Monday, March 30, 2015

Ltsp (ubuntu 10.x) - a bit 0f safety.

In this section we will add some internet safety software and allow access to the net from the ltsp clients.

Step 1: Setting up a proxy

To filter the internet we need a tool to allow us to do that. Tinyproxy allows us to do that.

Launch the Synaptic Package Manager from the "System" -> "Administration" menu.

We need to make sure that community open source packages are available. To do that under the menu "Settings" select "Repositories". Make sure "Community maintained Open Source software (universe)" is selected.

Now on the tool menu click Search and type "tinyproxy". Right-click on "tinyproxy" and select "Mark for Installation". Now click Apply on the tool menu.


sudo apt-get install tinyproxy

Tinyproxy should now be installed.

Step 2: Content filtering.

Before we enable the internet connection to the thin clients we want to be able to filter or block sites that may not fit our needs. This is especially true for a day care center or even home use. Seems like it would take forever to build a list of sites that might be objectionable. Fortunately has a free list that can be downloaded ( go to ) and be used with the software we are going to install..

Dansgaurdian: DansGuardian is an award winning Open Source web content filter which currently runs on Linux, FreeBSD, OpenBSD, NetBSD, Mac OS X, HP-UX, and Solaris. It filters the actual content of pages based on many methods including phrase matching, PICS filtering and URL filtering. It does not purely filter based on a banned list of sites like lesser totally commercial filters. DansGuardian is designed to be completely flexible and allows you to tailor the filtering to your exact needs. It can be as draconian or as unobstructive as you want. The default settings are geared towards what a primary school might want but DansGuardian puts you in control of what you want to block.

Launch the Synaptic Package Manager from the "System" -> "Administration" menu. Now we can install DansGuardian, again click "Search" from the tool menu and type "dansguardian". Right-click on "dansguardian" and select "Mark for Installation". Now click "Apply" on the tool menu. The installation will error because DansGuardian is not yet configured.

(or sudo apt-get install dansguardian)

To configure DansGuardian, open a Terminal and type:gksudo gedit /etc/dansguardian/dansguardian.conf (or sudo nano /etc/dansguardian/dansguardian.conf)

Now comment out the line that says "UNCONFIGURED" by placing a '#' at the beginning of that line.

Find the line that says "proxyport" and change the proxyport value to Tinyproxy's default port#, which is 8888.

Note: the port is originally set to 3128 which is the default proxy port for squid proxy. An alternative to Tinyproxy. Instructions for setting this up are also in the Wiki, here, and it may be more suitable for network proxying

Save the file and exit.

Right-click on dansguardian in the Synaptic Package Manager again and select "Mark for Reinstallation". Click "Apply".

Congratulations! Your machine should now be running a fully functional Internet Content Filter on port 8080. To test your filter, open your web browser and tell it to use localhost port 8080 as its HTTP proxy.

To check configuration:

sudo /etc/init.d/dansguardian restart

You should get:

Restarting DansGuardian: * Restarting DansGuardian: [ OK ]

Step 3: Connecting to the internet.

You need to make sure some parameters are set up.

$ sudo nano /etc/network/options and it should have the following options.




then enable the connection

$ sudo sh -c 'echo 1 > /proc/sys/net/ipv4/ip_forward'

Now go to an ltsp client and see if you can get on the internet.

Step 4: Using a proxy.

Browse the Web with Firefox via a Proxy Server

SUMMARY: If security restrictions require accessing the Internet through a proxy server, here's how to configure Mozilla Firefox to do so.

For security reasons, if you access the Internet through a proxy server, you need to configure Mozilla Firefox with the correct settings, else you may not be able to access web sites, FTP servers, and the like through your web browser.

1. Click "Tools" - "Options".

2. When the "Options" dialog box appears, click the "Advanced" button.

3. Click the "Network" tab.

4. Click the "Settings" button next to "Configure how Firefox connects to the Internet".

5. A "Connection Settings" dialog box will appear. Here you can decide whether to use:

Firefox Connection Settings dialog box

* No proxy (default)

* Auto-detect proxy settings for this network

* Manual proxy configuration

* Automatic proxy configuration URL (if you select this, enter the URL).

6. If you require a proxy, auto-detection fails, and you do not have an automatic configuration URL, you need to configure Mozilla Firefox manually with the proxy settings.

