Jump to content

oligarchy314

Active Members
  • Posts

    34
  • Joined

  • Last visited

Everything posted by oligarchy314

  1. @telot Thank you for your thoughtful post, and recognizing that I enjoyed this as a learning experience. That's what I was trying to share, the joy of learning new things. I like the look of TeamViewer better than a lot of things I looked at; it looks to function more like GoToAssist. I will also have to consider it for the future.
  2. Well, I'll really have to take a look at LogMeIn then. Ostensibly though, this post was more about setting up the php than the remote support stuff. That was just the back-story of why I set up the php.
  3. I didn't know that existed or had a free version. Taking a look at the differences between Pro and Free, it looks like the Free would almost give me the features of what I have, but I would lose file transfer capability, which my solution has both through TightVNC and through SSH (SCP). Also, I don't need this solution to work unattended on the client side. This was intended for me to walk my client through something, or for me to fix something while the client watched. So, my need for interaction with the client isn't a drawback either. Thanks for the reply though, I always like hearing about new things.
  4. So, I have a client (running Windows) that I wanted to setup a remote support solution for. I do not have the money to pay for a GoTo... service, so I went with setting up VNC (TightVNC) tunneled over SSH (FreeSSHd). I know this isn't the most elegant solution, but it works. This was also made infinitely simpler since TightVNC has updated their Java VNCViewer application to support SSH Tunneling directly in the viewer application. I knew I could script the starting and stopping of the SSH server and the VNC server along with adding port openings in the windows firewall of the client's machine. I also figure that I should safely be able to have a port forward in the client's router for SSH, especially if I only open the port on the desktop's firewall as needed. Also this should be reasonably safe as I set TightVNC to only accept loopback connections. So my client has a "start-remote-support.bat" and a "end-remote-support.bat" which is clear, concise and easy enough for my client to use. However, this still left me with one hangup. I needed the script that started the necessary servers and opened the necessary ports to also find me the client's external IP address, and display it for the client to tell me when he calls me for remote support. (In theory I could have used a DDNS service, but he has an AT&T provided DSL router which doesn't give me many options, so I decided to do something else). I was able to do this by having the "start-remote-support.bat" call wget, download the url http://icanhazip.com to a file, and I could then type that file to the screen with a message to call me and read me the IP address. This works great, but I was worried that if that website either changes their name, changes the way they return the address, or ceases to exist it would break my scripts. This lead me to add a little php to my own website, which I am recommending anyone else to add to their own website. In a sub-directory on my website, I have an index.php file which echo's the external IP of anyone visiting the page, followed by a newline character which I needed for formatting purposes. You may not want to newline so feel free to take that out. <? $ip = $_SERVER['REMOTE_ADDR']; echo $ip, "\n"; ?> This is simple and useful. Now there's no reason to ever use another site, which may change how they return the IP address, or disappear without notice. Finally, in the interest of completeness here is the code for the two batch files . . . Start-Remote-Support.bat @echo off title = Remote Support :: Start VNC echo Starting VNC Server. start "TightVNC Server" /D"%programfiles%\TightVNC" /B tvnserver.exe :: Start SSH echo Starting SSH Server. cd \ start "FreeSSHDService" /D"%programfiles%\freeSSHd" /B FreeSSHDService.exe :: Create Port Openings netsh firewall add portopening tcp 22 FreeSSHd netsh firewall add portopening tcp 5900 TightVNC :: Get IP address echo Retrieving external IP address. echo. wget -q -O ip.txt http://www.yourwebsite.com/your-subdirectory/ echo Your external ip address is: echo. type ip.txt echo. echo Call YOURNAME and tell [him/her] the address above. Please wait for them to echo connect, and look at the issue before continuing. You may minimize, but not echo close, this window, and continue working while they establish a connection. echo -Thank you in advance for your patients. echo. :: Pause to display info pause echo. :: Remove ip.txt and exit del ip.txt exit End-Remote-Support.bat @echo off title = Remote Support :: End VNC taskkill /F /IM tvnserver.exe :: End SSH taskkill /F /IM freeSSHDService.exe :: Remove Port Openings netsh firewall delete portopening tcp 22 netsh firewall delete portopening tcp 5900 :: Exit exit Thanks for reading, and I hope some of you also find this useful.
