Configure Your Own Internet Router

Hook Up Your Raspberry Pi

Connecting all your devices to the Raspberry Pi is very easy, but you want to do it in a specific order so it can recognize all your devices when it boots up. First, connect your HDMI cable to your Raspberry Pi and your monitor, then connect your USB devices. If you’re using an Ethernet cable to connect to your router, go ahead and connect that as well.  Finally, once everything is connected, go ahead and plug in your power adapter. The Raspberry Pi does not have a power switch, so once you connect the power adapter, it’ll turn on all by itself.

Connect to Your Wi-Fi Network

Connecting to your Wi-Fi network works the same in Raspbian as it does it any modern operating system.

  • Click the network icon (it’s the one with two computers) in the top right corner.
  • Select your Wi-Fi network name, and enter your password.

That’s it, you’re now connected to Wi-Fi. This will work in both the command line and in the graphical interface, so you only need to set it once. If you have an older Pi and you’re using a Wi-Fi adapter like this, the process is the same.

You have several devices connected to your WiFi router, so how can you tell the outside where you are serving-up Raspberry Pi?

Getting Online

The following section assumes you have an updated and upgraded Raspberry Pi 3 or equivalent, and installed L.A.M.P. (Linux.Apache.MySQL.PHP.)  Excellent article for getting started and RaspberryPi.org’s installing LAMP.

You have several devices connected to your WiFi router, so how can you tell the outside where you are serving-up Raspberry Pi?

Use a service like dataplicity OR DIY:  Let’s get familiar with our router’s advanced settings in your router manufacturer’s configuration tool.  Most home networks use one of these common IP addresses for their gateway to the Internet:

place-wifi-router

You will need to login to your router’s configuration tool.  The username and password should have been assigned at the time of setup.  First, we need to reserve an IP address for our Raspberry Pi to use on a regular basis.  Typically, the router will have a DHCP (Dynamic Host Configuration Protocol) Settings section, List and Bindings, etc.  The Raspberry Pi and all other devices on your LAN should be listed here.  Hopefully, your router will have a somewhat intuitive interface that will make sense as to how to assign an IP address to a device or MAC address.  If all else fails, consult your manufacturer’s instructions.

decapi-slider-raspberry-pi-casenetwork-782707_1280-980x637

The default port for web requests is 80.  You can leave the default unless your Internet Service Provider doesn’t allow port 80.  Next step in your router’s configuration is to have the router forward all incoming requests on port 80 to the Raspberry Pi.  Typically referred to as, Port Forwarding or Port Range Forwarding.  You will want to associate the Raspberry Pi’s IP address so that it will receive all incoming requests on port 80 or whatever port you find most appropriate.  (The most secure web server is one that is not connected to the Internet 😉  The default port for SSL is port 443.  Next step in your router’s configuration is to have the router forward all incoming requests on port 443 to the Raspberry Pi.  Motion Web-Cam Streaming:  The default port for motion is port 8081.  Next step in your router’s configuration is to have the router forward all incoming requests on port 8081 to the Raspberry Pi.

You could also allow Telnet, FTP, SSH, VNC, etc but I do not recommend unless you are familiar with the security risks associated with such services.

Get Yourself A Domain Name

http://www.YOUR_CUSTOM_DOMAIN.ddns.net

Check for the DDNS ( Dynamic Domain Name Service ) Setting in your Router’s advanced configuration settings.  Most routers will support one or more of the following, http://www.dyn.comhttp://www.noip.com, many others search Google for “Dynamic DNS”.  The service will offer the ability to register a domain name to associate with the Dynamic IP address that is assigned to you by your Internet Service Provider.  Typically, your router or a software plugin that you download and install will update the Dynamic DNS service’s database when your assigned IP address changes.

Secure Socket Layer

https://letsencrypt.org/

Let’s Encrypt our connection with the Raspberry Pi.

Install

Rather than apt-get Cerbot, I download the latest version directly from its repo:

sudo git clone https://github.com/certbot/certbot /etc/letsencrypt

Easy SSL through Automation

Certbot has a fairly solid beta-quality Apache plugin, which is supported on many platforms, and automates both obtaining and installing certs:

sudo /etc/letsencrypt/certbot-auto

 

Your domain name for your hydroMazing should now be secure.

Using a Raspberry Pi and USB Camera

You have a Raspberry Pi, or are comfortable with the idea of using one, and you want to use it to capture video or images using a USB camera.  Even though the Raspberry Pi has a port designed specifically for using a camera, it’s not as low-cost, nor as convenient as the USB corded camera.

