Matthew Gyurgyik

I needed to obtain the firmware for my KWorld ATSC 115 which uses the nxt2004 demodulator. The kernel module saa7134 requires the nxt2004 firmware to operate correctly. In the past the process to obtain the firmware was easy, but now that avermedia-usa now longer makes available the driver, it was much harder to track down the need firmware file.

The problem:

m2n:~ $ /tmp/get_dvb_firmware nxt2004
--2012-07-06 22:51:22--  http://www.avermedia-usa.com/support/Drivers/AVerTVHD_MCE_A180_Drv_v1.2.2.16.zip
Resolving www.avermedia-usa.com... 66.85.153.58
Connecting to www.avermedia-usa.com|66.85.153.58|:80... connected.
HTTP request sent, awaiting response... 404 Not Found
2012-07-06 22:51:22 ERROR 404: Not Found.

wget failed - unable to download firmware at /tmp/get_dvb_firmware line 662.

I figured I could just search for AVerTVHD_MCE_A180_Drv_v1.2.2.16.zip or dvb-fe-nxt2004.fw and be in business. Unfortunately, it was not that easy as it took me over an hour to find the file.

I came across linux-firmware-nonfree_1.11_all.deb which contained nxt2004.fw

Since it was so hard to find the firmware file I decided to mirror it along with the original deb package that I got it from.

Files:

• dvb-fe-nxt2004.fw
• linux-firmware-nonfree_1.11_all.deb

To Install:

1. wget http://pyther.net/files/firmware/nxt2004/dvb-fe-nxt2004.fw
2. cp dvb-fe-nxt2004.fw /lib/firmware
3. reload appropriate module or reboot
4. check out dmesg to confirm firmware was loaded

Hope this has helped someone…

Best practice states that passwords should contain letters (mixed case), numbers, and symbols, should be at least 8 characters in length, and should never be used twice. However, this isn’t very practical! How are you suppose to remember a different password for each site you have an account for?

I have been using 4 different password for my various accounts. This method has been working moderately well, but from a security standpoint, it’s suicide. I wanted to use a random password for each of my accounts. But, how would I ever remember all my passwords? A password manager, of course!

What I needed:

• Passwords stored in an encrypted file
• Master password to unlock the encrypted file
• View passwords from the cli/ssh
• Include additional information such as Security Questions and Answers
• Integrated support for Firefox

What I used…

Vim Outliner

Vim Outliner is an outline processor. A screenshot is worth a thousand words.

Encryption

By default when you save the file it will be a simple tab delimited text file. Vim, however, supports encryption. First, you need to set the encryption method by typing :setlocal cm=blowfish. If you want Blowfish to be the default encryption method for vim add the setlocal command to ~/.vimrc. Next, to encrypt the file, type :X. You will be prompted to set a password. Finally, save the file. When you open the file, you will be prompted for the password. If you fail to enter the right password you will see garbage characters.

Firefox Integration  (Mozilla-gnome-keyring)

Mozilla-gnome-keyring allows Firefox to store passwords and form logins in gnome-keyring. Gnome-keyring is much more secure than the default password manager in Firefox. The mozilla keyring must be unlocked to add / retrieve passwords. You can define how long the keyring should remain unlocked for (never, 15 minutes, 60 minutes, etc…). On my desktop I unlock the keyring for 60 minutes, but on my laptop I only unlock it for 10. When logging into a site, Firefox still prompts to  “Remember the Password”.  If you let Firefox remember the password, the password automatically gets recorded in the keyring.

Conclusion

I have been using this solution for about a month and it has fit my needs perfectly. I updated most of my accounts so they each have an unique password such as Dmqngi8ZoPyO or XGVoBOmd7Gar. Passwords are being stored twice: in the password file and in gnome-keyring. Since mozilla-gnome-keyring takes care of adding the passwords into gnome-keyring when I login to a site, I only have to record/update my passwords in the encrypted text file. In the rare case that I’m not at my computer, and I need a password, I simply ssh into my server and open the password file in vim.

