Diary of a mad man
Computing
Tech talk, I won’t be responsible for your loss of the will to live!
Internet Catapult
May 3rd
In February 2010 I was asked if I knew of a way to throw wet sponges at someone when they donated money on the internet… A few weeks later I found myself in the back garden of a house with a hand built catapult, lot of wires and enough wet sponges to make It’s a Knockout jealous. Here’s what happened and how I made it work…
The Brief
The original brief was set by Claire Thompson as a fund-raising idea for Twestival UK. I think she wanted a simple screen display that would show when someone donated or tweeted a donation so that a wet sponge could then be launched at her in some stocks while the whole things was streamed online. I of course ran with this idea and by the time she had finished talking had proposed a sponge throwing catapult and automated launch mechanism that would fire automatically when someone donated.
The Build – Catapult
The catapult itself wasn’t that hard to build. With a huge amount of help from my father and my parents garage we made it up as we went along.
Items Used
- 2 x 4m lengths of 25x50mm externally treated wood (cut into 4 x 2m lengths to fit in my car)
- A garden gate hinge
- Something heavy (we used a large block of aluminium that we’ve had in the garage for years)
- A 5 litre container cut open to hold the wet sponges
- 2 bolts to hold on the heavy block
- A pile of wood screws
Construction took us an afternoon. I knew that a trebuchet would throw the sponges further but that they are also harder to setup and fire accurately so we settled on a classic catapult design, it only needed to last one day. We built the square frame first, then the middle bar and swinging arm before adding legs and weight.
After a few test fires in the garden it worked straight away but was obvious that it would have to be pegged down to be used. We could have made the legs bigger but we wanted to be able to get it in the boot of my car without disassembly!
The Build – Firing Mechanism
As is always the way, the hardware is the easy part, the software is the hard part! Having recently discovered the Arduino and itching to play around with the concept I started coding up something that fitted the bill. I won’t bore you with all the dead ends I went down however I did need to adjust the initial brief a little.
Items Used
- Arduino Duemilanove
- Arduino Ethernet Shield
- Arduino ProtoShield Kit
- Arduino Double Tall Extender
- Serial Enabled 16×2 LCD
- Continuous Rotation Servo
- Lots of Cat5 cable
The idea was to make the Arduino completely self running and getting it updates via the Ethernet Shield. What is the point of having an Arduino connected to a computer, you may as well programme the computer to do the same job. Having said that, I was running out of time and I realised that some people had already donated money to the cause. People that had already donated were due a sponge throw so while the system had to be automated it needed a way of manually adding launches.
Getting the Arduino to connected to the internet wasn’t too hard however I would be using this in a strangers back garden with no way of knowing how they connected to the internet. I decided to use the excellent DHCP and DNS library’s from Georg Kaindl which once set up saved me huge amounts of time debugging problems.
I also wanted a way of thanking the users that donated so used a serial enabled LCD screen to display where the donation had come from. This also proved very useful when it came to debugging as the serial console takes a long time to start on my computer (damn you Java). Using the LCD screen meant I could display debug information about the DHCP lease or status of the program without having to connect a computer.
The final part of the puzzle was the release mechanism. I used the servo and some gate hooks/eyes to create a firing pin which you should be able to see on the video below.
The program was originally setup to search twitter for keywords and while I could make it work I couldn’t guarantee that tweets wouldn’t be missed. I wanted to tie it into PayPal or another payment system but time was running out and I didn’t have any of the charity account details. So, I decided to cheat :-p
So that I could control the catapult remotely I decided to use the excellent txtlocal service which gives a free API for incoming SMS (and very good rates on outgoing ones too). This meant that I could send a text message from my phone and fire the catapult while displaying any message I like on the LCD screen. This was also a hack so that I can rate limit the firing and not miss any donations but it worked well!
The Results
On the day there were a few problems. The catapult was connected to the internet and worked perfectly! We did loads of test fires and there was no problems at all. Then we launched Ustream, and everything stopped. Ustream worked fine, the catapult worked fine, but the two together wouldn’t work at all. My hunch is that Ustream data was flooding the Ethernet shield and blocked all communication. After much cobbling we got things working enough to throw wet sponges and much fun was had by all.
