iot

A quick and dirty guide to setting up an effective test environment for the Internet of Things (IoT).

Your hardware brand can vary, but basically you need a workstation with two available ethernet ports, a wireless router with built-in etherenet ports and VMware.

In my case I’m using a Mac Mini running VMware Fusion for OS X connected to a Thunderbolt Display in order to give me a second ethernet port. I’m also using a standard consumer grade Netgear wireless router with five built in ethernet ports. And of course a working internet connection.

Essentially you are going to use the wireless router to connect any devices, whether wired or wireless to the internet and capture the traffic as it flows through the Mac Mini using a guest running in VMware.

network

First, set up your wireless router to your liking. Personally I like to leave it as default with the wireless connection unencrypted so I can sniff the traffic when being transmitted over the air. Connect one of the ethernet ports on the wireless router to the second ethernet port on your workstation or in my case, the ethernet port on my Thunderbolt Display. Make sure to NOT use the WAN port which would normally be used for an internet connection on the wireless router.

Second, install your favorite hacking OS as a guest in VMware. I like to use Kali Linux to get the party started. You are going to bridge the Kali guest to the Thunderbolt Display ethernet port in the VMware settings for that guest.

A few things to note on this part in regards to how the Mac Mini is configured from a networking perspective:

a. The ethernet port is turned off under Network settings for the Mac.

b. Internet Sharing is enabled sharing the internet access available through the first ethernet port to the second ethernet port.

c. When Internet Sharing is enabled, it fires up a DHCP server that will allocate IP addresses to the VMware guest bridged to the second ethernet port and also anything connected to the wireless router, whether wired or wireless. Remember the wireless router is connected to the second ethernet port or in my case the ethernet port available on the Thunderbolt Display.

Third, Make sure you have internet access on the first ethernet port which you probably do if you simply connected the Mac Mini as normal to your network.

At this point you should be able to browse the internet via the Kali VMware guest or via anything connected to the wireless router. Assuming that is working, simply fire up Wireshark in Kali or your favorite network capture tool and browse the web via a device connected to the wireless router. You should see data being captured from that device in Wireshark.

One thing to note, make sure you enter your credentials into the dialog box that will pop up when telling Wireshark to capture traffic in Kali on the ethernet port. This will allow the VMware guest to monitor the network traffic going through the ethernet port.

Also, if you really want to get crazy you can capture, at the same time, the wireless traffic over the air via Wireshark for the Mac using the built in wireless interface on the Mac Mini.