Linux Controlled Door Entry

January 31st, 2010

Having recently moved to a new apartment, one of the first things that I decided to do was build an RC entry system 😉

Here’s some pictures:

Door Door

The black box at the top is a simple Velleman RC control kit and the black box below is a 240VAC->12VDC regulated converter.  The Velleman RC receiver has two relays, one connected to an electric strike lock and the other connected over the button input in the entryphone which unlocks the main door.

On the RC transmitter there are two buttons, and as they are currently connected, one opens the main door and one unlocks the electric strike on the apartment door, with a 5 second timer on each.

This works well so far and I have paired the transmitters with the receiver so that default unpaired transmitters will not activate the relays. A few weeks on, having already locked myself out once, the next step is to extend this project.

I intend to have the RC transmitter connected separately to some embedded linux board, probably the spare Alix and Phidgets boards I have from the robot I built a while ago. The linux board will signal over a separate frequency to this door entry system. The linux board will perform a variety of functions from logging entries to automated surveillance.  Additionally the linux board will have net access and possibly run asterisk. I can either SMS my way in or alternatively call in to asterisk and do some voice authentication. More to follow when I actually have time to get this done..

Website Security Scan

January 19th, 2010

Websites get hacked every day, customers details taken, and it’s usually REALLY EASY to do. As a security consultant,  I often get a call after a Google search turns up with my details as the guy to contact when this happens.

Shameless plug over, why not consider some of the things that can be done to help prevent a website breach..
Read the rest of this entry »

Escaping BASH variables for sed replace

January 15th, 2010

I came up against an issue in trying to replace a string with sed that contained special characters. Assume the following example:
LOG=”/var/log/apache2/iodigitalsec.com-access.log”;
cat /etc/awstats.template|sed s/TEMPLATE-LOG/$LOG/g

The sed fails because $LOG contains forward slashes. Instead, these must be escaped:

cat /etc/awstats.template|sed “s/TEMPLATE-LOG/$(echo $LOG | sed -e ‘s/\/\\/g’ -e ‘s///\//g’ -e ‘s/&/\&/g’)/g”

This doesn’t escape all special characters. The only characters that we need to escape are the backslash, the forward slash, and the ampersand.

Embedded Linux Programmer

January 15th, 2010

As an embedded linux programmer, I’ve had the opportunity to work on a number of different platforms, MIPS being one of my favorites.

There are a few general limitations that you’ll find. You have limited CPU power available, you have very little RAM available, and for more advanced operations and optimizations, your CPU will generally have a limited function set.

The usual good programming practices apply, but are of much greater importance. Specifically, don’t allocate memory that you don’t need, and dont put the CPU under undue stress with unnecessary or badly optimized loops. Taking C syntax and some pseudo code;
Read the rest of this entry »

PHP Security

January 14th, 2010

As a PHP programmer, there are a couple of things you can do quickly and easily to increase the security of your PHP code installation.

Look into PHP’s “safe mode” feature, ESPECIALLY if you’re running a webserver that takes the general public can upload scripts to. Here you’ll find a list of the functions disabled or restricted by safe mode. It is not strictly PHP’s job to restrict these types of functions, however unless you really know what you’re doing, the list of functions restricted by safemode is a good starting point for building secure applications. These are generally functions that allow file and directory manipulation, and socket manipulation. If it’s not possible within your environment to disable them all, disable as many of these functions as possible.

Although not that common, if I’m writing an application that heavily relies on functions that manipulate directories or sockets, I’ll prefer to create a C daemon or similar to handle this side of things and simply use PHP to communicate with it. Read the rest of this entry »

Linux Consultant – Server Management, Basic Housekeeping

January 1st, 2010

Server management is one of the most basic requirements in maintaining a healthy server/cluster, however, is often overlooked until something goes wrong.  In it’s most basic form, server management involves:

  1. Checking log files for size and suspicious entries
  2. Checking disk space usage
  3. Checking memory usage
  4. Checking for new packages (apt-get update; apt-get upgrade)
  5. Check load and process list
  6. Checking backups

Read the rest of this entry »