Final Notes
Seeing as this entire project was done in a few weeks in spare time I think it went quite well. I have missed out a lot of my trial and error but please feel free to post questions in the comments and I’ll attempt to answer.
Silicone valleys, Germanium hills…
Dec 31st
Some things stay with you forever and I would like to think that the following little poem helped shape me. You see, the first computer I ever played with was the family Archimedes 310 and way before I had ever even heard the term “hacking” I was poking around in some of the library files trying to see how things worked. One of the first library files I looked at contained the following poem stuck in the middle of the code! I still don’t know who wrote it so I’m going to credit the author of the library. Surprisingly I can’t find this poem anywhere on the internet!
Silicone valleys,
Germanium hills,
Digital journeys,
And virtual thrills.Greetings, O hacker,
Feeling unwell?
Microchip tracker,
Welcome to hell.Jon Ribbens – DoggySoft
Securing Majordomo
Oct 14th
Did you know that buy default majordomo will give a list of all the addresses on your mailing list to anyone?
I have written a script that will tidy up majordomo config files as follows…
- Only shows lists you are subscribed to with the ‘lists’ command
- Does not allow anyone to use the ‘who’ command to get addresses
- Doesn’t allow anyone to use the ‘which’ command to get addresses
This can either be run once or added to /etc/cron.daily so that any new lists created are forced to the correct settings.
Simply download the file, change the directory path at the top of the file if required and execute. Download Here.
My backup solution
Dec 10th
I have just finished spending this weekend completely replacing my backup process. Seeing as a few people have asked and it’s all fresh in my head I’ll try and write down some key lessons/decisions I came across along the way… OK, OK, I want to show off a bit too :-p
I have a lot of very old boxes at home so the brief was to build a system that I could use as a web & mail server at home (I have pro hosting out on the internet for big projects), a file server (NAS) for home machines, a music server for home entertainment and a backup server to back up *all* my machines. I decided on an AMD 64 with 4 x 400GB SATA drives and an Adaptec hardware RAID controller set up as RAID 5. I chose CentOS for the OS and the now opensource cobalt GUI for mail & web (for those of you that don’t know there is a very nice combined installer). A combination of Ampache and mt-daapd work brilliantly as music servers.
But anyway, back to the backups!
I tried very hard to find an off the shelf package that was cheap/free but failed to find one that ticked all the boxes. In the end I picked rsync as my backup tool of choice and decided to roll my own, here is why…
Firstly rsync means that only data that has changed since the last backup will be transferred, this means it’s a lot quicker to backup an entire server both on the CPU and bandwidth. By shell scripting it I can make my backups do exactly what, my scripts are now over 700 lines but they do do exactly what I want and can easily force an extra backup of one or all machines at any time.
Using SSH (–rsh=ssh option) all communication between the backup server and the server being backed up can be done securely without opening any extra insecure ports on each system to be backed up.
SSH can also be used to automatically (and securely) log on to the remote system and run a system specific pre-backup script, I use this to do such things as export any MySQL databases so they can be imported back in instead of having to recover DB files.
The most powerful option is –link-dest which allows you to hard link unchanged files to a previous backup. This saves HUGE amounts of space on the backup server. e.g. I backup a machine (Fred), Fred has a 20GB HD and I back up/copy the entire drive excluding /proc and /dev. I now have a 20GB directory on my backup server. The next day I backup Fred again and –link-dest to yesterdays backup. Rsync compares the remote files with the local copy and if exactly the same will not bother transferring them but will hard link the new file to yesterdays file. Any files that have changed are copied down a fresh (or partially copied using yesterdays backup if possible). If only 100MB of files of changed since yesterday I now have two directories both with 20GB of files but only taking up 20.1Gb of space on the backup server!
My new backup scripts now do this every day and then have a script that keeps every days backups for a month, one backup a week for the previous month and one backup a month previous to that. Hopefully this means that I can recall previous work I have done and all while saving huge amounts of space.
While –link-dest is the most powerful option -n is definitely my favourite. A while ago I was in the unfortunate situation of having one of my internet hosting servers hacked. As I am sure you are aware when this happens you can trust NOTHING on the server, any binary could have been changed including ls & ps. By running a backup of the server but adding the -n option the backup did not back anything up but could show me every file that had changed since the last backup no matter how small the change. Very powerful when trying to find out what happened.
