2 Comments

PfSense 2.3 CSS Themes

Using color schemes from http://www.awwwards.com

Using Brandts and Namale

This slideshow requires JavaScript.

Download pfSense-brandts.css

Download pfSense.namale.css

If you like other color schemes from awwwards.com message me.

Kind regards,

Leave a comment

pfSense Captive Portal Print Unused Voucher

Hi,

I am having unused vouchers under Status: Captive portal: Voucher Rolls: Zone.
I am not sure where these vouchers went but I could either expire them all or just print them again.

Here’s what I did:

CP print unused

Download these two files below.

  1. services_captiveportal_vouchers_print.php
  2. status_captiveportal_voucher_rolls.php

 

Note: Applied on PF 2.2.4 release. You can check which lines I added by comparing your original files and these ones. I use this site to compare scripts line by line.

Kind regards,

 

Leave a comment

PfSense as Wi-Fi Hotspot Controller – Video update

Hello!

As an update to my first post: PfSense as Wi-Fi Hotspot Controller here’s the video showing what I’ve done so far. I’ve done little as we are preoccupied installing CPEs and APs. But this is promising and useful for monitoring the network.

This is still far from being a production release, but let me keep on testing this in my own environment before sharing, and hopefully this will be useful to you too.

Kind regards,

 

13 Comments

PfSense as Wi-Fi Hotspot Controller

A Province-wide WiFi  is being cooked as I’m writing this and I am in need of a vendor-independent controller for all the access points we are going to install. There will be a mix of vendors such as UBNT and OpenMesh for this project, and while each of them offers a “free” controller, I still need to have a single interface for all of them. Because PfSense will be our main Firewall/Router, I have decided to look into it and see if it can do what I want.
I will be posting my progress here, also to serve as a documentation of what I have done so far.

Requirements:

  1. Utilize PfSense Captive portal(CP) feature – using vouchers. Done!
  2. DHCP range
    • All backhaul devices have static mappings, including WiFi APs. Done!
    • WiFi clients different dhcp pool. Done!
  3. Function to see all connected clients. Done! See Image 1.
    • See who and how many viewed the CP page.
    • See who among who viewed the CP have actually bought voucher and are authorized.
    • See page hits of the CP page.
    • Summary of the above.
  4. Function to see all  Access Points. Done! See Image 2.
    • Add an access point function.
    • View Device name.
    • View SSID.
    • View Status.
    • View number of clients connected.
    • View Uptime.

 

Image 1

Image 2accesspoints

Access Points requirement is SSH access. Using PHP ssh functions, I can issue CLI commands to get necessary info about the APs.

Next features:

  1. Ability to issue more commands for controlling each AP.
  2. Group WiFi clients based on which AP they are connected and display localized portal page.
Leave a comment

Monitor Files and Folders with Folder Eye

Sometime ago I created FolderEye to make patching applications and games faster. The idea is to patch a single client, get what files and folders affected by the patch, and distribute to the rest of the LAN clients. This way, the patch is being distributed locally and not outside of WAN, thus being faster, at LAN speed.

The function of this program is now part of a bigger project, and I would like to share it to others whatever purposes they might find this useful.

Folder Eye (FE) is specially designed for internet cafe’s or business offices with DeepFreeze Enterprise(DF Ent) installed on their client machines. FE with DF Ent makes patching games and other applications so much easier and faster without the need to visit each client.

DeepFreeze no doubt provides the ultimate protection in any IT environment, saving time and money for maintenance. But the hurdle most internet cafe faces is when patching games or applications. Thawing and Freezing each client when there’s a new update is time consuming. Even with DF Ent where you can centrally reboot machines in thawed state, you still need to visit each client to patch each applications.

Some workaround is to leave a partition unfrozen and place all games and applications in there, and freeze only the drive where the OS resides. But this workaround leaves a hole in your security as viruses can still infect files inside this thawed drive and can stay there undetected for some time until you or your Antivirus software release an update to detect it. Viruses such as PE injectors can cause heavy damage to your executable files and it might be already too late when you have found it. The best way is to freeze the whole system. Especially now that new versions of DF Ent can already prevent viruses from injecting into MBR (master boot record). So how about installing updates on your programs?

FE offers the solution for these kinds of setup. It works perfectly with DeepFreeze Enterprise. Patching or updating has never been so easy now!

>Here’s how simple FE works:

It listens to the game folder for any events triggered by the patch/update keeping eye on files deleted, created, or modified. It then copy these affected files(not the whole game folder) to a network share and generate a script corresponding to what the patch did.  DF Ent Console can now schedule an embedded event to restart all clients in thawed state (or maintenance mode) and patch every  client at the same time. Since these patch files are in a network share within your LAN, patching each clients are done in full LAN speed.