Although the password file and keyring is encrypted it is still subject to a brute force attack. Make sure to use a strong master password, the longer the better. I would suggest at least 20 characters. In 2009, it would take a super computer 1.5hrs to crack an 8 character (alpha only; lower-case) password, but it would take 631 Billion years to crack a 20 character (alpha only; lower-case) password. Remember, as computers advance these times will decrease. And of course, a key logger could compromise the master password nearly instantly.

http://www.lockdown.co.uk/?pg=combi&s=articles

I wanted to monitor the downstream and upstream power levels on my Scientific-Atlantic modem (provided by my ISP). My intended goal was to keep logs of the power levels and if my modem “froze” then I could go back to the logs and look for any abnormal power levels.

At first, I just logged the power levels to a simple text file. This worked, but the aggressive logging I was doing generated a lot of data. I thought it’d be nice to see how the power levels changed throughout the day.

The following emerged:

Logging Script (python)

#!/usr/bin/env python2

import urllib2
from BeautifulSoup import BeautifulSoup
from lxml import etree
from StringIO import StringIO
import sys
import datetime

URL = 'http://192.168.100.1/system.asp'

def timestamp():
    now=datetime.datetime.now()
    return now.strftime("%b %d %H:%M:%S")

def error():
    print "Error"
    return

try:
    page = urllib2.urlopen(URL, timeout=10)
except:
    print timestamp() + ": # dBmV (rx), # dBmV (tx)"
    sys.exit()

soup = BeautifulSoup(page)

# Remove   markups, because they break the XML parser.
f = StringIO(str(soup.findAll('tbody')[0]).replace(' ', ''))

dom = etree.parse(f)
nodes = dom.xpath('//font')
# We take every value we can get, but do not use them, yet
modemvalues = []
for i in xrange(0, len(nodes), 2):
    modemvalues.append((nodes[i].text, nodes[i+1].text.strip()))

rpl = float(modemvalues[5][1].split(' ')[0]) # dBmV
tpl = float(modemvalues[6][1].split(' ')[0]) # dBmV

print timestamp() + ": " + str(rpl) + " dBmV (rx), " + str(tpl) +" dBmV (tx)"

Usage: ./getModemPl.py >> logFile (cron job)

Output:

Nov 06 22:30:41: 0.7 dBmV (rx), 35.4 dBmV (tx)
Nov 06 22:31:41: 0.8 dBmV (rx), 35.4 dBmV (tx)
Nov 06 22:32:41: 0.9 dBmV (rx), 35.4 dBmV (tx)
Nov 06 22:33:41: 0.5 dBmV (rx), 35.4 dBmV (tx)
Nov 06 22:34:41: 0.5 dBmV (rx), 35.4 dBmV (tx)
Nov 06 22:35:41: 0.5 dBmV (rx), 35.4 dBmV (tx)
Nov 06 22:36:41: 0.6 dBmV (rx), 35.4 dBmV (tx)
Nov 06 22:37:41: 0.7 dBmV (rx), 35.4 dBmV (tx)
Nov 06 22:38:41: 0.7 dBmV (rx), 35.4 dBmV (tx)
Nov 06 22:39:41: 0.7 dBmV (rx), 35.4 dBmV (tx)
Nov 06 22:40:41: 0.7 dBmV (rx), 35.4 dBmV (tx)
Nov 06 22:41:41: 0.6 dBmV (rx), 35.4 dBmV (tx)
Nov 06 22:42:41: 0.7 dBmV (rx), 35.4 dBmV (tx)

Graph Generator (takes every 5th log entry)

#!/bin/bash

if [[ ! $1 ]]; then
    echo "No File to Parse"
    exit
fi

startRange=$2
endRange=$3

tmpDir="/tmp"
currentDir="$PWD"
logFile="$1"
data="/tmp/modempowerdata"

# Takes every sample from log File
#cat $logFile | sed 's/.dBmV.(rx),//' | sed 's/.dBmV.(tx)//' | sed 's/: / /'  | perl -pe 's/(.*?)\s(.*?)\s(.*)/$1-$2-$3/;' > $data