  5. In my experience, the configuration of these machines is usually done by the credit card processor. I've dealt with a few of these machines before and they were all provided by the respective company that did the processing. Likely your client will need to sign up with a processing service before you can make the machine work; they have to be authorized by the processing service before they will communicate with the provider. Once your client signs a contract with a provider, you will need to get on the phone with the tech support for the processing service and they will walk you through setup. It's not a matter of re-flashing the firmware, it's a matter of finding a provider that supports that machine, which I would guess most do, and then getting them to agree to letting you use your own terminal and authenticating it to their system. I was changing the machines I worked on from authenticating over phone lines, to authenticating over Ethernet/IP. I just called up the tech support for the processing company and they walked me through all the menus and magic passwords to set the necessary settings. However you should be aware that the processor has to add your machine to their server for it to function with their services. I had to first call the processing company and give them the serial numbers on the machines, they then had to set up their server to hand out AES encryption keys to the devices, and then I had to walk through the service menus to download the AES keys to the terminals. This took two phone calls to their tech support, but was basically painless. Did your client buy a used machine? You will likely need to reset it and then configure it to connect to whatever processor your client wants to go with. You should also make sure your client is aware that some processors have differing levels of priority with which they reconcile transactions and put the money into the client's account. I had a client that bounced a few checks because his processor took two days longer than they said to actually transfer money into his bank account. He was not happy, and they transferred his account to the next priority tier. The following were found using Google http://www.globalcheck.com/o37dload.html (I've used this system password before and it seemed pretty universal - "1 alpha alpha 66831") http://www.fixya.com/support/t8008018-tried_several_passwords Don't know if any of this helps, but hopefully ...
  6. I've been running Mint exclusively on my laptop for about nine months and have been loving it. It is/was an Ubuntu/Debian derivative (so it uses .deb packages). If you have multiple machines or are willing to dual/tripple boot, I would suggest having both a Mint and Fedora install to play with. Fedora uses .rpm packages, being a RedHat derivative. Hiren's is great; I'm fine with the current version of it, but there are those that say you should have a copy of of Hiren's from before version 11 (10.8?) and a copy of the current version. It used to be more greyware, but has gone fully legit since version 11. ... and here are some other tools to look at Repair/Rescue: UBCD / UBCD4Win / SystemRescueCD / TrinityRescueKit / RecoveryIsPossible Imaging/Cloning: Clonezilla / Gparted / Parted Magic / Fog The other tool I would suggest for doing diagnostic/repair work would be some sort of multiboot creation tool for USB/DVDs. There are lots of tools out there to make multiboot Linux USB drives or DVDs. However I prefer SARDU, with it I've made both multiboot Windows install DVDs and multiboot Linux/Repair DVDs and USB Drives. These save me a lot of space in my toolbox of repair gear that I carry around.
  7. The option I would recommend is either m0n0wall or Pfsense (based on m0n0wall). I don't know much about Pfsense, but I know m0n0wall has a voucher system as part of the captive portal. I'm not familiar with this particular function but there is more information out there. You can have the system give you a series of voucher numbers that allow a guest a set amount of time on the network. Given that you want to run this on an existing server without having to install new hardware, you may have to virtualize the install of the firewall and setup routing to go through the firewall VM on some sort of dedicated guest network. Again, not my forte, but I would imagine it's possible.
  8. Thanks, I will write up a recommendation that they move everything to more secure passwords, and add it to the final report on the project that will be included with the invoice.
  9. So I just finished my first big(er) project as an independant contractor, with a medium size apartment building. Working with existing cabling and wireless access points (read: consumer wireless routers) I replaced their aging Juniper firewall in the basement with a new firewall appliance (read: PC running m0n0wall). Now my question is this: how do I explain in a diplomatic and professional manner that they should at least change the default passwords on all their equipment, if not start using much more secure passwords everywhere? I put a semi-strong password on the m0n0wall, but all the access points are admin:admin, their surveillance DVR uses admin:admin, even the wireless router in the sports bar on the first floor uses admin:password. If I can convince them it's a good idea to use better passwords, I would then write up some documentation for the network and write down the passwords so they won't have to remember them but would keep them in a safe place. I'm looking for personal stories, and professional opinions. Thanks in advance.
