Hacking_and_Penetration_Testing_with_Low_Power_Devices
You also want an ePaper? Increase the reach of your titles
YUMPU automatically turns print PDFs into web optimized ePapers that Google loves.
158 CHAPTER 7 Building an army of devices<br />
BE CAREFUL<br />
Devil is in the details<br />
Be careful to make sure that you have set each modem correctly before you start questioning your<br />
code. I wasted several hours debugging code I was convinced was wrong only to find out that one<br />
modem had been set to transparent mode while the other was operating in API mode. The receive<br />
lights blinked, but the modem was correctly dropping everything it received because it was not<br />
enclosed in a properly formed packet. Your favorite terminal program can be used on either side<br />
of the connection to help debug any problems.<br />
A point-to-multipoint network is nearly as easy to set up as a peer-to-peer connection.<br />
The only difference is that the DL value on all nodes (<strong>with</strong> the possible<br />
exception of the central node) should be set to the MY address of the central node.<br />
As far as any of the non-central nodes are concerned, they are in an exclusive peer-topeer<br />
relationship <strong>with</strong> the central node. For our purposes, a point-to-multipoint<br />
network <strong>with</strong> a comm<strong>and</strong> console as a central node will be used to control an army<br />
of remote hacking drones.<br />
MESH NETWORKING<br />
Setting up a comm<strong>and</strong> <strong>and</strong> control network <strong>with</strong> a bunch of drones connected to<br />
a comm<strong>and</strong> console on the central node <strong>with</strong> Series 1 modems is easy. There<br />
are some limitations, however. All drones must be <strong>with</strong>in range of the comm<strong>and</strong> console.<br />
There is no redundancy in the network. If a node is sleeping, it will miss any<br />
traffic directed toward it. These limitations can be overcome using ZigBee<br />
networking.<br />
The ZigBee Alliance has defined a number of robust protocols built on top of<br />
IEEE 802.15.4. We will only cover the basics needed to implement comm<strong>and</strong> <strong>and</strong><br />
control for our remote hacking drones in this book. A number of white papers, presentations,<br />
<strong>and</strong> other resources are available at http://www.zigbee.org/LearnMore/<br />
WhitePapers.aspx for those wishing to know more about ZigBee.<br />
ZigBee adds several services to IEEE 802.15.4 networking. Additions include<br />
routing, the creation of ad hoc networks, <strong>and</strong> self-healing mesh networks.<br />
Routing allows packets to be sent through a series of nodes. In IEEE 802.15.4<br />
networks, messages can only be sent from one node to another. The ability to send<br />
packets through a series of nodes allows the network of attack drones to be spread out<br />
much further than in a simple point-to-multipoint network.<br />
Ad hoc networks are automatically created. No human intervention is required.<br />
<strong>Devices</strong> that are part of a network are automatically added based on their designated<br />
role. ZigBee networks are said to be self-healing because the ad hoc network is automatically<br />
reconfigured if one or more nodes go down.<br />
Each device in a ZigBee network has a role to play. There are three available roles:<br />
coordinator, router, <strong>and</strong> end device. Every network has at least two nodes. One of these<br />
must be a coordinator <strong>and</strong> the other can be either a router or an end device.