* Enter proxy information for the following protocols: HTTP, SSL, FTP, Gopher (!), and / or SOCKS. If all use the same proxy settings, click the "Use the same proxy for all protocols" button.

* Next to "No Proxy for", enter addresses that don't require a proxy server to access.

7. When done, click "OK" on the dialog boxes to close them.

This tip was written for Mozilla Firefox v3.0.4. Screenshots and instructions for other versions may vary.
Step 5: Other packages to consider.

External project not included in Ubuntu at this time.

Teachertool - Fl_TeacherTool is a program to help teachers teach by utilizing the benefits of a Linux Terminal Server. It was designed to fit into the K12LTSP distribution but may also work with other LTSP system

Installable from ubuntu

ltsp controlaula - Classroom management tool (must be installed in client root not host root)

thin-client-manager-backend - control ubuntu LTSP connections

thin-client-manager-gnome - control ubuntu LTSP connections

Italic architecture.

ltsp update for Ubuntu 10.04

Picture of Part III LTSP Maintenance.

This is for LTSP,  mainly for keeping software installed via the standard repositories up to date.  You definitely really need to be at least an intermediate linux user to accomplish this project. Ask for help from an expert if you fell uncomfortable with it. With ltsp you really have two separate file systems to update. One for the regular file system and one for the file system clients. Actually you could have several file systems to update if you are supporting more than one kind of thin client hardware. By now you should be handy enough with the command line that I do not have to put a picture of every result. Quick hint: you can ssh into your server and then cut and paste all the commands from a file or this web page. That is what I am doing now.

Update the sources (where the upgrade/update files will come from).

$ sudo apt-get update

Do the upgrade

$ sudo apt-get upgrade

In some cases if you did a system upgrade instead of a clean install, you might not get all packages upgraded.

$ sudo apt-get dist-upgrade will usually do the job.

Last of all some clean up.

$ sudo apt-get autoclean

With the client directories, you want to make sure that the list of sources for the client file system is the same as the server or there will be some incompatibilities. (note: i386 is the architecture type.)

$ sudo cp /etc/apt/sources.list /opt/ltsp/i386/etc/apt/.

$ export LTSP_FILE_DAEMONS=false

Now you need to temporarily need to change file systems so that the updates go to the proper file system.

$ sudo chroot /opt/ltsp/i386

$ mount -t proc proc /proc

Here we go:

$ sudo apt-get update
$ sudo apt-get dist-upgrade
$ sudo apt-get clean
$ exit
$ sudo ltsp-update-kernels
$ sudo umount /opt/ltsp/i386/proc
$ sudo ltsp-update-sshkeys
$ sudo ltsp-update-image

One of the few times that rebooting the might be a good idea.

$ sudo chroot /
$ sudo reboot

So nice only to have to update just one computer instead of a whole lab full or more of computers. You would still work with user accounts and etc as you would with a standalone system.

PC diagnosis

What was the diagnosis from the famous MSWindows PC Tech doctor say about the linux box?

It's terminal.

Old time cable saver.

Ethernet splitter.variant cable saver. Need to be well shielded. Does not work on 1G networks.


Take the other end of the cable, cut it to 9 inches and punch down the four pairs using the following wiring scheme: You will need two of them.

Jack #1:

1 White/Orange to pin 1keystone jack
2 Orange to pin 2 keystone jack
3 White/Green to pin 3 keystone jack
6 Green to pin 6 keystone jack

Jack #2:

4 Blue to pin 2 keystone jack
5 White/Blue to pin 1 keystone jack
7 White/Brown to pin 3 keystone jack
8 Brown to pin 6 keystone jack

Once all the pairs are punched down, you can glue together side by side the two keystone jacks.
Screenshot from 2015-03-30 00:22:51

Old time cable saver.

Ethernet splitter.variant cable saver. Need to be well shielded.


Take the other end of the cable, cut it to 9 inches and punch down the four pairs using the following wiring scheme: You will need two of them.

Jack #1:

1 White/Orange to pin 1keystone jack
2 Orange to pin 2 keystone jack
3 White/Green to pin 3 keystone jack
6 Green to pin 6 keystone jack

Jack #2:

4 Blue to pin 2 keystone jack
5 White/Blue to pin 1 keystone jack
7 White/Brown to pin 3 keystone jack
8 Brown to pin 6 keystone jack

Once all the pairs are punched down, you can glue together side by side the two keystone jacks.
Screenshot from 2015-03-30 00:22:51

Sunday, March 29, 2015

Saturday, March 28, 2015

Caveat emptor.

