Big pile of waffle about things I should do with the Pi Zeroes I have kicking around the place now.
This will probably be something I'll want for any Pi I start using as a regular server. Basically use a little power/charger controller board and a small lipo battery, soldered as snugly as possible to the Pi GPIO power pins, with an extra GPIO pin used to trigger a clean shutdown.
Then stick a cap of some kind over the micro USB power socket on the PI, so I remember to always plug it in via the power controller.
After that, it's into a little Python script to run on startup, monitor the low voltage shutdown pin and shutdown if it gets triggered.
There are various howtos available for doing this in various ways. The most cunning include power switches to trigger clean shutdowns too; as well as voltage warning triggers to throttle back the server and start sending warning alerts.
Pimoroni have recently started providing a tiny board that almost does the job - the Zero LiPo, but it doesn't actually charge the battery. They're promising an upgraded version that does include a charger for later in the year.
In the meantime Adafruit are ahead of them with a couple of boards that do battery power & charging. The PowerBoost 500c is for smaller LiPo batteries while the PowerBoost 1000c is its big brother (still tiny). Although they do warn that for the 500c the battery used must be more than 500mA capacity - which is pretty big for a Pi Zero UPS (unless there are some power hungry peripherals being used or you have long power outages).
Network Scanner / monitor
I tried this originally using OpenVAS (via a Kali Linux distro for the Zero). Unfortunately the mem requirements (for the redis server it uses) and the number of thread it uses means that the Zero just couldn't cope. A Pi3 would probably stand a better chance.
However, scaling back to a Python script (or a few) using the Python nmap library should allow me to build something to continuously scan the local network for servers/ports which should/shouldn't be there.
Adding some aircrack-ng scripting would also allow me to hunt round the nearby wifi world for anything that shouldn't be going on.
The whole thing could be polished off by slapping some blinkenlights on the top, and using Pushbullet or similar to actively warn me when bad things happen.
A Piratebox looks like it could be a handy little gadget to have for any group of people on holiday together. This should be easy to build with a Pi Zero, wifi dongle, big USB stick (for storage). Adding a big USB battery (e.g. a 10Ah++ mobile phone power brick) would mean it can just live in a corner somewhere not needing any external power for a few days.
I have no idea if this'd be useful but it should be easy to put together. A Pi Zero, 1 tiny wifi dongle and 1 high power wifi dongle (that can do monitor mode), 1 USB GPS dongle, USB battery. Then it's down to some clever scripting to hook up aircrack-ng and GPS tracking.
That'd give you a tiny box, (probably with a huge aerial sticking out) that could be carried around an area building up a log of every wifi network around, where the signal strength is best, what kind of security each one uses, etc. That would be pretty easy to plot onto Google Maps or similar to get a graphical view of all the wifi networks you can see.
This probably pretty much what Google was doing when they got into trouble with the privacy organisations as they drove around with the Google Cars a while ago. So maybe don't do this. Or at least don't do bad things with the info, or randomly share it with the world (well done Google, duh!)
Obviously, if you did do this, you don't want to be using any of the other wifi tools from a Kali Linux install to poke harder at the networks you do discover. Unless you have exceptionally friendly neighbours who don't mind you doing the wireless equivalent of rattling their doors to see if they are locked. Breaking into a network you own/administer - that's good practice. Breaking into any other network - that's a crap idea, and in most places it's either illegal or in a very dark grey area.
JMeter is a handy tool for scripting performance testing of websites (and other types of server). Ideally it uses a bunch of different machines all coordinated to send suitable suites of requests at a target and log the responses.
The individual machines don't need to be particularly powerful, but in total they should be able to produce enough traffic to the target so that it struggles with the load. A reasonable testbed for this would be a bunch of maybe 4 Pi Zeros, with wifi dongles, with one of then acting as the JMeter master and the rest as slaves.
It would be interesting to see whether a setup like that could generate serious load. There are multiple problems with using Pi Zeroes to try to generate this kind of scripted DDOS load:
- The CPUs are single-core and quite slow. So there isn't any scope for having some cores dedicated to JMeter work, the OS and any other activity will be interrupting the traffic generation.
- The network connection will be over USB2 bus, and with most wifi dongles that means we're looking at a theoretical max of 150Mb/s.
- Given they'll be contending thru the same wifi network, over the same wifi router, I'd be surprised if overall traffic was any better than 50Mb/s. Switching to wired USB network dongles should improve things.
Still I think it'd be an interesting device to try out, especially since each node would cost less than £15 all in, and more could be added very easily if it proved a sensible approach. If nothing else the JMeter botnet could act as a continuous "background load" for a target server under test, to help with soak testing or providing some known load on top of which a serious performance test could build.