Other options I should mention are –bwlimit which is useful for backing up a live server over the internet and not maxing things out. -z which compresses the data and makes backing up even quicker. -a –numeric-ids good for backup.
Net result, I do full backups of 8 machines each night while only transferring files that have changed and have full backups going back for as long as I want.
Ooooo, I wrote a lot! Sorry about that. I hope it’s of use to people!
Checking for Rootkits
Aug 21st
In the same vein my last post, here is page on installing chkrootkit and Rootkit Hunter on CentOS / BlueQuartz.
A root kit is the name given to a piece of software written to try and elevate someone’s permissions to root level, commonly used by hackers/crackers/script kiddies to infect a system. There are many rootkit checkers however we are going to install two of the most common which are both are free and open source. Some people prefer one over the other, I say, why not use both!
chkrootkit
The website is http://www.chkrootkit.org/ and the following is based on v0.47
# Pick a location
cd /usr/local
wget ftp://ftp.pangeia.com.br/pub/seg/pac/chkrootkit.tar.gz
tar zxvf chkrootkit.tar.gz
rm chkrootkit.tar.gz
# Fix the permissions
chown -R root:root chkrootkit-0.47
cd chkrootkit-0.47
make sense
# A quick tidy up
mkdir docs src
mv *.c Makefile src
mv READM* chkrootkit.lsm ACKNOWLEDGMENTS COPYRIGHT docs
./chkrootkit -q > good.output 2>&1
# CHECK THE good.output FILE IS OK AND HAS A KNOWN GOOD OUTPUT
touch current.output
touch /etc/cron.daily/chkrootkit
chmod 755 /etc/cron.daily/chkrootkit
vi /etc/cron.daily/chkrootkit
# Place the following text in the file...
#!/bin/sh
SERVER=`hostname`
cd /usr/local/chkrootkit-0.47
rm current.output
./chkrootkit -q > current.output 2>&1
DIFF=`/usr/bin/diff current.output good.output`
ERRO=`/bin/cat current.output`
if [ "$DIFF" != "" ]
then
/usr/lib/sendmail -t << EOF
To: root
Subject: ${SERVER}: Chkrootkit Output
====> A diff between current and good output is:
$DIFF
====> The current output is:
$ERRO
EOF
fi
Rootkit Hunter
The website is http://www.rootkit.nl/projects/rootkit_hunter.html http://rkhunter.sourceforge.net/ and the following is based on v1.2.8
# Use a working directory where you can execute code
cd /home/.tmp
wget http://downloads.rootkit.nl/rkhunter-1.2.8.tar.gz
tar zxvf rkhunter-1.2.8.tar.gz
cd rkhunter
./installer.sh
cd ..
rm -r rkhunter rkhunter-1.2.8.tar.gz
# Rootkit Hunter does however complain about the user root-admin.
# As far as I can tell there is no need for this user on BQ so I remove it.
userdel root-admin
touch /etc/cron.daily/rkhunter
chmod 755 /etc/cron.daily/rkhunter
vi /etc/cron.daily/rkhunter
# Place the following text in the file...
#!/bin/sh
SERVER=`hostname`
OUTPUT=`/usr/local/bin/rkhunter --versioncheck`
EXITCODE=$?
if [ ${EXITCODE} != 0 ]
then
echo "${OUTPUT}" | /bin/mail -s "${SERVER}: Rootkit Hunter Output" root
fi
OUTPUT=`/usr/local/bin/rkhunter --update`
EXITCODE=$?
if [ ${EXITCODE} != 0 ]
then
echo "${OUTPUT}" | /bin/mail -s "${SERVER}: Rootkit Hunter Output" root
fi
OUTPUT=`/usr/local/bin/rkhunter --cronjob --report-warnings-only`
EXITCODE=$?
if [ ${EXITCODE} != 0 ]
then
echo "${OUTPUT}" | /bin/mail -s "${SERVER}: Rootkit Hunter Output" root
fi
I hope this is of help to people.