The only thing IT administrator has to do is to sit in the computer running DeepFreeze console and run this commands. He is free to do anything else while all clients are being automatically patched.

Requirements:

1. DeepFreeze Enterprise installed on all clients.

2. A network share or folder that is accessible from all clients.

3. Optional: For workgroups with more than 10 or 20 clients.  Windows Server OS(2003 or 2008), or Linux with Samba as a host for the network share or folder. This is to overcome the max concurrent connections to the shared folder. Windows XP = 10 max, Windows 7 = 20 max. This applies to workgroups with more than 10 or 20 members.

-TIP: Install Windows Server 2003 on a Virtual Machine inside your current desktop version OS, and create a network share there.

Recommended iCafe / Office setup:

1. Games and applications’ folder structure is identical among all clients. Ex: HON game path in all clients is C:\Program Files\GarenaHON

2. All clients has the same user account name and password if there’s any.

Limitation

1. Does not monitor registry entries of the update.

Watch the youtube links below and download FolderEye here.

Video 1:  Folder Eye – Introduction

Video 2:  Folder Eye – In Action

Video 3:  Folder Eye – Overview with DeepFreeze

4 Comments

Cut the Crap Method – by alien_genius

Below is a paper made by my good friend alien_genius. You are always in my thoughts, and thanks for everything.

 

The Cut The Crap Method

A quick way to detect and remove fiction, disinformation and lies
by alien_genius

 

Introduction

In the information age, it has become increasingly difficult to process the large amounts of information that are available through the various media. From newspapers, magazines and books, to radio and television, all the way to the internet. The information that is presented to us is contaminated by fiction, disinformation and outright lies for many different reasons.

Firstly there are honest mistakes and genuine ignorance that can produce inaccurate information. Secondly there are presentations that are intended to be persuasive in which combinations of language and imagery are used to invoke desired reactions, often at the expense of accuracy. Thirdly there are many groups and organizations that have obvious platforms, agendas and biases. Ideologies are usually considered more important than accuracy or facts. Fourth, the information stream is intentionally poisoned with propaganda and disinformation by military organizations, law enforcement and spying agencies, companies and front organizations.

The list above is by no means intended to be exhaustive and is merely intended to give you some idea of the ways in which and the reasons why the information that is presented to us constantly, is not very factual. Most people have no difficulty discovering this problem but the natural solution that people tend to use to solve this problem, is predictable and problematic in its own right.

 

Knee-jerk reaction

If people realize that the information they are receiving is not factual, the solution that most people choose, is to try to find some “reliable sources” for the various types of information they are interested in. This solution is quite understandable, because our time is limited and the amount of information to sift through is vast. But the process of selecting reliable sources tends to suffer from bias, since the evaluation of reliability is based on preexisting beliefs and ideologies of the person performing the evaluation.

People with leftist political leanings, tend to consider leftist news sources reliable and people who lean toward the political right, tend to consider right wing news sources reliable. But this bias is not confined to politics. It affects educational, economic, scientific, religious and cultural information and sources as well. This biased selection process of “reliable” sources then produces a feedback loop. People get exposed more to information they already believed in anyway and so their beliefs get strengthened more and more. After some time this can easily result in an inability to process alternative or opposing viewpoints. Worse still, facts that do not fit in the preexisting belief systems tend to get rejected, since that is easier to do than reevaluating one’s belief system.

Clearly the use of perceived reliable or trusted sources, followed by reinforcement of existing beliefs does not result in a greater ability to separate the wheat from the chaff, nor does it result in the acquisition of more accurate or factual information. So another strategy is required, but devising a better strategy is not easy.

 

Basic considerations

Before we actually look at the “Cut The Crap Method” tm it is important to first establish some important basic considerations. Some of those basic considerations are so obvious that it is easy to overlook them. Others might never even have crossed your mind.

One of the most powerful abilities that humans have, is the ability to process language, both speech and written language. Expressed in a more general way, humans have the ability to associate symbols with objects and concepts and thus meaning. Perhaps more importantly, humans associate language with behaviors and emotions as well. Propagandists clearly understand how humans process language and they carefully choose terms that manipulate this (subconscious) association mechanism and appeal more to emotions than they do to rational thought.

The second consideration is that most of us have not been educated to think critically, even though of course the pretense is otherwise. Instead of critical thought, we are taught to regurgitate whatever some authority presents as the facts. At best, some critical thought is encouraged in small niches, for example in mathematics, sciences like physics or engineering courses. But in social, political, economic, military and legal contexts, etc., people in positions of power prefer useful idiots over critical thinkers.

The third consideration is related to the previous one, but it is worth mentioning separately. Humans have a psychological desire to get single, simple answers to even the most complicated questions and mysteries. Even if the questions are as complicated as “Why are we here?”, “Where did the universe come from?” etc. we still desire a single simple answer, most likely because it is easier to remember simple answers than complex and
nuanced approximations, if there even are any. This desire is readily exploited by propagandists.