Why I will not be using the newest version (much less any other) of Microsoft Windows.

Friday, March 27, 2015

Geek bucket list.

This is way out of date, but it has it's points

Done Item: Geek Bucket list. (from “Daily cup of tech”)

Geek Bucket list. (from “Daily cup of tech”)

1. Add a Third Monitor

2. Build a Linux Firewall

3. Build a Network File Server

4. Build a PC

5. Build a Robot

6. Build an HTML based Website using Notepad

7. Bypass a Computer Password on All Major Operating Systems

8. Bypass School or Work Website Blocks

9. Carry a Computer Cleaning Arsenal on Your USB Drive

10. Compile a Linux Kernel

11. Control Your House Lights with a Computer

12. Convert Cassette Tapes to Digital Audio Files

13. Crack a Wi-Fi Password

14. Create “Hello, World” in at Least Five Different Programming languages

15. Create a Disposable E-Mail Account

16. Create a Recovery Drive Image of Your Computer

17. Create a WordPress Plugin

18. Create a WordPress Theme from Scratch

19. Create an Add-On for Firefox

20. Create an SSH Tunnel

21. Create Music with Keyboard

22. Design and Build a Circuit Board

23. Do Cool Things to Altoids Tins

24. Download a Video from YouTube

25. Download Wikipedia

26. Execute a Shell Script

27. Find a Users IP Address on AIM

28. Find a Website IP Address Without Web/CommandPrompt Access

29. Flash System BIOS

30. Hack a Pop Machine

31. Hack a USB Drive Startup File

32. Hide a File Behind a JPEG

33. Homebrew Hack Game Systems

34. Increase Wi-Fi Range

35. Install a Content Management System for a Website

36. Irrecoverably Protect Data

37. Jailbreak an iPhone

38. Know the Meaning of Technical Acronyms

39. Know Who Mulder and Scully Are

40. Learn and Write Javascript

41. Learn At Least One Fictional Language

42. Learn Hexadecimal and Binary Number Systems

43. Learn How to Convert a DVD to x264 (or XviD or DivX)

44. Learn How to Hot Wire a Car

45. Learn How to Install Mac OS X on a PC

46. Learn How to Reset RAM

47. Learn Important Keyboard Shortcuts

48. Learn the Fastest way to Kill a Computer

49. Learn to Identify Keyloggers

50. Learn to Identify Major Constellations

51. Load Rockbox onto an MP3 Player

52. Lock Your Computer with a USB Drive

53. Make a Cat5 Patch and Crossover Cable

54. Make a Laptop Cooling Pad

55. Make Your Office Ergonomic

56. Mod a Flash Drive Case

57. Monitor Network Traffic

58. Mount and ISO in a Virtual DVD Drive

59. Move Completely To Open Source

60. Permanently Delete Data on a Hard Drive

61. Permanently Delete Your Facebook Account

62. Pick a Lock

63. Play a Geek Practical Joke

64. Play Retro Games without Retro Consoles

65. Put LEDs Inside a Light Bulb

66. Put Open Source Firmware on a Router

67. Read 1337 At Normal Speed

68. Recover Deleted Files

69. Recover Master Boot Record

70. Register Your Name as an Internet Domain

71. Remotely Control a Computer

72. Replace a Laptop Keyboard

73. Replacing a Laptop LCD

74. Retrieve Data off Hard Drive

75. Rip Streaming Videos

76. Run an Operating System from a USB Thumb Drive

77. Run Multiple Computers with one Keyboard and Mouse

78. Run Operating System inside a Virtual Computer

79. Run Your Own Ethernet Line

80. Screw with Wi-Fi Leeches

81. Setup a Computer in the Cloud

82. Setup a Streaming Media Server

83. Setup a VPN

84. Setup an Apache, MySQL, Mail, PHP server on Windows and Linux

85. Shrink a Website URL

86. Soldering Glasses Together

87. Strip Windows DRM

88. Surf the Web Anonymously

89. Survive in a Linux Argument

90. Tethering a Smartphone

91. Turn a Laptop into a Digital Picture Frame

92. Turn Webcams into Security Cameras

93. Unbrick a Smartphone

94. Understand What “There’s no Place Like″ Means

95. Unleash a Laser Pointer’s full potential

96. Unlock an iPhone

97. Upload a Video to YouTube

98. Use a Camera in Manual Mode

99. Use Bittorrent Effectively

100. Wire a Home Theatre System

Wednesday, March 25, 2015

Devil in the details.