# Takes every 5th sample (we log every minute)
cat $logFile | sed 's/.dBmV.(rx),//' | sed 's/.dBmV.(tx)//' | sed 's/: / /'  | sed -n 'p;n;n;n;n;' | perl -pe 's/(.*?)\s(.*?)\s(.*)/$1-$2-$3/;' > $data

date=$(head -1 $logFile | cut -d' ' -f1,2)
date2=$(echo $date | sed 's/ /-/')

png="$currentDir/$date2.png"
svg="$currentDir/$date2.svg"

#rm "$data"

plot=""

cat << EOF | gnuplot
#
# --- gnuplot ---
#
# PNG output
#set terminal png enhanced size 1400,900
set terminal pngcairo size 1200,600 enhanced font 'Verdana,10'
set output "$png"

# SVG Output
#set terminal svg enhanced size 1440,900

# Adds White Background to SVG
set object 1 rect from screen 0, 0, 0 to screen 1, 1, 0 behind
set object 1 rect fc  rgb "white"  fillstyle solid 1.0
#set output "$svg"

# Line Sytes
set style line 1 lc rgb "#8b1a0e" pt 1 ps 1 lt 1 lw 2
set style line 2 lc rgb "#5e9c36" pt 6 ps 1 lt 1 lw 2
set style line 12 lc rgb '#808080' lt 0 lw 1

set timefmt "%b-%d-%H:%M:%S"
set grid
#set grid back ls 12
set key left box
set title "$date - Power Levels"

# X Label
set xdata time
set format x "%H:%M"
#set xlabel "Time"

# Y Data
set ylabel "dBmV (rx)"
#set yrange [-2:2]
#set ytics 0.2
set yrange [-1.6:4.4]
set ytics 0.2

# Y2 Data
set y2range [31:37]
set y2label "dBmV (tx)"
set y2tics 0.2

plot "$data" u 1:2 ls 1 axis x1y1 ti "rx" with lines, "$data" u 1:3 ls 2 axis x1y2 t "tx" with lines

EOF

Notes:

• Usage: ./graphModemPower.bash /path/to/logfile
• Modify yrange and y2range to scale to appropriate power levels for you

Graph:

Feel free to use the scripts,  they work for me, and hopefully they work for you. As always, use at your own risk.

Since weather.com is ending their free XOAP service conkyForecast will no longer work at the end of this month.

Therefore I wrote a small script to get the temperature and condition from Weather Underground

#!/usr/bin/python
#
# Fetches Weather info from Weather Underground
#
# Usage: ./wundergound.py zipcode
#
# International:
#  * Go to http://www.wunderground.com/
#  * Find your city
#  * Click the RSS icon
#  * Station ID is the number that follows /stations/ in the url
#
#

# Values are either True or False
metric=False
international=False

import sys
import feedparser

def usage():
    print("Usage:")
    if international:
        print("  ./wunderground.py StationID")
    else:
        print("  ./weunderground.py zipcode")
    sys.exit(1)

if not len(sys.argv) == 2:
    usage()

location=sys.argv[1]

if international:
    url="http://rss.wunderground.com/auto/rss_full/global/stations/"
else:
    url="http://rss.wunderground.com/auto/rss_full/"

feed=feedparser.parse(url+location)

if not feed.feed:
    # Assume Error
    print("Error")
    sys.exit(1)

current=feed['items'][0].title

if metric:
    temp=current.split(",")[0].split(":")[1].split("/")[1].strip()
else:
    temp=current.split(",")[0].split(":")[1].split("/")[0].strip()

condition=current.split(",")[1].split("-")[0].strip()

print('%s - %s' % (temp, condition))

Example:


$ ./wunderground 11201
69.6F - Clear


I’m using this script for my conky config:

${execi 600 /home/pyther/scripts/wunderground 11201}

So for whatever reason you need to install Windows 7 from a flash drive that’s not a problem!

