Registration of Raspberry Pi devices
Raspberry Pi devices are becoming more prevalent for Design and Research within the ECE department due to their low cost and flexibility. Unfortunately, these devices are also quite prone to security problems if used without taking basic steps before utilizing them on the NDSU network. The department has decided to take certain basic steps when acquiring these devices before allowing them to be used on the NDSU network. These are as follows:
- All Raspberry Pi (or similar) devices will need to be registered with the ECE Tech Support staff.
- Registration will entail collecting Serial Number of the device, MAC address of the device’s network card, and user contact information for the responsible parties who will be utilizing the device.
- If using the default Raspbian operating system, the device will have a new user account created for general use, and the default ‘pi’ user account will be renamed and given a new password, or outright deleted.
- Using the device with the default account unchanged would quickly get the device compromised and then blocked from access to the NDSU network.
- The device will be set to automatically install security updates as opposed to just allowing the user to manually install when desired.
- The device will also have software installed to help protect against “brute-force” hacking where someone attempts to repeatedly try differing passwords to gain access.
- This software will “ban” the IP addresses of any device which repeatedly fails to login, thus helping to prevent brute-force hacking attempts.
- If another operating system besides the default Raspbian is used, similar security steps will need to be taken to similarly protect the device.
Questions regarding this policy can be directed to:
ECE IT System Administrator