat/lon}.pcap
On the other hand, each single capture file from the sniffers is sent via SSH connection to the Mitik laptop or Mitik server to be analyzed in the **Trace handling engine** and the **Trace production engine**. The _playbook_data_transfer_ contains the instructions to send the data to the Mitik laptop or Mitik server.
# ------------------ **TODO** --------------------
Tasks:
- [x] UPLOAD FUNCTIONAL PLAYBOOKS OF THE FIRST TESTBED
- [x] SPECIFY FEATURES OF EACH PLAYBOOK
- [x] ORGANIZE FEATURES IN PLAYBOOKS BY TASK TYPE
- [ ] CREATE MAIN.YML TO EXECUTE ALL THE PLAYBOOKS
## **References**
[1] Fernando Dias de Mello Silva, Abhishek Kumar Mishra, Aline Carneiro Viana, Nadjib Achir, Anne Fladenmuller, and Lu ́ıs Henrique M. K. Costa. Performance analysis of a privacy-preserving frame sniffer on a raspberry pi. In 6th Cyber Security in Networking Conference (CSNet), pages 1–7, October 2022.
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment