Or… how insecure is the two wire video doorbell implementation from Avidsen.
Raspberry PI as a Serial Device
There are many tutorials explaining how to set up your Raspberry PI as a Serial Device. Almost all of those tutorials explain how to setup your Raspberry as a Serial Console, which will act similar to a SSH connection. The current tutorial takes a different approach. You will find out how to turn your Raspi to a Serial USB Gadget, and how to control what you redirect to the Gadget’s Serial port in order to be available to the machine it will connect to. Using socat, commands we will redirect Serial data received over IP to the Gadget Serial port or data from the on-board UART protocol to the Gadget port.
Serial Over IP
Serial over IP is the easiest solution for transferring Serial Protocol Data (either at TTL level, or RS232/RS485 Specifications) over long distances. Devices responsible for this type of conversion are often called Serial to Ethernet Converters.
Raspberry PI as a SOCKS Server
How it works
The SOCKS protocol is being used to exchange packets between a server and a client through a Proxy server. Expanding the Remote Drone’s abilities, we can configure the "Middle Host" to act as a PROXY Server and redirect all of our requests to the "Remote Drone". With this configuration, all the traffic will be transferred through the "Remote Drone" and we will be able to access the remote network, or even the Internet through the remote’s Network ISP Modem.
ecoPrinter is an innovative device which can replace hard copies with no interaction file transferring, by implementing Android Beam and USB Printer Gadget functionality on a Raspberry PI Zero W.
Forget searching for Bluetooth devices or Wifi networks, enabling visibility, establishing a connection/pairing or setting up Wifi Direct, everything has become automated using (the unfortunately now deprecated) Android Beam. You just place your mobile device on the ecoPrinter while this is searching for a device (Red indication Light) and a few seconds later you can view the file on your mobile device as PDF. No matter if it is an image, document or a web-page, full backward compatibility is guaranteed because ecoPrinter appears as any other Printing device on your computer.
The main idea for this device is to reduce the amount of paper we use and also help users organize and keep their receipts, invoices, documents with the minimum amount of effort.
Access a remote network using Reverse SSH Tunneling
Reverse SSH Tunneling is the connection from the destination to the source instead of the default procedure which is the connection from the source to the destination. We can use this method to establish a connection to a remote network without knowing it’s external IP or making any changes to the network’s configuration. Unless a firewall restricts SSH traffic, the following guide using a Raspberry PI and an ENC28J60 module should be enough to establish a connection to the remote network by plugging the device to the remote network through ethernet.
Continue reading Access a remote network using Reverse SSH Tunneling
Add a new user and replace the default pi user [updated December 2021]
One of the most effortless way for an intruder to gain access to a system is "Password Guessing". As we can read from the NIST Special Publication 800-118:
Guessing attacks can be mitigated rather easily by using a combination of two methods. First, ensure that
passwords are sufficiently complex so that attackers cannot readily guess them. It is particularly important
to change all default OS and application passwords; lists of default accounts and passwords are widely
available to attackers.
For the Raspbian (official Raspberry PI OS), the default credentials (username: pi, password: raspberry) are the same since the launch of the first device in February of 2012 so if you plan to use a Raspberry PI for any of your projects, the first thing to do is change those credentials. For increased security is even better if you completely remove or disable the default pi user.
Continue reading Add a new user and replace the default pi user [updated December 2021]