Was trying to get a list of systems up on the network. would not work at all. It was driving me nuts. So I went to another system and it worked. 

$ cat
for i in {1..254}
ping 192.168.1.$i -c1 -w1 -v  | grep "icmp_seq=1"

$ ./
64 bytes from icmp_seq=1 ttl=64 time=0.623 ms
64 bytes from icmp_seq=1 ttl=64 time=0.113 ms
64 bytes from icmp_seq=1 ttl=255 time=4.77 ms
64 bytes from icmp_seq=1 ttl=64 time=1.26 ms
64 bytes from icmp_seq=1 ttl=64 time=0.306 ms

Went back to the original system and decided to do just one ping.

$ ping -c 1
PING ( 56(84) bytes of data.
64 bytes from icmp_req=1 ttl=64 time=0.363 ms

--- ping statistics ---
1 packets transmitted, 1 received, 0% packet loss, time 0ms
rtt min/avg/max/mdev = 0.363/0.363/0.363/0.000 ms

After looking at it about a thousand times, it finally hit me. The difference was reg vs seq. So I changed the batch file and all was well,

$ cat
for i in {1..254}
ping 192.168.1.$i -c1 -w1 -v  | grep "icmp_req=1"

$ ./
64 bytes from icmp_req=1 ttl=64 time=0.527 ms
64 bytes from icmp_req=1 ttl=64 time=0.293 ms
64 bytes from icmp_req=1 ttl=255 time=5.08 ms
64 bytes from icmp_req=1 ttl=64 time=0.264 ms
64 bytes from icmp_req=1 ttl=64 time=0.068 ms

Whew....  details details details.......

Monday, March 23, 2015

Nweb revisited.

Nweb ( is a neat little web server (among others) that does well on an embedded machine where static files are important to use, You can also use it in concert with a machine that already has a web server running, but beware it is not secure,  Generally it is for nix based systems, but might be able to be compiled on other systems.

The picture is a screen dump from a system accessing a Pogoplug running nweb on arch linux. Of course you need some content, but the source file for nweb comes with a bit of web content for testing. For testing you can use the source directory you will create. Remember you will have to have the development environment  already installed. Note: Good security recommends not having the web development on the system doing the serving.

$ mkdir nweb
$ cd  nweb
$ wget
$ unzip nweb
$ ls

client.c     nweb23_aix6_1_7          nweb23_RHEL63_64
favicon.ico  nweb23.c                 nweb23_SLES_11_64
index.html   nweb23_Fedora_17_64      nweb23_ubuntu_12_4_32  README.txt
nigel.jpg    nweb23_openSUSU_12_1_64  nweb23_ubuntu_12_4_64
nweb23_raspberry_pi      nweb.log

Then you need to compile the code.The notes say to use cc but you should really use gcc and the version s/b 23 not 22.

$  gcc nweb23.c -o nweb

Then you will want to test it out with an unused port number and specify the directory. We will use the current directory,

$ ./nweb 9000 .

and then using the url http://yourwebserver:9000 in the web browser, you should get:

You can always terminate the server with:

$ pkill nweb

Nweb is a simple way to server up documentation as needed.

Sunday, March 22, 2015

Recent collections.

Using legacy ports.

No-solder-parallel-port-break-out (Great for home control)
We are going to take the parallel port breakout cable and have some fun with the following code (which I may rewrite) and use some extra parts.
Part 1 C code
Code source
Note asm/io.h s/b sys/io.h in parcon.c
Part II Basic code:
Freebasic: (code snippet) (Note: Compiled code on linux must be run under sudo or root unless special rights are given to the program via chmod +s.)
rem turn on D0 (pin 2 on the parallel port)
out 888,1
rem get status and print to terminal
? inp(888)
rem turn off D0 (pin 2 on the parallel port)
out 888,0
rem get status
? inp(888)
Code Source
Circuit for testing the code. With the cable it will be easier to set up.

