Categories
How To Main Tech

Script to enable/disable DMZ on Linksys and Verizon routers

Your home Internet router gives you some protection against direct attacks on your computer by keeping your home network safely encapsulated. Each of your home computers can access the Internet (this is called NAT), but no outsider can access your computers directly. Outsiders only see the router. However, sometimes you want your computer to be “fully” online. Enter the “DMZ” feature of your router. Your router’s DMZ allows one of your computers to be fully exposed to the Internet (for better or worse).

Reasons to enable your DMZ:

  • Access your files while away from home.
  • Serve web pages from your computer.
  • Make BitTorrent transfers faster. BitTorrent transfers are usually faster when your computer is directly exposed to the Internet.

For my work at FamilyLink.com, I develop directly on my local machine. While working on our Facebook application, I need to allow Facebook servers to directly access my machine. (When you use a Facebook app, you’re accessing Facebook’s servers and Facebook servers are, in turn, accessing the developer’s server via a callback URL. While working on our Facebook app, Facebook directly accesses my local machine.) This requires me to open my machine to the DMZ.

Reasons not to enable your DMZ:

  • Your computer is more likely to be hacked
  • Your private data is more likely to be accessed

If you enable your DMZ, know which services are enabled on your machine and which files and data are being shared. There may be files you’re comfortable sharing on your local network that you wouldn’t want to share with the world. Only enable the DMZ as long as necessary.

Enabling the DMZ can be a pain — logging into your router and navigating to the correct setting — so I wrote the following Ruby scripts to make it easy. The first worked with the Linksys router I had. (I believe it was a WRT54G.) To use, fill in your router’s IP address and password, and your computer’s hardware address, then type “linksys_dmz.rb on” or “linksys_dmz.rb off” at the command-line. The script looks up your computer’s hardware address in the table of local IP addresses so the IP address can safely change from time to time.

#!/usr/bin/env ruby
# linksys_dmz.rb

router = '10.1.1.1'
user = 'admin'
pass = 'your_password'
hardware_address = '00:23:6C:00:00:00'

leases = `curl -su #{user}:#{pass} http://#{router}/DHCPTable.asp`
leases.scan(%r{'([^']+)', hardware_address}) do |m|
  ip_address = m[0].strip.to_s
  last_digit = ip_address.split('.').last
  if $*[0] == 'open' || $*[0] == 'on'
    post_values = "submit_button=DMZ&change_action=&action=Apply&dmz_enable=1&dmz_ipaddr=#{last_digit}"
    print "Opening DMZ to #{ip_address}\n\n"
  else
    post_values = "submit_button=DMZ&change_action=&action=Apply&dmz_enable=0"
    print "Closing DMZ\n\n"
  end
  `curl -su #{user}:#{pass} -e http://#{router}/DMZ.asp -d '#{post_values}' http://#{router}/apply.cgi`
end

Last year I switched to Verizon FIOS, which came with its own wireless router, so I had to write a new script. Again, fill in the password, then type “verizon_dmz.rb on” or “verizon_dmz.rb off” in Terminal. (This script assumes a 10.1.1.* network. Change it to 192.168.1.* if that’s what you have.)

As a side note, the Verizon router was a bit of beast to automate. It uses a hashed signature to try to enforce JavaScript-enabled browsers. Writing this script required using TamperData, Charles Proxy, and a lot of trial and error to discover which POST data were necessary.

I use this script to open the DMZ before working on our Facebook app, then I close it when I’m done for the day. Eventually, it’d be nice to find a way to enable the DMZ remotely — maybe via email or something.

#!/usr/bin/env ruby
# verizon_dmz.rb

require 'rubygems'
require 'mechanize'
require 'digest/md5'

user = 'admin'
pass = 'your_password'

localhost = `ifconfig`.scan(/inet (\d+\.\d+\.\d+\.\d+).*broadcast 10.1.1.255/).join
router    = localhost.gsub(/\d+$/,'1')

begin
    agent = Mechanize.new
    page = agent.get("http://#{router}:81")
rescue Exception
    abort "Unable to connect to Verizon Router! Check the IP address."
end