In Linux:

1. Format flash drive: mkfs.vfat -F 32 /dev/sdx
2. Set Label: mlabel -i /dev/sdd1 ::WIN7x64 (optional)
3. Download Grub4Dos – http://download.gna.org/grub4dos/
4. unzip grub4dos-0.4.4.zip
5. Run ./bootlace.com /dev/sdx
6. Copy grldr and menu.lst to the root of the flash drive
7. Add to menu.lst

   title Install Windows 7
   root (hd0,0)
   chainloader (hd0,0)/bootmgr

8. Copy Win 7 Install files to root of USB flash drive.
9. Boot Flash Drive – Select Install Windows 7

TIP: To install any version of Windows 7 (Home Premium, Professional, Ultimate) remove ei.cfg from the sources directory. However, you still need a product key for the appropriate version.

In Windows:

1. Format Drive as Fat32
2. Copy Files from Install DVD to Flash drive

That’s it, boot from the flash drive you are all good.

Note: The windows disk formater writes code to the MBR and VBR. This obvisouly doesn’t happen in Linux therefore we need to use grub4dos as our bootloader.

I was looking for a solution that would allow me to remotely connect to machines on the local network. We often get phone calls form users asking for help. It is way easier to provide help if we can see their screens and we usually end up having to visit their workstation. This can be time consuming, especially when we are in the middle of a project.

In my search, I came across a wonderful gem called Microsoft Remote Assistance which happens to be included in Windows XP/Vista/7.

How does it Work?

1. Tech enters the Machine name of the client that he/she wants to provide Remote Assistance to.
2. User is prompted to allow Tech to view their computer (Yes/No)
3. Tech then can request to take control
4. Again, the user is prompted to allow the tech to take control

Enabling Remote Assistance on the Domain (via Group Policy)

Computer Configuration -> Policies -> Admin Templates -> System -> Remote Assistance

• Offer Remote Assistance -> Enable
• Solicited Remote Assistance -> Disable (If you don’t want your users requesting others for Remote Assistance)

You then have two choices “Allow helpers to control the computer” or “Allow helpers to only view the computer”. In addition to selecting one of these choices, you have to add the users and groups that should be able to provide remote assistance.

Offering Remote Assistance

• Start -> All Programs -> Maintenance -> Windows Remote Assistance or type in msra.exe
• Click “Help Someone who has invited you”
• Click “Advance connection option for the help desk”
• Lastly, enter the machine name or ip address of the machine you want to provide Remote Assistance to

How can I possibly remember all the host names?

I’ve created a small C# application that you can have your users run. I would put it on a shared drive and push out a shortcut via group policy.

WhoAmI

Source: WhoAmI.zip
Bin: Included in source ./WhoAmI/bin/Release/WhoAmI.exe

Offering Remote Assistance – A nice GUI app

Although the method mentioned above works it is long and convoluted. I put together a small  C# app to easily offer Remote Assistance to a user.

The app simply calls msra.exe /offerra <hostname>

Source: RemoteAssistance.zip
Bin: Included in souce ./RemoteAssistance/bin/Release/RemoteAssitance.exe

Ideas for the two Easy GUI apps came from SYNACK over at edugeek. http://www.edugeek.net/forums/coding/49448-easy-gui-remote-assistance-support.html

More Information:

• http://windows.microsoft.com/en-US/windows-vista/Windows-Remote-Assistance-frequently-asked-questions
• Step-by-Step Guide to Remote Assistance

Why would I want to use Conditional Forwarding?

In my case, my local dns server has entries for local hostnames such as m2n.ion.lan, mongo.ion.lan, and tux.ion.lan. If I am using the vpn dns, then these address lookups would fail. By using Conditional Forwarding I can do all lookups locally, except for ones that match the remote top level domain (example.local). Anything that matches example.local would be forwarded to the remote dns server.

Problem:

1. Connect to remote vpn server and use local DNS server
2. Ping server.remote.local (remote FQDN) – fail
3. Ping server.ion.lan (local FQDN) – success

Of course the remote ping fails because the local DNS server knows nothing about the remote domain. If I was to configure my machine to use the remote DNS server the opposite would happen. I would be able to ping server.remote.local, but a ping to server.ion.lan would fail.

Solution: Use dnsmasq with conditional forwarding to forward *.work.local requests to the remote dns server.