Things to do to a blank BlueQuartz install
Aug 21st
After just rebuilding a BlueQuartz box I thought I would copy my install notes. This is an entirely personal list of things that I do to a vanilla install of CentOS/BlueQuartz. I thought it may be useful to other people.
Contents
- Change root passwords
- Secure SSH
- Apache Obscurity
- Install ImageMagick
- PHP upload settings
- Add Mime Types
- yum checker
- Setup floppy drive
- Majordomo logfile
Change root password
BQ is initially set with no root MySQL password and the systems root password is set the same as the admin user. These should be changed to something different!
- Change MySQL password wth `/usr/bin/mysqladmin –user=root password NEW_PASSWORD`
- Change root password with `passwd`
Secure SSH
SSH is obviously better than telnet but did you know that the SSH protocol v1 has been cracked for quite some time now. I lock all my boxes down to only use protocol v2 and haven’t had any come back on compatability issues.
- Modify `/etc/ssh/sshd_config` to set `Protocol 2`
- Run `/etc/rc.d/init.d/sshd reload`
Apache Obscurity
Yes, this is security through obscurity but everything helps. The following will remove the “signature” at the bottom of pages generated by Apache and will also only report the webserver as “Apache” instaed of the full version number and OS
- Modify (and add if necessary) the following lines in `/etc/httpd/conf/httpd.conf` & `/etc/admserv/conf/httpd.conf`
ServerSignature Off ServerTokens Prod
- Run `/etc/rc.d/init.d/httpd reload`
- Run `/etc/rc.d/init.d/admserv reload`
Install ImageMagick
A must for most hosting nowadays. Simply run `yum install ImageMagick ImageMagick-perl` as root.
PHP upload settings
In this new broadband age people are uploading pictures and such to their sites so I change the PHP upload defaults. Change lines in /etc/php.ini (or your own php.ini) and run `/etc/rc.d/init.d/httpd reload`
post_max_size = 20M upload_max_filesize = 10M
Add Mime Types
There seem to be some common mime types missing from the default install. Add the following to `/etc/mime.types` and run `/etc/rc.d/init.d/httpd reload`
application/x-ms-wmz wmz application/x-ms-wmd wmd audio/x-ms-wax wax audio/x-ms-wma wma image/x-icon ico text/csv csv video/x-ms-asf asf asx video/x-ms-wm wm video/x-ms-wmv wmv video/x-ms-wmx wmx video/x-ms-wvx wvx
yum checker
Now I love the Nuonce/Solarspeed automatic yum installer however I like to install patches on systems when I am there, that way if there are any problems I can fix them straight away. I have this little script that mails me when there are packages to install.
- touch /etc/cron.daily/yum-check
- chmod 755 /etc/cron.daily/yum-check
- vi /etc/cron.daily/yum-check
#!/bin/sh
SERVER=`hostname`
OUTPUT=`/usr/bin/yum check-update`
EXITCODE=$?
if [ ${EXITCODE} != 0 ]
then
echo "${OUTPUT}" | /bin/mail -s "${SERVER}: Yum Updater" root
fi
Setup floppy drive
If your system has a floppy disc drive you won’t be able to use it until you run `floppy –createrc > /etc/floppy`
Majordomo logfile
I know it’s silly but I like all my log files to be in one place….
- cd /var/log/mail
- ln -s /usr/local/majordomo/log majordomo
I hope this is of use to people
UT2003/UT2004 Map pictures
Apr 2nd
As you may have seen I have written my own server query script for my Unreal Tournament Server mainly because I wanted to learn how to code UDP packets in Perl. However, when the script was finished I wanted a good picture of each map to show which map was currently playing so, to cut a long story short, after much messing around I created animated GIF’s for all the maps that that I used using the screenshot images from the maps themselves.
I figure that these pictures may be of use to other people with server query scripts so I am making them avaliable for people to use, all I would ask for is a link back to my page somewhere on your site (it’s not much to ask for). This thing has now ended up so huge and I have created 629 map pictures for UT2003 and now UT2004.
