My Minature Embedded Hacking System Project

by Chris McNab

Over Christmas I started to throw around some crazy ideas for work, as I usually don't have a lot of time to think outside the box. Ever since I was given a hardware keyboard logger by Frank Jones of Codex Data Systems at InfoSecurity Europe 2001, I have been quietly thinking about the possibilities of embedded systems and minature security devices. (a current link to the kind of keylogger I'm talking about is here by the way)

There is one specific security application I am currently investigating relating to small SBC systems, that of running a Linux system with nmap and various other network scanning tools, along with a mini-PCI 802.11 wireless card for remote access.

The various system boards I am looking at include:



  • The Soekris Engineering net4501, an Intel 486 133MHz system
  • The Intrinsyc CerfCube 255, an Intel XScale 400MHz system
  • Inhand Electronics Fingertip 3, an Intel XScale 400MHz system

    There are loads and loads of smaller SBCs, basically intergrated circuit boards that contain the microcontroller, flash memory, ethernet controller, RAM, etc., but require you to hook up all the external connections. A short list of such microcontroller boards is as follows:



  • http://www.arcturusnetworks.com/coldfire5272.shtml
  • http://www.advantech.com.tw/products/Model_Detail.asp?model_id=1-D6LEI&bu=#
  • http://www.dilnetpc.com/dnp0013.htm
  • http://www.amctechcorp.com/pages/netdimm%20sheet.pdf

    I'll probably go with the CerfCube system at first, it's not the smallest, but certainly offers the power and resources to run a pretty powerful Linux installation, plus its got a good shape (3 inches cubed, even with wireless).

    One book I picked up today to help with the process is Building Embedded Linux Systems. There are a whole bunch of distributions with small footprints for use on embedded systems, including uClinux, RedHat eCos, and Embedded Linux, not sure which one I'll go with yet, but the plan is to have 802.11 wireless and ethernet support, so the device can covertly run network scanning tools, and drop the results to an IBM microdrive on the device for collection and management later (via wireless).

    That's about all I've got to report right now, and I hope you find the links and resources useful. I strongly believe that these minature embedded Linux systems will prove as useful covert security testing systems into the future, we'll see how I get along with my project in the coming months!


    Please leave me any links, advice, or comments below, thanks..


  • 2 Comments

    anonymous2
    2004-01-09 11:36:29
    Check this out.
    http://www.solarpc.com


    Linux and application on small cheap system and bootable and runable from a flash card. For a application see:


    http://www.weatherdimensions.com/


    BTW it uses Squeak, a open Smalltalk system

    roshini
    2007-07-05 10:15:52
    hey...i wud like to make a small project on embedded system....i am an undergrad student...can u give me an idea for sumthng les complex
    my email is roshini_j@yahoo.com