Simple LED driving circuits
You can make simple circuit for driving a small led through PC parallel port. The only components needed are one LED and one 470 ohm resistors. You simply connect the diode and resistor in series. The resistors is needed to limit the current taken from parallel port to a value which light up acceptably normal LEDs and is still safe value (not overloading the parallel port chip). In practical case the output current will be few milliamperes for the LED, which will cause a typical LED to somewhat light up visibly, but not get the full brightness.

LED and resistor

For reference purposes:
Other interesting info:
The joystick port can be also used too to collect data as we did here. We did not have a case to mount the parts so we just used an old particle board to act as a base and we have an altered plastic case for the emi and etc protection.

REM ***************************************************************
REM * program: doorchek.bas
REM * purpose check value of joystick port connected to door
REM * last update 02/04/1994
REM * Copyright (c) 1994 - 2010 Carboman
REM * All rights reserved.
REM ---------------------------------------------------------------
REM mainline
GOSUB housekeeping
GOSUB dothedoor
GOSUB endofjob
REM ---------------------------------------------------------------
REM housekeeping
REM ........................................
REM basic variables and flag settings
REM screentype% = 1 is 40 columns and 0 is 80 columns.
screentype% = 0
startflag = 0
TRUE% = -1
q$ = CHR$(34)
SCREEN screentype%
REM .........................................
REM give time before alarm system is set to evacuate
FOR click = 1 TO 5000: NEXT click
REM .........................................
REM header
title$ = "   Door switch recording system"
center = (W - LEN(title$)) / 2
PRINT TAB(center); title$
REM ..........................................
REM set datafile name to date and time
nowdate$ = LEFT$(DATE$, 2) + MID$(DATE$, 4, 2) + RIGHT$(DATE$, 2)
nowtime$ = LEFT$(TIME$, 2) + "." + MID$(TIME$, 4, 2)
nameoffile$ = nowdate$ + nowtime$
REM ...........................................
REM record starting time in file and on screen
fileaccess$ = "O"
doordid$ = "S"
GOSUB dofile
PRINT "  Started at: "; TIME$; " on "; DATE$; "."
REM ............................................
REM set further file writing to append
fileaccess$ = "A"
REM ............................................
REM hold header and start time on screen
REM ---------------------------------------------------------------
REM do the door
GOSUB getdoordata
GOSUB reportdoordata
GOSUB checkdearm
REM ---------------------------------------------------------------
REM check to system if de-armed
REM ---------------------------------------------------------------
REM end of job
doordid$ = "E"
GOSUB dofile
PRINT " System down at: "; TIME$; " on "; DATE$; "."
REM ---------------------------------------------------------------
REM get data from door
r = STRIG(1)
        CASE -1
                flag = 1
        CASE 0
                flag = 2
        CASE ELSE
                GOSUB errornotice
REM ---------------------------------------------------------------
REM report data from door
        CASE 1
                GOSUB doorclosed
        CASE 2
                GOSUB dooropened
        CASE ELSE
                GOSUB errornotice
OLDFLAG = flag
REM ---------------------------------------------------------------
REM door closed
IF startflag = 0 THEN
        startflag = 1
        doordid$ = "C"
        GOSUB dofile
        PRINT " Door closed at: "; TIME$; " on "; DATE$; "."
REM ---------------------------------------------------------------
REM door opened
doordid$ = "O"
GOSUB dofile
PRINT " Door opened at: "; TIME$; " on "; DATE$; "."
GOSUB doalarm
REM --------------------------------------------------------------
REM sound alarm
GOSUB domusic
REM gosub domodem
REM gosub dotalk
REM --------------------------------------------------------------
REM play music  (make up your own tune if you wish.)
PLAY "mbcdeccdecdeffdeffgagfecgagfecc<b>cc"
REM ---------------------------------------------------------------
REM do the modem thing
OPEN "com1:1200,n,8,1" FOR RANDOM AS #2
PRINT #2, "ATDT1234567;"
FOR clickon = 1 TO 10000: NEXT clickon
PRINT #2, "DT121212121212121212121212121212121212121212121212121212121"
FOR clickoff = 1 TO 10000: NEXT clickoff
REM ------------------------------------------------------------------
REM do the file thing
OPEN fileaccess$, #1, nameoffile$
PRINT #1, q$; doordid$; q$; ","; q$; TIME$; q$; ","; q$; DATE$; q$
REM ------------------------------------------------------------------
REM error notice
PRINT "  Error occurred, Warn supervisor NOW!"
REM ------------------------------------------------------------------
REM * program: doorchek.bas
REM * purpose check value of joystick port connected to door
REM * last update 02/04/1994
REM * Copyright (c) 1994 Carboman
REM * All rights reserved.
REM *******************************************************************
REM -------------------------------------------------------------
REM TALK MESSAGE  (requires external program!)
REM dotalkthing:
REM FOR Xit = 1 TO 3
REM talkmessage:
REM SHELL "say W-AH-R-N-IH-N-G, tz-eh-r ih-s ah-n IH-N-T-R-UH-D-R"

