• United States



Modifying Embedded Linux Devices

Aug 13, 20072 mins
Data and Information Security

Most techs know that you can build your own firmware for embedded Linux devices.  I’ve used custom images for the NSLU2 to make it into a better fileserver.

The best Linux hardware hack out there in my opinion is Silica.  Yes, it’s pay-to-play so I’m only half-serious when I ask for one for Christmas (please, please, please, it’s even better than getting a pony).  But really what you’re getting is Immunity’s intellectual property in a box and a couple hours of in-person training.

At the heart of what I really want to do is to hack the Yoggie and turn it into an attack platform.  Then it’s a small-form-factor USB hack device.  That has tons of potential.

While looking around at custom Linux firmware, I came across OpenWRT.  This is good stuff–basically it’s a base OS install with packages for common software that you would find in a distribution.  The idea is that you can take your NSLU2, add some hard drives and custom firmware, and have a bittorrent seeder.

But dig down inside the packages repository and you’ll find some of my favorite software:  dsniff, nmap, aircrack, kismet, and netcat.  I can’t really think of a good reason to have these packaged unless you’re planning offensive actions.  Of course, I like this.  It makes it possible to build your own version of Silica in a form-factor that nobody suspects.

The good people at The Hacker Pimps took OpenWRT, some of the prepackaged software, and some scripting know-how and made FairuzaWRT (PDF Link, hacker humor which might be considered crude).  It’s mostly what I was thinking of doing.  The nice thing is that the Linksys WRT54G is everywhere–I have 3 of them at work and one at home.

Where am I going with all of this?  Well, the bottom line is the following:

  • If it can be customized, it can be hacked
  • If it can be hacked, it can be turned into an attack platform
  • Servers are getting smaller and smaller
  • Embedded attack platforms change the game

Michael Smith is the Chief Information Security Officer with a managed services provider based in Reston, Virginia. His scope of responsibility includes both providing governance and managing risk for several data centers, Security Operations Center, Network Operations Center, Server Management Team, and several disaster recovery sites. Michael started his adult life as a Russian Linguist in the US Army and migrated from there to Linux system administration and on to the security world. He is a member of the ISM-Community Steering Committee and teaches government information assurance through the Non-Profit Potomac Forum . Michael is both a Certified Information System Security Professional (CISSP) and an Information System Security Engineering Professional (ISSEP). You can read Michael's non-Linux personal blog at .