CanaKit Raspberry Pi 3 B+ (B Plus) Starter Kit (32 GB EVO+ Edition, Premium Black Case)

It would be a lot nicer if you had a web interface to access, view, and manage the content you’ve capture using the USB camera.  Learn to set up a LAMP (Linux, Apache, MySQL, PHP) stack on your Raspberry Pi and configure it to work as a web server and set up a basic website which you can access on any device on the same network as your Pi.  This is a link to a nice tutorial for setting-up a L.A.M.P. server on your Pi, the WordPress portion is optional, you can stop after installing PHP. 

Motion

Motion is the tool that you will want to use if you want to live stream, record video, capture motion, and grab a lot of snapshots.  More options means a lot more configuration options making setup more complex.

download and install:

  • sudo apt-get update
  • sudo apt-get upgrade
  • sudo apt-get install motion

usage:  See /etc/motion/ for configuration file(s).  The documentation for Motion is contained within the file motion_guide.html.

The offline version of this file is available in the doc/motion directory. The online version of the motion_guide.html file can be viewed here

growrm2

fswebcam

fswebcam is a simple tool for grabbing snapshots using a USB connected camera and  can be configured to execute routinely using the operating system’s cron job scheduler.

download and install:

  • sudo apt-get update
  • sudo apt-get upgrade
  • sudo apt-get install fswebcam

usage:  https://www.raspberrypi.org/documentation/usage/webcams/

More:

 

Make a Touch Screen Kiosk

touch screen

Raspberry Pi 7″ Touchscreen Display

AND

SmartiPi Touch case for The Official Raspberry Pi 7″ Touchscreen Display – Adjustable Angle

Security through Obscurity

 

Security and Obscurity

“In security engineering, security through obscurity (or security by obscu58688968_1920_1080rity) is the reliance on the secrecy of the design or implementation as the main method of providing security for a system or component of a system. A system or component relying on obscurity may have theoretical or actual security vulnerabilities, but its owners or designers believe that if the flaws are not known, that will be sufficient to prevent a successful attack. Security experts have rejected this view as far back as 1851, and advise that obscurity should never be the only security mechanism.”  https://en.wikipedia.org/wiki/Security_through_obscurity

We often rely on our security being through some sort of obscurity.  “If they don’t know about it, they can’t use it to get in.”  Common household door locks only have so many combinations, yet we can rely on the lock of our front doors because we know that a thief would have to try every combination or break-the-door-down.  However, on the Internet, who is watching your front door, so a thief cannot try every combination?  Fortunately, our web-server has an access.log file that is automatically updated and archived for us.  Let’s start there and see if anyone has left their “footprints” on your web server.

Is anyone trying to gain access?

wget-shellshock-johnIf you are running a LAMP setup on a Raspberry Pi , open-up a terminal window and type in the following:

cd /var/log/apache2/
zcat access.log* | awk '{print $1}' | sort -n | uniq -c | sort -nr | head -20

 

The output should be a list with two columns, one containing the number of entries counted, and the second column is the IP address associated with each web request made.  The easiest way to get the most information from a reverse IP lookup is by using the following command:

curl ipinfo.io/REPLACE.WITH.IP.ADDRESS.TO.LOOKUP

13117907603_3cce4123de_z

Rather than rely on an external web service, you can do some digging after you install some tools that are not included by default with the Pi:

sudo apt-get install geoip-bin
geoiplookup IP.ADDRESS

Here is a good article on using geoiplookup.  Even more advanced digging not included by default with the Pi:

sudo apt-get install dnsutils
dig -x IP.ADDRESS

Does the location seem suspicious?  Try grepping for the activity, the zgrep command includes the compressed files:

zgrep 'IP.ADDRESS' access.log* -1

By looking at the web requests that were made from the IP address, you can determine whether the activity is suspicious.  Typically, you will find that these IP addresses are from bots looking for vulnerabilities in your security.  You can manually block IP addresses to your blacklist or you can just deny all and allow select IP addresses.  If you haven’t already, you’ll want to install and setup a firewall.

Power to the People!

We believe you shouldn’t need expensive gadgets and technical expertise to be a successful gardener. We are committed to a greener planet!

A handy IndoorGardeningChecklist – print yourself a copy!


Image Credits: Power to the People, Patrick Nygren 2014.
Creative Commons Commercial Use License.