How to use
There are two ways to use these images, you can either download them and put them on your server for your script to use or you can call the images from my site. There are advantages and disadvantages to both…
- You will have to script what happens if the map picture doesn’t exist. If requesting the image from my server and the map GIF doesn’t exist the Unreal logo will be sent automatically.
- You will have to make sure the script that calls to the images are done in lower case. Requests to my server can be made in any case ( dom-aphrodite, DOM-Aphrodite, DoM-aPHroDitE, etc.) and will return the correct image.
- Uses YOUR disk space and bandwidth compared to using MY disk space and bandwidth.
View all the maps currently in the collection
Download the map pictures for your site – utmaps.zip (44MB)
…and please remember to link back to my site, I don’t ask much.
Link to the images on my site.
This is easily done…
- Prepend “http://www.dogsbody.org/utmaps/” to the beginning of the map file name.
- Append “.gif” to the end of the map file name.
- Call this URL as part of an image tag in your script.
- All GIF’s have a width of 256 and a hight of 128, if you specify this in your image tag the image will load faster.
If your script calls a map that doesn’t exist the Unreal logo will be returned.
Examples of the GIF’s
Adding to the collection
I’m afraid I am no longer creating these map pictures.
Thanks
I owe a big thank you to Lance (Throckmorton) and Konstantin (Inf*klarissa_(rus)) who have both created a bumber of new map pics that were perfect for the collection.
Feedback
If you have any questions or problem with these GIF’s then please don’t hesitate to contact me.
I would also love to hear any comments you have, good or bad.
Raq Site Bandwidth Script
Sep 30th
This script is for the Cobalt Raq4 (although I would love to know if it works with the Raq3 too??). It uses the internally generated /home/.cobalt/report/stats.tab file to display the bandwith used by each virtual site on the server even if your virtual sites are on the same IP address. The stats.tab file is generated by the Raq when it splits the log files up for each site. A total is kept for Web, FTP & E-mail by month showing the number of hits, transfers & mails as well as the total amount of bandwidth used for each one. This script displays that data with some nifty additions…
What it does
At it’s basic level this script displays the data in the stats.tab file in a webpage but it also…
- The script is password protected by default. If “admin” logs in they will see a summary for all sites. If a standard user logs in they will only see details of their own site. This means you can publish the URL and siteadmins can check their own sites usage.
- Add extra data to the stats. e.g. I run a Helix streaming server and split the logs in the same way to create my own stats.tab file for helix. This script will merge data from both.
- Two warning levels. If the usage for a site is over a two bandwidth levels it will be highlighted. These levels can be configured by you.
- Easy control over look and feel
Screenshots
Download
Installation
The setup should be pretty easy…
- Download the script from the site (‘wget URL’).
- Put the download where you want it.
- Extract the compressed tar using ‘tar zxvf raq-bandwidth.tar.gz’.
- Check the file permissions for the directory & files
- Check that the script runs first by browsing to the …./bandwidth/ directory.
- If it works the change any setup you wish to change in the top if the index.cgi script.
Feedback
I would love feedback on this script, good and bad. Thank you.
Changelog
- 1.04 – 30 Sep 2004
- Release to public
- Pre 1.04
- Beta Testing. Thank you Thom LaCosta & Florian Arzberger
Simply download the file, change the directory path at the top of the file if required and execute.
UT2k Query Script
Jun 4th
This is only the second script that I have actually published so I hope you like it. This script came about due to the huge interest in the script I wrote for my website that queried my UT2003 server and returned as much information as possible about the game to a page. Lots of people e-mailed me asking for the source so I tidied it up and that is what you see here.
This script works fine with UT2004 I just haven’t removed all the references to UT2003 yet 
I never claimed to be a professional Perl programmer and as such I would class this script as permanently in BETA. I am always looking for comments on my work so if you see an improvement that can be made to the code, have an idea for another project or just like the script then please take a moment to contact me .
What it does
This script queries the game server on the GameSpy query port (usually +10 from the base port), the results are then parsed and cleaned up to make them easier to understand (e.g. True/False is turned into Yes/No) before being output to an HTML page. The resulting page also includes the meta tag to refresh and so the browser window can be kept open and the page will automatically update itself. There are a number of configuration settings that allow you to tweak the timeout, refresh & title as well as page colour settings and as an optional setting you can include your own HTML before and after the query which allows you to keep the same look and feel of your site.
