Tag Archives: computer

Foscam setup in Gigastrand OS

Foscam cameras come in a wide variety for sizes and styles and have a number of features, however, they are not very Linux friendly. Just to access the back end to change camera settings, a Windows executable is required. This is the case on some other cameras as well.

The good news is that the Foscam cameras can be configured to stream video to the Gigastrand NVR without having to access the back-end. Using the default username and password, you can reserve the IP address it pulls down in the router. Then, follow the instructions below. Source: http://foscam.us/forum/how-to-fetch-snapshots-and-mjpeg-stream-on-hd-cameras-t4328.html

Fetching JPG snapshots by URL (HD Video)

http://ip address:port/cgi-bin/CGIProxy.fcgi?cmd=snapPicture2&usr=admin&pwd=

Fetching MJPEG stream by URL (SD Video)

There are two steps needed to fetch the MJPEG stream.

Step 1: Set the stream to MJPEG.

http://ip address:port/cgi-bin/CGIProxy.fcgi?cmd=setSubStreamFormat&format=1&usr=admin&pwd=

Here “1” sets an MJPEG stream, if we don’t want to set the MJPEG stream, we would set the number to “0” which sets an H.264 stream.

When inputting this URL and pushing “Enter” in your browser, it will return the following result:

<CGI_Result>
<result>0</result>
</CGI_Result>

Step 2: After setting the MJPEG stream, it can be fetched using an HTTP URL.

http://ip address:port/cgi-bin/CGIStream.cgi?cmd=GetMJStream&usr=admin&pwd=

Simply replace the IP address, port, username, and password into the above URL to access your camera’s MJPEG stream.

Accessing Foscam Back-end Natively in Gigastrand OS 

If you absolutely have to access the camera back-end, it can be done with a Virtual box running Windows, however, there is a less complicated way to do this.

Using Crossover, install Firefox 20. Gigastrand OS comes with a 14 day trial of Crossover. You can use this Windows version of Firefox to download and install the web components executable. This has been tested to work, though you will not be able to view video directly from the camera. You can get around this by using the MJPEG video URL in a native browser.

Anatomy of an unsuccessful NVR attack

One of our NVRs was attacked recently using a known attack that would have compromised or destroyed an off the shelf DVR. The operating system was corrupted by the attack, but it effectively stopped the attack in its tracks. The damage was repaired in less than 45 minutes and only the software was affected.

We have learned quite a bit from the analysis of this NVR system. The attack was designed for Busybox – a version of Linux that runs many different types of embedded devices including security cameras and cheap DVR systems. The point was apparently to gain access to the system in order to use it in a distributed denial of service attack (DDoS).

We have been implementing new security rules on our NVR systems – with this system next on the list. We developed new security procedures after we posted this story from Ars Technica on our Gigastrand Facebook page. Changing default passwords is an easy and effective way to protect your system.

Many cameras also come with a proxy or Dynamic DNS service that allows easy access directly to the camera through a firewall. Gigastrand has been disabling these services on the cameras it sells. We recommend this for everyone using similar equipment.

We will soon be implementing changes that will make it easier for the end users to change default passwords on both the OS and NVR.

We tried a web traffic service – guess what we found.

About a month ago, we tried one of the many web traffic services from fiverr and analyzed the traffic. This is what we found:

  1. The traffic being driven to the site looked like a denial of service attack (DDoS). It was all bots, all Windows desktop PCs, and all highly suspect. While it was not a denial of service attack in the sense that it crashed the website, the traffic looked very much like a DDoS attack if it were done once every few seconds or so.
  2. The visitors were from different IPs. So it looked like unique visitors and sessions, but it was all bots.
  3. The product did not significantly impact bounce rate. It remained pretty much the same. Some bots would hang around and browse a couple of links at random to keep the bounce rate low. It was pretty easy to see what were bots and what were actual people as the browsing habits were different. Time per page was different.
  4. The product was advertised as “qualified” traffic. Not in the least. Bots from compromised Windows PCs do not count.
  5. The product was advertised as “unlimited” for 30 days. We got 700 to 800 sessions per day.
  6. The product was advertised as “1000+” visitors per day. We got 700 to 800 “visitors” per day.

The product as advertised is more or less a scam. It didn’t deliver what was promised and what it did deliver was on the backs of people with compromised machines (spyware/malware/virus) and that just isn’t right. If you have a low bounce rate, it will most likely drive the bounce rate up despite some of the countermeasures.

The most annoying thing it did was make it very difficult to properly analyze the qualified visitors. When we write an article and post it, the stats spike when people look at our post. It was very difficult to tell how big of a spike we had when we posted.

So, we are only out $6 in total but well worth the lesson. We won’t ask for our money back because we feel we got what we really were after out of it.

We are unable to review it on fiverr for some unknown reason.