A further extension of the previous consideration, is the fact that humans are not as rational as they like to think they are. Instead of careful analysis of a situation, considering various options, weighing pros and cons before arriving at a conclusion based on available facts, humans have the tendency to learn and memorize simple rules of thumb, known as heuristics. These (erroneously deduced) heuristics then give rise to many silly beliefs, from racism and bigotry to “my favorite political party can do no wrong” and many other variants.

Another consideration is something you are likely aware of. It is known as “spin”. When propagandists consider some factual information undesirable for their cause, but it is likely to become widely known, then they attempt to slant the presentation and change the focus until it is turned into something that can be used to continue promotion of their cause. Forexample, when some favored politician is caught doing something unethical, then the unethical act is minimized and trivialized and those who try to stress the importance of the unethical act are said to be on a witch hunt. There are millions of variants on this spin theme.

The next thing to be aware of is the technique known as “muddying the waters”. Whenever there is some factual information that is considered undesirable by propagandists and disinformation agents and there is no way to ignore that information and there is no way to spin it into something beneficial, then it is always possible to muddy the waters. For example, the source of the factual information can be called into question. Or some
insignificant detail can be focused on and blown out of proportion. Or seemingly plausible alternatives can be presented as the “real truth”. This is done not even with the expectation that people will believe the alternative truth. It is enough to just create some confusion or reasonable doubt.

There are many other things we could discuss here, but for the purposes of the “Cut The Crap Method”, the considerations listed above are sufficient. Now let us look at the details of the “Cut The Crap Method” itself.

 

The Method

When you are reading a newspaper, are watching the news, are enjoying a documentary or are in the middle of a debate, it is helpful to keep the “Cut The Crap Method” in mind, since it might reveal some details that you might otherwise easily overlook. For the purpose of making this explanation a little easier, we are going to pretend that you are reading a fictitious newspaper article shown below.

“In Israel today violence erupted when the Israeli Defense Force (IDF) was attacked by Hezbollah terrorists from the Gaza Strip using Katyusha rockets. One Israeli soldier was wounded and 34 Palestinians were killed when the IDF retaliated. This latest unprovoked Hezbollah attack was the seventh attack of its kind in as many days. Israeli authorities believe that Hezbollah has been more aggressive in an attempt to influence the upcoming Israeli national elections. An Israeli
spokesperson said that the state of Israel would continue to defend itself using proportional force. The Palestinian Provisional Government declined to comment on the attacks.”

Although the text above is fictitious, it will probably sound quite familiar to you, because the news tends to be filled with articles similar to the one shown above. Now let us take a look at how the “Cut The Crap Method” can be used on an article like this.

1. Pay attention to who or what is getting blamed and who or what is portrayed as the victim.
2. Replace all leading or emotionally charged verbs and nouns with neutral ones.
3. Remove all leading or emotionally charged adjectives.
4. Remove all explanations, rationalizations, justifications, etc. Keep in mind that these are designed to answer any “why” questions you may come up with.
5. Pay attention to what is being left out. Details and background information matter.
6. Identify and isolate the “claims of fact”. It is helpful to ask : who, what, where, when and how. Keep in mind that they are not facts, just claims of fact. Put these in column 1 of your notes.
7. Find an article on the same subject from a diametrically opposed source and repeat the steps above. Put the claims of fact in column 2 of your notes.
8. If possible, contact the people and organizations mentioned in the article and get their claims of fact. Repeat the steps above and put the claims of fact in the next columns of your notes.
9. Compare all columns and copy the items that match across the columns to the last column called “agreed on”.

Now let us look at some examples from the fictitious article above to illustrate the points mentioned in the “Cut The Crap Method”.

1. In the fictitious article above, Hezbollah terrorists are portrayed as the aggressors and the Israelis are portrayed as the victims.
2. “Hezbollah terrorists” are mentioned because it sounds more scary than “Palestinians”. “Katyusha rockets” are mentioned as the weapons used by these “terrorists” again because it sounds scary. The terrorists “attacked” and the IDF “retaliated”.
3. According to the article, the attack was “unprovoked”.
4. According to the article, the attack was intended to disrupt Israeli national elections, which is an explanation. The Israeli authorities said they would continue to defend themselves, which is a justification. They also claim that the force used in the response was proportional to the force used in the attack
5. The exact location of the violence is not mentioned. This detail matters, since it helps to determine which party was where they did not belong. Notice that it was left out what weapons the IDF used to “retaliate”.
6. Where : Israel; When : today; What : violence; Who : IDF and Hezbollah / Palestinians; 1 Israeli soldier wounded, 34 Palestinians killed.