  10. http://www.dealextreme.com/p/2-4ghz-2000mw-802-11b-g-n-sma-tnc-wi-fi-amplifier-booster-44104 http://www.dealextreme.com/p/2-4ghz-16dbi-sma-omni-high-gain-antenna-with-stand-for-wifi-wireless-network-2400-2500mhz-44410 I know, I know, it's not so much DIY, but it seems to be the only thing I've run across that matches the functionality OP says he needs. Awesome though that sounds do understand that if you're not careful, or just not living in BFE, that amp plus a high gain antenna and you may well be on your way to a nasty letter from the FCC, which seems to be the intent of the OP? If you're not concerned about the FCC slapping you with a felony for accidentally jamming someone else's space, or just operating outside of Part 15 rules, your next question is how hot is your adapter/router/ap/amp going to get trying to push that much power out. Just my two cents ...
  11. I can't say if anyone will actually be interested in this, but for anyone looking for very affordable hand tools and power tools, I thought I'd share. Also, having heard Harbor Freight mentioned before on Systm I thought it would be worth a shot to share this somewhere, and Hak5 seemed appropriate given Daren is now fully relocated to California. This script lets you use wget to directly download all of the monthly coupons on Harbor Freight's "magazine lander pages" as well as the weekly coupons that go out to HF email subscribers. There will be a number of duplicate coupons, but this is to your advantage. The purpose here is to maximize the number of coupons you have, in order to maximize the number of deals you can get, regardless of quantity limits per coupon. With this script, there is no reason to ever pay regular price at HF again. This script does not garantee that you will get the best price by using any of these coupons. Sometimes the best deal is to wait for a regular sale and use a 20% off coupon instead of an item specific coupon. Also, sometimes the best price is on a coupon that comes in the weekly news-paper rather than one on the HF website. Additionally if someone has any interest in re-writing this for linux/bash, that would be awesome. I was just working with what I know. Script Code Below.. :: HF Coupon Wget Batch Script :: written by Mark David Scott Cunningham, July 2010 :: :: "Shop smart. Shop S-Mart." --Ash, _Army of Darkness_ :initialize echo off setlocal :: Set title title=HF Coupon Download Script :menu :: Set iteration variable to zero set /A int=0 :: Print the menu cls echo ======================== echo MENU OPTIONS echo ======================== echo (W)eekly Coupons echo (M)onthly Coupons echo ======================== echo (Q)uit echo ======================== set /p opt="Enter Option Here: " :: Act on selected option if /I %opt%==w goto:download-weekly if /I %opt%==m goto:download-monthly if /I %opt%==q goto:exit :: Errorcheck echo Please choose from the options listed above! pause goto:menu :ask :: Ask what to do next cls set /p opt="Would you like to download something else? (y/n) " if /I %opt%==y goto:menu if /I %opt%==n goto:exit :download-weekly :: Ask for the weekend to download and then download it if available cls set /p wknd="Please enter the date of the nearest up-coming Monday (MMDD) " for /L %%i in (1,1,21) do wget -x http://images.harborfreight.com/cpi/emails/more_coupons/wkend%wknd%/images/%%i.jpg goto:ask :download-monthly :: Increment the iteration condition set /A int+=1 :: Check the iteration count and set the directory parameter accordingly if %int%==1 (set dir=^/1-automotive) if %int%==2 (set dir=^/2-boat) if %int%==3 (set dir=^/3-general) if %int%==4 (set dir=^/4-motorcycle) if %int%==5 (set dir=^/5-outdoor) if %int%==6 (set dir=^/6-truck) if %int%==7 (set dir=^/7-xtreme_sports) :: Download all the numbered coupon jpegs in the directory for /L %%x in (1,1,20) do wget -x http://images.harborfreight.com/hftweb/campaigns/mag_landers%dir%/images/%%x.jpg :: Download the flashlight and 20% off coupon from the directory wget -x http://images.harborfreight.com/hftweb/campaigns/mag_landers%dir%/images/flash_c.jpg wget -x http://images.harborfreight.com/hftweb/campaigns/mag_landers%dir%/images/20_c.jpg :: Check the iteration and if necessary repeat, else exit if %int% LSS 7 goto:download-monthly goto:ask :exit :: Wave goodbye to the user and exit cls echo. echo. echo Goodbye . . . echo. echo. pause exit
  12. I don't trust Steve Gibson as far as I could throw him, and I'm not sure I trust Spinrite either. The Rise and Fall of GRC It's just sad that Leo Laporte has become such a fanboy for Gibson. On a more helpful note, I experienced this error a few years ago. I did exactly what VaKo suggested and it worked out fine for me. I did have to reinstall WindowsXP, but it was my own fault that the computer borked in the first place.
