How to connect and capture multiple devices

KasperskyLab / TinyCheck

TinyCheck allows you to easily capture network communications from a smartphone or any device which can be associated to a Wi-Fi access point in order to quickly analyze them. This can be used to check if any suspect or malicious communication is outgoing from a smartphone, by using heuristics or specific Indicators of Compromise (IoCs). In order to make it working, you need a computer with a Debian-like operating system and two Wi-Fi interfaces. The best choice is to use a Raspberry Pi (2+) a Wi-Fi dongle and a small touch screen. This tiny configuration (for less than $50) allows you to tap any Wi-Fi device, anywhere.

Apache License 2.0

3.08k stars 222 forks source link

How to connect and capture multiple devices #138

Closed dawidol closed 1 year ago

dawidol commented 1 year ago

I want to connect several devices to the tinycheck, is it possible? the normal behaviour look like after one device is connected the capture start.

It is just requiered to add another device to the network and its traffic will be also captured or do I need to do it in any other way.

Thanks a lot

EvgenyAblesov commented 1 year ago

The design of the TinyCheck application does not allow the use of multiple parallel connections.

This is primarily due to the performance provided by Rasperry Pi. To understand the limitations of the platform just try using one device for about 10 or 15 minutes. The size of the capture file for futher analysis from a single device can be significant so adding support for multiple devices would be a technical problem.

dawidol commented 1 year ago

Thank you for your reply. Yes I understand the idea, you think it is valid using a raspberry pi 4b or even a laptop with enough resources? I am using a RPi 4b with 8 Gb of RAM, and been monitoring the performance with tiny check and is very low.