Track Your Missing Notebook with Pombo
To recover a lost or stolen notebook, you need all the help you can get -- and this is where Pombo can come in rather handy. The key component of the Pombo solution is a tiny Python script that runs on your notebook. The script runs quietly in the background and collects tracking information such as the IP address and information about all network interfaces as well as information about nearby wireless access points. In addition to that, the script can take a screenshot using the scrot tool and capture a snapshot with the notebook's webcam using the streamer utility. The script then packs, encrypts, and uploads the tracking information to a destination server.
To get Pombo running on your notebook, you have to install the required packages. On Ubuntu and its derivatives, this can be done using the sudo apt-get install traceroute scrot pngnq streamer command. Next step is to generate a public key. To do this, run the gpg --gen-key command and follow the directions. Once the system has generated the key, note the key ID which consists of 8 hex digits identifying the public key. In the example below, the GPG key ID is 1B2AFA1C.
pub 1024D/1B2AFA1C 2005-03-31 Dmitri Popov <firstname.lastname@example.org> Key fingerprint = 117C FE83 22EA B843 3E86 6486 4320 545E 1B2A FA1C sub 1024g/CEA4B22E 2005-03-31 [expires: 2010-12-31]
Export the created key and add it to the root keyring using the following commands:
gpg --export -a "Your Name" > publickey.key sudo -H gpg --import publickey.key
Grab the latest version of Pombo, unpack the downloaded archive and move the pombo.py file to the /usr/local/bin directory. Open the pombo.conf file in a text editor and modify the default settings as shown in the example below.
# Pombo configuration file [DEFAULT] gpgkeyid=1B2AFA1C password=secret serverurl=http://127.0.0.1/pombo.php
Move then the pombo.conf file to the /etc directory. Rename pombo.php4 or pombo.php5 (depending on which version of PHP is installed on your server) to pombo.php. Open the file, locate the $PASSWORD='mysecret' line, and replace the default password with the one you specified in the pombo.conf file. Upload then the file to your server.
On your notebook, you also have to create a cron job which will run the pombo.py script at predefined time intervals. To do this, run the sudo crontab -e command and add the desired schedule, for example:
@daily /usr/local/bin/pombo.py 2>/dev/null
The job above will run the script every day, discarding all error messages. To see whether everything works properly, run the sudo -H /usr/local/bin/pombo.py command. The script should display the Server responded: File stored message and upload an encrypted file on the server. To decrypt the file, use the following command:
gpg -d -o archive.zip archive.zip.gpg
Obviously, Pombo can be useful only if the person who has your notebook actually turns it on, logs into the system, and establishes an Internet connection. Considering that your notebook runs Linux, this is not very likely, but installing Pombo definitely won't hurt.
Outsmart the smartiesPeople, it's easy.
Set up your laptop for dual boot (resist the temptation to wipe windows when you install linux, I know it hurts to do that) BUT!!
Joe Fastfingers is just going to boot your unused windows install and thereby run the vast array of keyloggers you've installed, along with a few scripts that snapshot the person, post it on various social sites, and so on.
Of course, if the finder is just trying to return the laptop, this could all be very embarrassing.
So, I guess the "right thing to do" is avoid doing any dirty tricks until you give people a chance to be good citizens (yes, there are two or three of us who make an effort to return lost and found cellphones, ipods and so on).
An honest person won't want the notoriety, nor will a pickpocket, but it might be good in both cases.
Prey - !Use Caution!Be careful. The prey software tried to drop a virus caught by Avira Antivir into my XP system.
Re: What about Prey?Prey is next on my list.
What about Prey?I think thay Prey is a more complete solution than this. It seems like Pombo is a subset of what Prey can do, and Prey is multiplatform:
first boot and hopefully last boot for themwell, this is a good tool because they would have to at least boot it once to find out it is loaded with linux, not sure at what interval the tool reports but it might mean the difference between getting your baby back or not, even if it gets wiped before booting, your still not out anything that you werent going to be out anyway. so it is just one in a long line of safeguards.
PomboDo you think there is a correlation between steeling laptops and installing Windows?
Yep couldn't agree moreWe need something that is embedded in BIOS. Harddisk would be wiped anyway. I would like to see this python little script to run on wiped HD.
Just my 2 pennies
Stolen will be formattedIf its stolen it will be formatted to install Windows, and its gone for ever.
Xen project announces a privilege escalation problem for Qemu host systems
Attackers can compromise an Android phone just by sending a text message
PC vendor will pre-install Ubuntu on portables in India.
More embarrassment for Adobe's embattled multimedia tool
Mozilla’s script blocker add-on could be putting malware sites on the whitelist.
The Internet community officially banishes the notoriously unsafe Secure Sockets Layer protocol.
Popular desktop environment continues the Gnome 2 legacy – with new support for the Gnome 3 toolkit.
The Obama White House has issued a memorandum telling all US government agencies they must use HTTPS for all websites and web communication.
New program will dial up security for the Firefox browser.
Red Hat's community distro embraces the cloud.