Gigastrand’s 12 year old computer

In 2004, about the time Gigastrand was called LinspireNetwork, we built a computer. It was a secondary computer designed to run Linspire – a Linux OS we sold at the time. When Gigastrand was formed, it became the primary PC for Gigastrand in 2006.

pcdv0005

Since then, it has performed a number of tasks. In 2012, it was a development machine for Gigastrand OS and one of the first machines to be loaded with the new OS. It later became the Gigastrand internal server. I have written about it several times on the Mr. Gigabytes Blog and on LinspireNetwork (the predecessor of Gigastrand – long since defunct).

While this is the best documented PC, it is possibly not the oldest. From 2001 – 2004, Gigabytes Computer Store used a very specific type of computer case to build their PCs. We currently have one of those computers on our shelf.

cp1

When we found it, it was pretty much as you see it in the picture. Now it has been spray painted black and once served as a media center for my home. It has been recently restored as a media center in my home.

img00018

The story of longevity does not end there. From 1997 to 2006, I owned a Gateway 2000 PC that I kept running and functional. It served as the Gigabytes Computer Store’s point of sale and was eventually painted green and sold.

greenpos 1124_002greenpos

My home DVR has run since 2009 on all original hardware (sans main hard drive) and my original Gigastrand laptop ran for nearly 9 years before giving up the ghost in 2013.

2012-10-18-23-15-42

So, when it comes to choosing your next PC, are you going to choose one mass produced that might last a year or so? Or, will you choose one from a builder that knows how to make one that lasts?

User installed malware found on non-Windows machines.

In recent weeks, Gigastrand has seen 2 instances of browser extension malware installed by unwitting users on Safari in Mac OS and Chrome in Gigastrand OS v3.

This discovery makes a change in operating system ineffective when it comes to security. Malware seems to be targeting Internet browsers with the OS being a secondary consideration.

However, this is easily mitigated if users pay attention. These extensions generally require user permission to install – a fairly standard security precaution in browsers. Once installed, they can be easily removed from a browser by removing them in the extensions or plugins page for the browser. In extreme cases, the browser can be uninstalled and reinstalled.

One word of caution, browsers like Chrome will re-install an extension upon login. There is a narrow window of time between login and when the extension is reinstalled to be on the extension page.

A few pieces of advice to prevent this from happening.

  1. Don’t install plugins or browser extensions from outside sources.
  2. Read the prompts that popup on a website. Do not agree to install anything unless you know what it is.
  3. Watch the prompts for software carefully. Do not install programs that install 3rd party software as well.

Paying attention to what your computer tells you can prevent a lot of this from happening no matter what OS you use.

Executing .jar files in Gigastrand OS

Executing Java ARchive ( .jar ) files is not something that you will need to do everyday. However, if you are distributing executable archive content – say from a executable Ark file – the jar file is the only way to go.

From Wikipedia

In software, JAR (Java Archive) is a package file format typically used to aggregate many Java class files and associated metadataand resources (text, images, etc.) into one file to distribute application software or libraries on the Java platform.

In Gigastrand OS, .jar files are not associated with the installed Java Runtime Environment (JRE) 7 automatically. This is partly for security.

If you need to execute .jar files we will use the following example with KouChat.

  1. Right-click the .jar file and select Open With…
  2. In the top line, type in /usr/bin/java -jar
  3. Check Remember application association for this type of file
  4. Click OK

jar files example

Now you will be able to execute Java Archive files using the built-in java runtime. This should work for other games like Minecraft as well.

Never looking back: Why customers stay with Gigastrand

Gigastrand OS measurable recidivism rates are less than 3%. Which means people tend to stick with Gigastrand OS. Obviously, we are very happy with those numbers but wanted to find out what it was that our customers liked so we could keep doing it.

History
When the idea for Gigastrand OS was revived back in 2012, we tried to explain it to the Linux community as a “transitional Linux distribution”. Something to ease people into the Linux and safer computing. We were pretty clear that while our goal was to make a very good, well-supported OS, the target market wasn’t people who were already running Linux.

Today, we have stayed the course. The whole point of Gigastrand OS is to make it as easy as possible for someone to move away from other systems.

Less Support Required
When we incorporated Gigastrand OS into our business, support was a top priority after developing the OS itself. What we discovered was that people rarely needed support after converting to Gigastrand OS.

The average user will only seek help every 3 to 6 months for computer problems. This was also true of some Gigastrand customers, however, the average per-incident support cost went from $60 down to $15. The reason for this was the problems are easier to fix and far less severe on Gigastrand OS as compared to Windows PCs.

Reliability
When we took into account all of the other users who did not call into tech support, we found they were not having any issues. Users reported that there was no strange behavior, no slowdowns, no pop-ups, and whatever minor problem they did run into fixed itself after a restart – which they didn’t have to do very often.

Simple and Straightforward.
Gigastrand uses an older style menu that people have been using for decades. The main difference is that Gigastrand categorizes the programs instead of sticking them under a single subheading.

While most users admitted to only using a couple of programs, those that explored some of the other programs the OS has pre-installed said that they had no trouble finding and using them.

Performance
Users have reported being happy with the overall performance of the system, despite all of the pre-installed software that would normally bog down a system. Users with Gigastrand PCs, overall, felt the performance exceeded their expectations.

