Track Your Missing Notebook with Pombo
To recover a lost or stolen notebook, you need all the help you can get -- and this is where Pombo can come in rather handy. The key component of the Pombo solution is a tiny Python script that runs on your notebook. The script runs quietly in the background and collects tracking information such as the IP address and information about all network interfaces as well as information about nearby wireless access points. In addition to that, the script can take a screenshot using the scrot tool and capture a snapshot with the notebook's webcam using the streamer utility. The script then packs, encrypts, and uploads the tracking information to a destination server.
To get Pombo running on your notebook, you have to install the required packages. On Ubuntu and its derivatives, this can be done using the sudo apt-get install traceroute scrot pngnq streamer command. Next step is to generate a public key. To do this, run the gpg --gen-key command and follow the directions. Once the system has generated the key, note the key ID which consists of 8 hex digits identifying the public key. In the example below, the GPG key ID is 1B2AFA1C.
pub 1024D/1B2AFA1C 2005-03-31 Dmitri Popov <email@example.com> Key fingerprint = 117C FE83 22EA B843 3E86 6486 4320 545E 1B2A FA1C sub 1024g/CEA4B22E 2005-03-31 [expires: 2010-12-31]
Export the created key and add it to the root keyring using the following commands:
gpg --export -a "Your Name" > publickey.key sudo -H gpg --import publickey.key
Grab the latest version of Pombo, unpack the downloaded archive and move the pombo.py file to the /usr/local/bin directory. Open the pombo.conf file in a text editor and modify the default settings as shown in the example below.
# Pombo configuration file [DEFAULT] gpgkeyid=1B2AFA1C password=secret serverurl=http://127.0.0.1/pombo.php
Move then the pombo.conf file to the /etc directory. Rename pombo.php4 or pombo.php5 (depending on which version of PHP is installed on your server) to pombo.php. Open the file, locate the $PASSWORD='mysecret' line, and replace the default password with the one you specified in the pombo.conf file. Upload then the file to your server.
On your notebook, you also have to create a cron job which will run the pombo.py script at predefined time intervals. To do this, run the sudo crontab -e command and add the desired schedule, for example:
@daily /usr/local/bin/pombo.py 2>/dev/null
The job above will run the script every day, discarding all error messages. To see whether everything works properly, run the sudo -H /usr/local/bin/pombo.py command. The script should display the Server responded: File stored message and upload an encrypted file on the server. To decrypt the file, use the following command:
gpg -d -o archive.zip archive.zip.gpg
Obviously, Pombo can be useful only if the person who has your notebook actually turns it on, logs into the system, and establishes an Internet connection. Considering that your notebook runs Linux, this is not very likely, but installing Pombo definitely won't hurt.
Outsmart the smartiesPeople, it's easy.
Set up your laptop for dual boot (resist the temptation to wipe windows when you install linux, I know it hurts to do that) BUT!!
Joe Fastfingers is just going to boot your unused windows install and thereby run the vast array of keyloggers you've installed, along with a few scripts that snapshot the person, post it on various social sites, and so on.
Of course, if the finder is just trying to return the laptop, this could all be very embarrassing.
So, I guess the "right thing to do" is avoid doing any dirty tricks until you give people a chance to be good citizens (yes, there are two or three of us who make an effort to return lost and found cellphones, ipods and so on).
An honest person won't want the notoriety, nor will a pickpocket, but it might be good in both cases.
Prey - !Use Caution!Be careful. The prey software tried to drop a virus caught by Avira Antivir into my XP system.
Re: What about Prey?Prey is next on my list.
What about Prey?I think thay Prey is a more complete solution than this. It seems like Pombo is a subset of what Prey can do, and Prey is multiplatform:
first boot and hopefully last boot for themwell, this is a good tool because they would have to at least boot it once to find out it is loaded with linux, not sure at what interval the tool reports but it might mean the difference between getting your baby back or not, even if it gets wiped before booting, your still not out anything that you werent going to be out anyway. so it is just one in a long line of safeguards.
PomboDo you think there is a correlation between steeling laptops and installing Windows?
Yep couldn't agree moreWe need something that is embedded in BIOS. Harddisk would be wiped anyway. I would like to see this python little script to run on wiped HD.
Just my 2 pennies
Stolen will be formattedIf its stolen it will be formatted to install Windows, and its gone for ever.
Azure CTO says Redmond has already considered the unthinkable.
Lead developer quells rumors that the Debian version is slated for center stage.
MSBuild is now just another GitHub project as Redmond continues its path to the light.
Malware could pass data and commands between disconnected computers without leaving a trace on the network.
New rules emphasize collegiality in coding.
Upstart lands in the dust bin as a new era begins for Linux.
HP's annual Cyber Risk report offers a bleak look at the state of IT.
But what do the big numbers really mean?
.NET Core execution engine is the basis for cross-platform .NET implementations.
The Xnote trojan hides itself on the target system and will launch a variety of attacks on command.