Friday, March 20, 2015

Nexus seven tablet now worthless.

Money for school test equipment down the drain.  Since  #Android does not want to support #ethernet , I no longer want to use android. Saying you do not support ethernet is amateurish. Not getting a new unit to get left out in the cold again. Android is getting the Apple/Microsoft  disease. Update: waiting to see if a5.1 fixes the issues.

Whoopie!! Ethernet is fixed, but still have to test a direct connection to the Arduino, Could not find a setting to set the ip address, so it looks like I will have to use a router to make it work.

Podcast tools

Here are a few little schematics and stuff I have collected. I will be adding more as we go along. Each of these projects are under ten dollars each.

An old computer (that has a soundcard with a microphone input) to use with a free program called Audacity (for an internet radio station you could use shoutcast and icecast also) installed. Yes, we acquired an old computer from a local user group for free. People (obviously Microsoft users) thought It was worthless. Linux makes computer equipment more valuable.

$ sudo apt-get install audacity pavucontrol

Step 1: Simple Microphone.

Microphone: (Any good piezo buzzer should work.) We tried several piezo buzzers and found the larger ones work better. I also plan to try some old speakers also. The real tiny piezo buzzers from old motherboards need a preamp (they are not loud enough and need additional electronics to help them work better). One interesting thing is that you can also use the piezo mikes as speakers in a pinch. I was able to use the piezo buzzer as a mike from without any preamp into my sound card. It needs a preamp. In fact, all I did was sing (if you want to call it that?) into the guitar.

Note: a lot of the dollar stores will sell a microphone for at or under a dollar. But if you do not have access to one this is an alternative.

Step 2: Simple amplifier 1

Simple preamp  for an electret microphone that you might find in some phones. Requires 3 - 9+ volts external battery or you probably could adapt a walwart.

Step 3: Simple amp 2

Requires a bit fancier darlington transistor. (mpsw45a = nte48)

Step 4: Simple amplifier 3

Another preamp thanks to Tom Engdahl.
(bc547b = nte123ap)

Step 5: Simple amplifier 4

If all goes as planned, Plan to use all 741 circuits to be consistent. Here is the last one.

Step 6: Simple amplifier 5

Yet another 741 audio amp.

Also pictured is the pinout for the lm386

Step 7: Simple mixer 1

Untested mixer: (Hook up several mikes to one input on computer.) (741 aka NTE 941m) Why do you need a mixer? You can use several microphones or sound sources with just one sound input on a sound card.  Of course, most sound cards have at least two inputs (aka stereo),

Screenshot from 2013-10-19 09:29:59.png



Step 8: Simple mixer 2

Another simple mixer thanks to Tom Engdahl (

Step 9: Putting it together.

So far I have shown you five amps and two mixers. Now it is time to put it all together. We will be using 741 opamp (lm741 aka nte941) circuits for both the amps and the mix to make the project simple if all goes according to plans.

Under  construction.

mike > preamp  >
mike > preamp  >  mixer > soundcard.
mike > preamp  >

For purposes of this demonstration we will only be using two amps and one mixer. (I know nothing about electronics.)

Step 10: Using Audacity

Audacity is a great "free as in speech" program for recording input from your sound card. You can almost be like a real recording studio,
You can get Audacity from: for the most popular platforms. On Linux it is usually in the distributions set of downloadable software. (i.e. sudo apt-get install audacity or sudo yum install audacity). has let some people host (i.e. allow everyone on the internet to access the podcasts) their podcasts on their site. See the site for more details.