  13. my main goal is reducing traffic from spammers and ad servers. Also I haven't decided to become a total dick about what the room mates do on the internet, so if I can just prevent them from getting into too much trouble, the better off I figure I am, in the event that they are torrenting or otherwise and decide not to stay as on the level as I might like them to be.
  14. I created a hosts.deny file in CIDR notation from the lists I have using the Blocklist Manager from bluetack.co.uk. They are in the form xxx.xxx.xxx.xxx/xx I can't really tell if this is working or not. Do I have to use the format xxx.xxx.xxx.xxx/255.255.255.0 or something simmilar where the second half is the net mask? Here is the file if anyone wants to look at it. (hosts.zip)
  15. I like this idea. Simple, straight forward, and effective. I just need to convert the list I have to the proper format for the hosts.deny file. The list I have uses xxx.xxx.xxx.xxx-yyy.yyy.yyy.yyy and my understanding is that the hosts file uses xxx.xxx.xxx.xxx/xx, a perfect job for regular expressions. Working on that now; once I finish I'll post the file if any one else would like to use this.
  16. This is not exactly what I was looking for, but it does look like useful information. What that site is explaining is how to add a block list of domains to the DNS, so that users on the LAN can't navigate out to malicious sites. What I'm really looking for is a way to explicitly block bad ip ranges from connecting in to my internal network. I do understand that with NAT realistically there shouldn't be any unsolicited traffic allowed in past the firewall anyway, but just in case there is an outbound request is made to a bad network, I would like to make sure that any inbound responses are stopped on the way back in. My initial thoughts were to use the iptables firewall system that Smoothwall uses for this, but to do it without having to manually enter in a huge list of ip's. I will have to do some more reading on DNS and Bind, and see if adding the blocklist to the DNS and using Smoothwall as my DNS caching server would do the same thing as what I was thinking of. I already have the Smoothwall set up to use OpenDNS instead of my ISP as the DNS servers, but I'll see what I can see. Thank you for your assistance so far.
  17. So the neighbor was tossing a P-II, 450MHz machine (c. 1998). I of course picked it up for a Smoothwall box, and got to work. I added 4 NICs because I can (green, orange, purple, red), and installed Smoothwall 3.0. Now what I'd like to do is have a script to parse through and permanently add all the entries in the block list ipfilter.dat (or any other plain text ip black list) to the iptables inside Smoothwall, but I don't know much about iptables or shell scripting for that matter. Just throwing this out to the linux admins in the community. Reading through the Smoothwall forums, I only found a few things close to what I was looking for and most people were pooh-pooh-ing anyone who would do this as an obvious pirate without giving any useful advice or solutions. I also found a post that said adding a block list of that size would bog the machine down. That's as maybe, but I still want to try. I just happen to be a belt and suspenders, and fire and duct tape sort of person on security. I already run PeerGuardian on my WinXP machine; just thinking it would be nice to have that sort of filtering in a router type device, without manually entering 254,000+ ip ranges. I did find this script, but I don't know enough to know if it works or not, but thought I should add this as a starting point for anyone that's interested. ipblock.sh As an aside, I have previously been able to manually add home brew mods from Sourceforge to the box without any major trouble, so I'm not afraid of the shell, vim, or using secure ftp to get files onto the machine, as I have used all of those before; just looking for some advice and/or assistance.
  18. Shoot to wound is a myth. Period. All police shoot to kill, every time. They use what they politely called the zipper method, they start shooting at your belly button and then start to "zip" up until you stop moving or they run out of ammunition. What police are trained to do is neutralize whatever threat is coming at them. Not that this is a self defense thread, and I suspect that earlier comments were meant in jest, but I hate for inaccurate information to be out there. This is true though ... I suggest reading a very good book by Massad Ayoob (Wikipedia) called In The Gravest Extreme (Amazon). He lays out what kind of weapon to use for your size and level of training, and also what to expect after you are forced to defend yourself with a firearm. He also outlines the legal ramifications of defending yourself with deadly force, and why you should avoid using deadly force if at all possible.