1. Install dnsmasq using your local package manager

2. Edit /etc/dnsmasq.conf

# Tells dnsmasq to forward anything with the domain of remote.local to dns server 10.25.11.2
server=/remote.local/10.25.11.2

# Listen to requests only coming from the local machine
listen-address=127.0.0.1

# Do not cache anything
# A decent dns server will already cache for your local network
cache-size=0

3. Edit /etc/resolv.conf

# Local LAN Domain
domain ion.lan

# local dnsmasq server
nameserver 127.0.0.1

# Your main dns server (dnsmasq will forward all requests to this server)
nameserver 10.20.1.1

4. Start dnsmasq

5. Test – ping a local server and remote server using the FQDN

All dns requests will be forwarded to 10.20.1.1 except any matching *.remote.local. server.remote.local will be forwarded to 10.25.11.2

The OpenVPN server can pass DNS servers and a domain name to the client. This gives the benefit of using the remote dns servers for local hostname lookups.

Finding a good script that worked to do this provide difficult…

In server.conf add:

push "dhcp-option DOMAIN ion.lan"
push "dhcp-option DNS 10.25.11.2"

Then save this script on the client in same location as the client config

#!/bin/bash

case "$1" in
    up)
	    mv /etc/resolv.conf /etc/resolv.conf.bak

		echo "# Generated by OpenVPN Client UP Script" > /etc/resolv.conf
		for opt in ${!foreign_option_*};
		do
	        echo ${!opt} | sed -e 's/dhcp-option DOMAIN/domain/g' -e 's/dhcp-option DNS/nameserver/g' >> /etc/resolv.conf
        done
        ;;
    down)
        mv /etc/resolv.conf.bak /etc/resolv.conf
        ;;
    *)
        echo "Pass either UP or DOWN"
        ;;
esac

In the client.conf add

script-security 2

up "./vpn_dns_update.sh up"
down "./vpn_dns_update.sh down"

Now connect and check /etc/resolv.conf to see if the VPN nameserver and domain is listed.

Syslinux is a simple bootloader for fat, ext2/3/4, and brtfs.

Syslinux works in the following way (in a nutshell):

1. MBR looks for the active partition (the one tagged as bootable)
2. The MBR loads the code found on the partition’s boot sector and executes it
3. This code then loads the rest of the boot loader code from /boot partition (file: ldlinux.sys)
4. COM32 modules are loaded to provide extra functionality such as a graphical menu or chain loading

For a more detailed explanation: https://wiki.archlinux.org/index.php/Syslinux#Syslinux_Boot_Process

Sample configuration:

UI vesamenu.c32
DEFAULT arch
PROMPT 0
MENU TITLE Boot Menu
MENU BACKGROUND splash.png
TIMEOUT 100

MENU WIDTH 78
MENU MARGIN 4
MENU ROWS 5
MENU VSHIFT 10
MENU TIMEOUTROW 13
MENU TABMSGROW 11
MENU CMDLINEROW 11
MENU HELPMSGROW 16
MENU HELPMSGENDROW 29

# Refer to http://syslinux.zytor.com/wiki/index.php/Doc/menu

MENU COLOR border       30;44   #40ffffff #a0000000 std
MENU COLOR title        1;36;44 #9033ccff #a0000000 std
MENU COLOR sel          7;37;40 #e0ffffff #20ffffff all
MENU COLOR unsel        37;44   #50ffffff #a0000000 std
MENU COLOR help         37;40   #c0ffffff #a0000000 std
MENU COLOR timeout_msg  37;40   #80ffffff #00000000 std
MENU COLOR timeout      1;37;40 #c0ffffff #00000000 std
MENU COLOR msg07        37;40   #90ffffff #a0000000 std
MENU COLOR tabmsg       31;40   #30ffffff #00000000 std

LABEL arch
	MENU LABEL Arch Linux
	LINUX /vmlinuz26
	APPEND root=/dev/sda2 ro nomodeset
	INITRD /kernel26.img

LABEL archfallback
	MENU LABEL Arch Linux Fallback
	LINUX /vmlinuz26
	APPEND root=/dev/sda2 ro nomodeset
	INITRD /kernel26-fallback.img

As you can see, the majority of the config contains MENU statements declaring colors and positing for the menu. If you removed all the MENU statements, the config would be less than 20 lines.