Screenshot
Download
Dependancies
This script requires the following things…
- Perl – It’s a perl script!! You will require v5.003 or above.
- A webserver – Anything that can cope with with CGI scripts written in Perl.
Installation
The setup should be pretty easy…
- Download the script from this site.
- Put the download where you want it.
- Uncompress the file using ‘gunzip ut2003-query.tar.gz’.
- Extract the tar using ‘tar xvf ut2003-query.tar’.
- Run ‘chmod 755 ut2003-query.cgi’
- Edit the path to perl in the first line of ut2003-query.cgi.
- Try running the script without changing any of the configuration, by default it should query my UT2003 server as long a your webserver can ‘see’ my UT2003 server ‘gamer.dogsbody.org’ e.g. your not on a LAN.
- Edit the configuration lines at the top of ut2003-query.cgi for your details…
- $server – Server hostname or IP address.
- $port – Server’s main game port.
- $queryport – The Gamespy query port offset, this should be “+10″.
- $timeout – How many seconds to wait for a response from the server.
- $refresh – How often to refresh the results page in seconds.
- $title – The title of the page returned which will be used in the header and at the top of the page.
- $bgcolour – The background colour of the page returned.
- $fgcolour – The text colour for the page returned.
- $lncolour – The colour of hyperlinks on the page returned.
- $headerfile – Optional: You can leave this field blank which will return the results in a generic page however you can set this to the path of an HTML file that can be included before the results page, this allows you to include whatever else you like on the results page to fit in with the rest of your site. Be warned the “” tags are returned at the top of all pages so your HTML should carry on from there. If you use this $bgcolour, $fgcolour & $lncolour will not be used as you can specify your own tag and $title will only be used for the text at the top of the page.
- $footerfile – Optional: As with the headerfile, this is the path to an HTML file that can be used to close off any tables used in the headerfile. This file SHOULD include the & tags.
- $pictureurl – Enter a URL or relational path to images of maps that this query should use. The text “MATCHTHIS” will be replaced with the map filename in lowercase. The default for this links to the images in my site which you are welcome to use, more details.
- $script – This should be set to the filename of the script (yes the file you are editing), this is used to call the script back and refresh the HTML page. If you set this to “$ENV{SCRIPT_URI}” it will automatically be set to the correct name on most web servers (tested on Apache, iPlanet & Netscape Web servers).
- And hopefully it will all work Happy Fragging
Notes / Known Bugs
The numbers of players on the server is returned twice, once as a player count which is reported in the bottom left table and also as each individual player statistic. Sometimes these two counts don’t tally up with the player count reporting a higher number. As far as I can tell this is correct as the player count reports on the number of connections to the server which does not necessarily mean they are playing the game (e.g. they are downloading the map or haven’t pressed fire to join the game)
The translocator field doesn’t work, data should be returned to show is the translocator can be used on the server however the data is empty each time. This seems to be a bug in UT2003, If anyone sees that this is fixed in a patch or something I will see if I can query that and turn this back on.
Changelog
- 3.00 – 04 Jun 2003
- First public release of code – removed all site specific stuff and tidied up.
- 2.xx – Various Dates
- Complete re-write of code using own UDP query to UT2003 server.
- 1.xx – Various Dates
- First write of a query script that used qstat to get details from server.
IT ‘nerds’ get more bedroom action
Sep 26th
With a title like that I just had to put this on my site!!
The archetypal image of the IT professional is of a nerdy bloke who spends most of his time by the computer. But Downtime can now explode that myth by revealing that “adult male nerds” have sex far more often than the average man.
This is the findings of a survey of more than 7,500 such individuals carried out in the US by IT recruitment Web site JustTechJobs.com. It discovered that these IT-focused lotharios have sex an average of 108 times a year, compared to the average of 79 times a year for non-ITers.
Russ Curtis, JustTechJobs’ chief executive said, “If these guys were anything like I was, they were picked on as kids, and probably didn’t kiss a girl until they were 23 years old. Now they have money and power and members of the opposite sex find them very alluring.”
Computer Weekly – 26 April 2001
Recent Comments