  19. I got the Sandisk Sansa 1GB that was on woot.com a while ago. Would it be possible to use the aforementioned power adapter set up to charge a rechargeable NiCd cell that would be soldered into the mp3 player? something like this http://www.partsexpress.com/pe/showdetl.cf...tnumber=140-189
  20. First I just want to say that I like the concept of this. I agree that this isn't any faster than typing in all the commands directly from the command line, but I think this could be modded to make it more efficient. I do also like the idea of adding ping and tracert to the options listed. The number one option that I think should be added is the ability to pipe the output to a file, so you can review the output later. Actually it would be really cool if you could if there was a subroutine that ran through a set of commands and piped the output to a file that was formatted something like ... On &lt;date&gt; at &lt;time&gt; the following information was gathered about &lt;machine name&gt;. ipconfig &lt;output&gt; ping www.google.com &lt;output&gt; tracert www.google.com &lt;output&gt; I would say to name the file something like "<date>_<time>_<machine name>.log" for ease of organization and filing later on. I could see this as being a tiny tool for quickly analyzing the connectivity of a machine, not that there aren't already far more robust things, but I like the concept of this and it's simplicity. The other thing I would add would be a subroutine that does in batch script what repairing the connection through the GUI does. This I could see as very useful. First you check the connectivity, then if the connectivity is bad, you just pick the option to repair the connection, and recheck the connectivity, all without leaving the command line. I'm going to see what I can do and will post any results.
  21. My understanding is if you stay under 500ft you're fine, the FCC won't bother you. If you want to go beyond 500ft radius, say up to a 1mile radius, I think you need a Class D broadcasters license, but even that is just an application you have to fill out, and then just you have to have something you can legally broadcast 24 hours a day. (However if you're short on legit content, just take whatever show you have and repeat it until it fills up the 24 hours of the day.) The Ipod adapter is probably only good up to 10 or 15ft, but if you don't mind soldering and some calculations, there are mods on the Interwebs where you crack those little adapters open and switch out the antenna to give it a major power boost, say up to 100 or 200ft. I did some looking around for info to put in this post, but mostly what I see about modding is about modding the iTrip for Ipod or the FM adapter for the Zune. I'm not seeing a whole lot about generic antenna replacement modding.
  22. Nvidia FX5200 2x 15" LCD 1024x768 Not the most horsepower, but it gets the job done. I was using two separate video cards, then my PCI card died on me. I only spent one week with a single monitor, but it was enough to convince me I never want to go back.
  23. If you want something like FreeNAS that has print server support I would recommend Clark Connect http://www.clarkconnect.com/downloads/isos.php. The community edition is free. I use it myself for all sorts of server needs. It also has a rather large set of CUPS print drivers, is really easy to get set up, and it has a great web interface for all of its configuration.
  24. Here is a great resource for everything you can do with an autorun.inf file http://msdn2.microsoft.com/en-us/library/bb776823.aspx As for your question about launching two applications at once, though, I think the answer is to add a shellexecute entry into the autorun.inf file, or to point the Open entry at a batch file that will open the two applications in question. First the usage of the shellexecute entry ... [autorun] action=Label for open action open=File you want to open with the open command shellexecute=file you want to run automatically every time The shellexecute entry will open the files listed every time you insert the drive into a computer, the open entry will only be executed when you select that option from the autoplay menu. Using the shellexecute allows you to have multiple entries for programs/files you want to run every time you insert the drive, and you can use it to have non-executable files also open upon drive insertion. shellexecute=my_file_1.txt shellexecute=my_file_2.htm shellexecute=my_file_3.bat ... Now if you don't want any particular thing to open every time you insert the drive but would rather have a certain set of things happen when you select the Open option from the Autoplay menu, then I would say you just have to write a simple batch file that opens multiple files, and then point your autorun.inf at that batch file. Autorun.inf [autorun] action=Label for Open command open=batch_file.bat batch_file.bat (this is just a text file with the extension changed from txt to bat) :: Startup Batch File start [relative path to program2]executable_file.exe :: Example entries start AppsFirefoxPortableFirefoxPortable.exe start launchpad.exe ... I hope that helps, I know that for me, I created a GoToWork.bat file on my thumb drive that is linked to the Open command in the autorun.inf and that batch file loads Firefox Portable, Pidgin Portable, uTorrent, and SciTE (my preferred text editor). There is more you can do with an autorun.inf, but I think this should at least be a good start.
×
×
  • Create New...