Steps 7, 8 and 9 are left up to your own imagination. Once we have done the fact checking in this way, and we have isolated the claims of fact from all sides and we have isolated the claims all sides more or less agree on, and we thus also know what they disagree on, we can rewrite the article something along the following lines :

“In Israeli occupied territories today there was violence between Israelis and Palestinians. According to the Palestinian authorities the violence started when Israeli troops added another checkpoint on Palestinian roads. Israeli authorities have not commented on this allegation. Israeli authorities report that 1 IDF soldier was wounded. Palestinian authorities report that approximately 50 Palestinians were killed and approximately 100 Palestinians were wounded. Israeli authorities claim that Hezbollah terrorists were involved and started the violence to disrupt the Israeli national elections. Israeli authorities claim that the attack was unprovoked and that the military force used was proportional to the attack. Palestinian authorities claim that the Israeli checkpoints are unlawful and
incite violence because it makes life in the Israeli occupied territories even more difficult. Palestinian authorities claim that no western newspapers contacted them for comments.”

Please notice that in the modified version of the fictitious article we started with, things are far less certain. Also notice that it is constantly made clear who claimed what. The reader is provided more with factual information and a balance between both sides. It is now left up to the readers to make up their own minds instead of forcing conclusions on the basis of prior beliefs and emotional responses.

It is important to understand that point 4 of the “Cut The Crap Method”, the removal of explanations, justifications, rationalizations, etc. is one of the critical steps of the method. By removing any elements that are real or contrived answers to “why” questions, we end up only with the “who”, “what”, “when”, “where” and possibly “how”. This is more factual than answers to “why” questions and this can be evaluated on its own even if possiblereasons or causes are unknown. In the case of this fictitious article, we still know that 1 IDF soldier was wounded and at least 34 Palestinians were killed. This is something that provides useful information in its own right, regardless of reasons and causes.

Propagandists know that the readers will immediately ask themselves why questions. This allows them to anticipate such questions and come up with explanations, justifications and rationalizations, which is exactly where most of the “spin” and “muddying the waters” occurs. Understanding this allows you to (at least temporarily) ignore possible reasons and causes, until you have done enough fact finding and have (usually opposing) explanations,
justifications and rationalizations.

The explanations, justifications and rationalizations are intended to appeal to your existing beliefs and emotions and to win you over to one side or to keep you on that side. If you unquestioningly accept the alleged reasons and causes claimed by one side, they become part of your own beliefs and then continue to color your view on subsequent events.

Using the “Cut The Crap Method” helps you to identify and remove fiction, disinformation and lies, it helps you to take out some of the unnecessary emotionality, it allows you to focus more on facts and consequently helps you to arrive at more balanced conclusions. If nothing else, it will make you a little more conscious of the propaganda tricks we are being exposed to on a daily basis.

22 Comments

Best Way To Protect Your Files From Being Copied

Couple of years ago I made this piece of software that protects my i-cafe from thieves who copies data from my cafe.

Are you annoyed with people, especially competitors, that will copy your hard-earned updated games, software, and other data? Well, I am.

Like I was, you probably are thinking on how to stop them. But there is a better way than preventing these people from copying your files. I realized the best thing to do is to actually let these thieves copy it. But the copied version will be rendered useless, destroyed. The bigger files the better because it means computer usage time and more income for your shop. They will never know the whole operation. They will just wonder why it wont work in their shop..and the tendency is they will go back again and copy it.

This is where NCF Utility (No Copy Files) becomes handy.

Here’s the general function of this software.

1. Using Windows API, it notifies the program of a copy command initiated by the user.

2. The program inspects if the copy destination is an external usb drive / flash drive.

3. If the no 2 statement is correct, it checks if the file being copied is on the watch list.

4. If true, then NCF scrambles the copied version’s bytes(beginning section, middle, and end).  But preserving the file’s attributes, looks and feel.

5. All the above process happens on a flash. So don’t worry, they will not notice it. 🙂

Screenshot

ss

How to use

1. After installing, run Ncfmanager.exe.

2. Add files by clicking File>Add files or ctrl+a, or by just drag n dropping files and folders into the program. Take note, dropping folders may take time depending on how many files inside the folders.

3. Click File>Save or ctrl+s.

4. Click Run>Start or ctrl+r. You will recieve a notification whether the monitoring is started or not, or look on the status bar below.

5. Close the Ncfmanager.exe

6. To stop NCF, run Ncfmanager.exe again and click Stop.

Important:

You might forget that NCF is running and you’re the one copying your files to your USB stick. We have the tendency to delete the original file after we copy them. So don’t make this mistake. NCF has no ‘restore’ function.

Disclaimer:

1. I will not be held responsible for the damages on your files resulting on the improper use of this software.

2. This software is developed for Windows 32bit platform only(particularly XP). It may or may not work on other Windows OS versions.

Leave comments below if you need help.

Download Ncf Utility here.