Jeremy Kister on 14 Aug 2010 02:58:23 -0700


[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

Re: [PLUG] Laptop recovery--useful data to collect?


On 8/14/2010 12:00 AM, Gordon Dexter wrote:
ALERT=laptopstolen.mydomain.com

#The host must be created to activate the tracker
host $ALERT || exit

neat idea, but this may not work as well as you intend.

If you're going to go this way, be sure to check your domain's SOA -- because you're telling foreign name servers to cache the fact that "laptopstolen.example.com" does not exist.

so, suppose someone steals your laptop, he turns it on, your code runs, but you havent configured your dns yet. the name server that the laptop is using will get a nxdomain and cache it (in my case, my domains' negative caching time are set for 42 minutes - 60 minutes is very common, but plenty of sites (like myspace) have it set up for 24 hours).

this would cause the thief to have the laptop on, and even at this point (after it's checked once) if you create your laptopstolen record, he'll be able to stay online for $nx_cache seconds without sending your server the data you now desire, and you'll be *hoping* that he stays on longer.


a different, but very similar approach would be to create a host record for laptopstolen.mydomain.com; i'd probably make a TXT record:

laptopstolen       10    TXT    nope


then, if your laptop gets stolen, you can change the text record to 'yes'.

then, just change the host command to:
host -t txt laptopstolen.example.com | grep yes || exit

everything else in the script should stay compatible.


also, instead of only running this in cron, i'd also put it in /etc/init.d/; if the thief powers on your laptop, then gets stuck because he doesnt have a good username/password, he might just turn off the laptop quickly (before the cron runs).

--

Jeremy Kister
http://jeremy.kister.net./
___________________________________________________________________________
Philadelphia Linux Users Group         --        http://www.phillylinux.org
Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce
General Discussion  --   http://lists.phillylinux.org/mailman/listinfo/plug