The IoT Inspector was developed and tested for use on a Raspberry Pi v3. It should also work on any Linux machine that has both a WiFi interface that can be used as an access point and a wired connection to the internet.
Connect the Raspberry Pi to the Internet using a wired Ethernet connection. You can then access the Raspberry Pi from your computer using ssh.
Execute the following commands from the terminal of the Raspberry Pi:
$ cd /home/pi
$ git clone https://github.com/NoahApthorpe/iot-inspector
$ cd iot-inspector
The defualt SSID of the WiFi network created by IoT-Inspector is "Pi3-AP". You may wish to change this, especially if you have multiple IoT-Inspectors running in proximity.
The default password for the WiFi network created by IoT-Inspector is "raspberry". You should change this password to prevent others from using the IoT-Inspector network.
The SSID and password are set in the file iot-inspector/config/hostapd.conf
. Open this file in a text editor and change the values of ssid
and wpa_passphrase
to new a SSID and password, respectively.
From the iot-inspector
directory, run
$ sudo ./install.sh
This will prepare the configure and start the WiFi network and download the required packages for packet capture and analysis.
Execute the following commands from the Raspberry Pi terminal to start capturing packets and displaying traffic information in a web interface:
$ cd /home/pi/iot-inspector/web
$ sudo ../start.sh
This will start capturing packets on the wireless interface of the Raspberry Pi and saving pcap files to /home
.
It also starts Python backend code that parses the pcap files and stores
processed data in a Mongo database. Finally, it starts a node.js webserver to display the data with a
user-friendly interface.
The web interface can then be accessed from your computer on <Raspberry Pi IP>:3000. You can find the IP address of the Raspberry Pi under eth0
when you run ifconfig
from the Raspberry Pi terminal. If you want to view it directly on the
Raspberry Pi, connect the Pi to monitor and run the command
$ startx
This will launch the Raspberry Pi's GUI desktop. Then start the default browser and type "localhost:3000" in the address bar.