Screenshot:

I was lazy and took a screenshot of the Arch Linux installer menu. The configuration above generates the same menu, except there are only two boot choices, Arch Linux and Arch Linux Fallback.

The arch wiki has a whole lot of good information on configuring Syslinux. https://wiki.archlinux.org/index.php/Syslinux

Well after some experimentation and playing around I have found some new information out regarding listening to iheartradio from the command line in Linux.

Newer versions of mplayer have support to play the rtmp:// protocol eliminating the need for rtmpdump.

Quick Recap on how to grab the rtmp:// url from an iheartradio stream

• Go to http://p2.STATION_ID.ccomrcdn.com/player/player_dispatcher.html?section=radio&action=listen_live; where station id is the call letters (ex: wtfx-fm)
• The attribute primary_location in <stream> contains the rtmp url

NOTE: The RTMP URL changes every 5-10 minutes! You must fetch the new url everytime.

To play the stream with mplayer:

mplayer "rtmp://cp21366.live.edgefcs.net/live/Lou_KY_WTFX-FM_OR..." -novideo

The -novideo option is very improtant otherwise mplayer will take 5+ minutes trying to find video for the stream (there is none).

This is all great, but this is a lot of work everytime you want to listen to a iheartradio stream. Therefore I have coded up a script.

The Script:

• Asks you for the station id (ex: wtfx-fm)
• Asks how long the stream should play for
• Check for song information every 10 seconds
• Not Perfect (Alpha Quality)

#!/usr/bin/env python

import subprocess
import time
import urllib2
import xml.etree.ElementTree as ET
import os
import datetime

#Location of Stream to be SAVED
DefaultStation="wtfx-fm"

def getXML():
    data=urllib2.urlopen('http://p2.'+station+'.ccomrcdn.com/player/player_dispatcher.html?section=radio&action=listen_live').read()
    xml=ET.fromstring(data)
    return xml

def getSongInfo():
    xml=getXML()
    artist=xml.find('ListenLiveInitialize/JustPlayed/song/artist').attrib['name']
    title=xml.find('ListenLiveInitialize/JustPlayed/song/track').attrib['track_title']
    return artist,title



while True:
    station=raw_input("Enter Station ID [" + DefaultStation + "]: ")

    if not station:
        station=DefaultStation
    try:
        xml=getXML()
    except urllib2.URLError:
        print "Error - Invalid Station ID or Web Server Problem - Try Again"
    else:
        break

while True:
    try:
        TIME=int(raw_input("Time Stream will Play (in minutes): "))
    except ValueError:
        print "Error - Invalid Time - Try Again"
    else:
        break

rtmpurl=xml.find("ListenLiveInitialize/StreamInfo/stream").attrib['primary_location']

mp=subprocess.Popen(['/usr/bin/mplayer', rtmpurl, '-novideo', '-ao', 'alsa', '-quiet'], stdout=subprocess.PIPE, stdin=subprocess.PIPE, stderr=subprocess.PIPE)
mpPID=mp.pid

endTime = datetime.datetime.now() + datetime.timedelta(minutes=TIME)

OldSongInfo=[]

while datetime.datetime.now() < endTime:
    SongInfo=getSongInfo()
    if not SongInfo == OldSongInfo:
        OldSongInfo = SongInfo
        print SongInfo[0] + " - " + SongInfo[1]
    time.sleep(5)



print("Stopping MPlayer...")
os.kill(mpPID, 2)

print "Done"

N900

I got this script working on the N900 by downloading the Maemo 5 SDK and compiling the mplayer binary from a recent svn snapshot. Luckily, I didn't run into any problems. Although mplayer works with the N900, without any patches, it is not flawless. For example, video  gets jittery and skips when the backlight switches off. I would recommend leaving mplayer form extra installed and storing the mplayer you compiled in /opt. With audio playback I  do not have any issues, especially with the iheartradio rtmp stream!