It does what users need and want it to do.
Gigastrand has worked very hard to do everything customers need and want it to do. Even on the rare occasion where it doesn’t do something the user wanted, that something is usually minor.

Quality
Even those who use Linux and try out new distributions regularly (sometimes known as “distro hoppers”) are impressed.

“It is a really good OS,” remarked one such individual. Though, then promptly explained that it wasn’t “technical” enough for him.

That’s ok, though. If people can recognize the quality of the product even if it isn’t specifically designed for them, we’ll take that.

TCP Flaw Workaround Patch for Gigastrand OS

A flaw for Linux devices – including Gigastrand OS – has been discovered as detailed at Hacker News

Researchers have uncovered a serious Internet flaw, which if exploited, could allow attackers to terminate or inject malware into unencrypted communication between any two vulnerable machines on the Internet.
The vulnerability could also be used to forcefully terminate HTTPS encrypted connections and downgrade the privacy of secure connections, as well as also threatens anonymity of Tor users by routing them to certain malicious relays.The flaw actually resides in the design and implementation of the Request for Comments: 5961 (RFC 5961) – a relatively new Internet standard that’s designed to make commonly used TCP more robust against hacking attacks.

Manual patch
You can add the following line to /etc/sysctl.conf (right click on sysctl.conf>Root Actions>Open as Text)
net.ipv4.tcp_challenge_ack_limit = 999999999
Then open a terminal and execute
sudo sysctl -p
and it will do the same thing as the patch below.
Automated Patch: Download – tcpatch.tar.gz
The above patch automates the process and contains a workaround implementation of a modified sysctl.conf that should protect Gigastrand OS and other Linux PCs from attack while a system patch is being developed. Instructions are below.
Chrome and Firefox will download the GsNVR.tar.gz file to Computer>Downloads (/home/user/Downloads).
  1. Extract the downloaded file with Ark to your home folder (/home/user) also called Computer
  2. Right-click on the tcpatch.sh file and select Properties
  3. Click on the Permissions tab and select Is Executable
  4. Click Ok

Now we are ready to install.

  1. Right click in a blank area and go to Actions>Open Terminal Here
  2. type ./tcpatch.sh or sh tcpatch.sh
  3. Your output should look like this:
tcpatch
tcpatch output screen

What Happened After Gigastrand OS Wouldn’t Install

When one woman bought a Gigastrand OS PC over 2 years ago, she knew she was moving from a slow, buggy, and out of date Windows PC to a brand new one with a different kind of operating system on it.

“I remember explaining to her that, if she absolutely hated Gigastrand OS, we can always just load a new version of Windows on it instead.” Gigastrand CEO Josh Tordsen explains. “But, I knew from over 15 years of experience in Linux, that she was the perfect candidate.”

Gigastrand built a system that they thought was future-proof. It was a fast system with plenty of memory and a large solid-state hard drive. More importantly, it was the first direct sale of a brand new Gigastrand OS system in South Dakota.

“The operating system software makes all the difference. It doesn’t just determine how user-friendly it is. It is one of the most important determining factors when it comes to system security, stability, and reliability.”

Recently, Google dropped support for 32-bit operating systems like Windows XP and Gigastrand OS 2.x. So when Chrome began telling its user that they were no longer supporting the operating system, Gigastrand was already trying to figure out what needed to be done.

“When I got her call, I was already seeing the same thing on my screen. I was still using gigastrand OS 2.x on my personal computers despite the fact we upgraded all the rest to 3.0 by that time. Ideally, we would have liked to use the multiarch feature in our OS to piggyback 64-bit programs on a 32-bit system. It would have extended usable life and compatibility for 2.0.  It seemed like we were so close to doing it too, but it proved impossible.”

Gigastrand began recommending that an upgrade to 3.0 was necessary to resolve the Chrome issue. Mr. Tordsen travelled to his customer’s house to upgrade her computer.

“It was going to be a straightforward upgrade. Backup data, pop the disc in, upgrade the system. We’ve done it hundreds of times.”

This time was different. Several errors were noted by Mr. Tordsen resulting in the system being unable to startup to the installation disc.

“I tried all the usual tricks. Is the disc dirty? Is it a bad disc? Was the version incompatible? Was the drive bad? Nothing worked. We even left site, made a new install image with some things removed, and tried again. That didn’t work.”

After the last attempt, Mr. Tordsen knew he would need to examine the problem more closely. He loaned her a laptop and took the computer to fix it. What he discovered was the hardware used in the original build was not compatible with 64-bit versions of Linux – including Gigastrand OS 3.0. The only option was a hardware upgrade.

As this was a new computer purchased with Gigastrand OS and the OS upgrade was the cause for the hardware requiring to be upgraded, Gigastrand chose to liberally interpret their Lifetime Upgrade Guarantee – which usually applies to hardware upgrades only – and give this customer the hardware she needed to upgrade to Gigastrand OS 3.2.

“All of the trips, all of the troubleshooting, and all of the hardware – and the customer only paid the cost of the software – $25. I don’t know of any other company that stands behind their products like Gigastrand does.”