We have a group member with experience in network security, and some that like Python. (Name credit goes to the guy from 84.51)
What it does
Campfire uses Suricata to constantly listen on the network for malicious traffic. If any of the traffic matches Suricata's traffic signatures, it makes note of it by writing the incident to a log file. Any time a change is written to the log file (a new incident is recorded) our python script communicates with the Twilio API and send us a text notification detailing the incident.
How we built it
We flashed a Raspbian image to an SD card to use in the Raspberry Pi. From there we installed and setup SSH network configurations of the Pi, then wrote the python script. Then, we used a Linux program to make the OS recognize our python script as a service, then set up the Raspberry Pi to start up both Suricata and our new Twilio SMS notification service when the Pi boots.
Challenges we ran into
We tried using a brand new Raspberry Pi 3B+ for the faster ethernet speeds and built in wi-fi, but there was an issue with the SD card reader of the Pi so we used a Raspberry Pi 2 with a USB wi-fi dongle. We were having issues for a while running the python script on startup. It wasn't until we created a new service for the python script that we got it working on startup.
Accomplishments that we're proud of
Getting the whole thing to work feels pretty rewarding, especially since we came in with no knowledge of what Twilio even was. Through the project, everyone was able to learn new, valuable, transferable skills.
What we learned
Members of our group learned about intrusion detection software and a base level of networking and network security. Members also learned about python, Twilio, and how to integrate the two to work together.
What's next for Campfire
Next is configuring a firewall to work on the Raspberry Pi as well, to make it a sort of all in one security device.