True, you would probably have to code your own software or something and have the os reboot, but the application or certain partition on the drive stay encrypted. This might allow it to auto reboot, and resume processes. This is just a idea off the top of my head, so there isn’t a lot of forethought into it.
If he knows which device the port is actually forwarded to, he could try spoofing his IPv4. Haven’t actually tested it, just spitballing ideas. No idea if it’ll work or not.
Reverse ssh. The router will route packets on port 80 to your pi.
https://blog.devolutions.net/2017/3/what-is-reverse-ssh-port-forwarding
And for the price of the raspberry pi and needed peripherals you’re looking at almost a year of a legit VPN service
I saw what you wrote before it got deleted, my thought process is that oven if they could see the network traffic, it wouldn’t matter because so many people use airport/Starbucks/library wifi so the only way you could find the user searching it would be to get logs or users connected on the actual pi device
ive missed something here. i will not downvote or upvote till understand what ur saying. im actually curious as you could have a point.
i dont see how theyre modifying it personally though. im not a lawyer nor do i know much about the law surrounding it but from a networking point of view you are joining a device to their network. whether it be a tablet, a phone or a firewall… its your device and using their network to achieve what you want. as long as its not against their terms of use whats the issue? now going back to it. even if you were to add a rasperi pi to the network and created a vpn from it i still dont see how its modifying their network? you have joined a device to their network and vpn’d to it. now if you were to then use it for illegal activity then yes its illegal. but whether you are physically there or virtually there i dont see the difference. you havent “modified” their network. just left a device connected to it.
thatst he way i see it anyway.
Then Google, Apple, and every other tech company that opens a web socket to check for updates or send notifications is guilty as well. I think they would find a way to charge OP with something for sure, I don’t know what though.
If it’s what I’m thinking of, it was done by the library itself. Each of the Pis was monitoring Bluetooth, counting the number of individual devices, and the library webpage was using that to show how busy each part of the library was.
You say it’s not your intention to break laws and bet a felony on it yet you reply with stuff like this.
Can you elaborate a bit more on that?
I am thinking about other ways but I cannot really figure out a way to the to the pi without port forwarding * scratching head *
Is not easy to know that without access to the router, and that would degrade the service, not great if you are trying to hide in the network.
Ya. That’s how I would do it.
Fair enough. Still wouldn’t recommend it.
You’re expanding the scope of the network initially intended for customers of the store. Any other access besides the initial intent would be unauthorized access.
You would have to connect to the raspberry pi from outside the network.
Normally outsiders cannot connect to any device on the internal network. To do so usually involves opening a port on the router and doing port-forwarding such that if any outside IP connects on port 12345 it gets automatically routed to the device.
I think this is the mindset above poster was in. Either forgetting, or being unaware of more advanced alternative ways to get it working without modifying the network.
Hope that clears things up for anyone confused.
Yep, that one was done by a university. Student found one, thought it was a hacker, and instead of reporting it to IT, went on Reddit or whatever. Reddit immediately told him it was for hacking because it had a packet sniffer on it. Eventually a guy in Europe talked to them, ssh’d into it, looked at the code it was running, and realized it was for the aforementioned system that told people how busy things were around the university. By that time, it was a big enough story that the IT department saw it and was like, “um, can we have our property back?”
Why can’t the dude be curious about an idea he had. All my life I think of illegal shit I could be doing or stuff like this; but just cause you explore the idea and are interested in shit doesn’t mean you will act on it. Why are you on some crusade to discredit some dude asking a hacking question in r/hacking? Even if he was going to do something nefarious, this isn’t a whitehat sub, this is a hacking sub and this a hacking question.
So if you want to connect from your home machine through the Pi, you set-up port forwarding on your home router (say port 1234). You also setup a dynamic DNS if you don’t have a static IP (let’s say test.xyz). Finally, you install the server software there.
On the RPi, you write a script that tries to ping test.xyz. Once the Pi can ping it, the script checks if port 1234 is open. If it is, the script connect from the client on the RPi to the Server. You just have the script retry until it works.
Even if you don’t have the ability to port forward on the Server end, you can use a script to keep a predetermined outbound port open on the router, then catch the data that comes in on that port. It’s more work and not guaranteed, but it will usually work.
Making it a tor secret hidden would work
Either forgetting, or being unaware of more advanced alternative ways to get it working without modifying the network.
yeah i think this is where i went wrong. i assumed he knew theres more than one way in. so was curious as to the what the issues would be in his scenario. i try to hear things out no matter how much i think i know as sometimes someone will say something in a certain way that will make something else click. i had no clicks here… but always open for one! 
we can all always learn more from each other.