form = page.forms[0]
auth_key = form.fields.find {|f| f.name == 'auth_key'}.value
form.fields.find {|f| f.name == 'user_name'}.value = user
form.fields.find {|f| f.name == 'md5_pass'}.value = Digest::MD5.hexdigest(pass + auth_key)
form.fields.find {|f| f.name == 'mimic_button_field'}.value = 'submit_button_login_submit%3A+..'
form.method = "POST"
form.submit

post = {
    'dmz_host_cb_watermark' => '1',
    'dmz_host_ip0' => localhost.split('.')[0],
    'dmz_host_ip1' => localhost.split('.')[1],
    'dmz_host_ip2' => localhost.split('.')[2],
    'dmz_host_ip3' => localhost.split('.')[3],
    'active_page'  => '9013',
    'mimic_button_field' => 'submit_button_login_submit%3A+..',
}

if $*[0] == 'open' || $*[0] == 'on'
   post['dmz_host_cb'] = '1'
   puts "Opening DMZ to #{localhost}"
else
    puts "Closing DMZ"
end

agent.post('/index.cgi', post)

Categories
Blogging Family Tech WordPress

FamilyLink.com + Kynetx + WordPress

Following up on my previous Kynetx post, here’s a demo of how FamilyLink.com and Kynetx could reveal your relatives on WordPress blogs:

Categories
Family Main Programming Tech

FamilyLink.com + Kynetx: How websites could be better with your family

I’ve been playing around with Kynetx.com technology. I think it has a lot of cool potential for helping FamilyLink.com users see who their relatives are across multiple websites.

For example,

  • What if you could see your FamilyLink.com relatives directly in Facebook?
  • If you knew which LinkedIn users were your relatives, would you be more likely to do business?
  • If you knew which Twitter users were your relatives, would you be more likely to follow them?
  • If you discovered that a comment on a political news story with which you strongly disagreed was from a relative, would you be more careful how you responded?

Here’s a demo video:

Categories
Business Entrepreneurship Main Programming Tech

Reminiscing about Provo411.com and Scraping the Course Catalog

One of my first web development projects and biz partnerships with Brian Stucki was Provo411.com. We were roommates at BYU and conceived of a website where students could share events — parties, concerts, football games, etc. We were already in our beds for the night when the idea came, but we couldn’t go to sleep before buying the domain. I think it was the first domain I ever bought. It was September 2002.

I developed a calendar in PHP and wrote a few scripts to scrape byucougars.com and retrieve the sports schedules. I also developed a WML app so Brian and I could add events to the calendar from our pre-iPhone mobile phones. I recall being at a party in south Provo, in a former dental office, and using my Nextel phone to add the party to Provo411. If you go back far enough, you can see events on the calendar. My brother Alan did the artwork.

I always wanted Provo411.com to have a course schedule alert system. Perhaps students would pay $3 to receive an email or SMS alert when hard-to-get classes had an opening. It shouldn’t have been hard technically, but the publicly available course catalog isn’t updated in real-time. I could have scraped the authenticated course catalog on Route Y, but BYU might have objected and it’d be a fragile business model.

My brother Michael recently came home from his mission and started school at CSN. The business classes he wanted were full, so I put the old “course schedule alert” idea to the test with some new tools — Ruby and Mac OS X’s speech. Here’s what I came up with:

#!/usr/bin/env ruby

# a list of course call numbers to check
call_numbers = %w{ 46405 46407 46409 46411 46415 46413 53252 53254 53256 53258 53260 53262 53268 53270 53272 53274 46423 46435 53276 46443 }

# auth_token obtained via Firefox+TamperData while my brother logged into CSN
auth_token = "123456789012345"

say "Checking"

call_numbers.uniq.sort.each do |call_number|
    c = `curl -si -d CONVTOKEN=#{auth_token} -d AUDITT=N -d CALLT=#{call_number} -d CONTINUE=Continue "https://bighorn.nevada.edu/sis_csn/XSMBWEBM/SIVRE04.STR"`
    print "Call number #{call_number}: "
    if (c =~ /<p class="p5">([^< &#93;+)<br\/>/m)
        if $1.strip.empty?
            puts "May have openings\n"
            3.times {say "Michael, class number #{call_number} may be open!"}
        else
            puts "#{$1.strip}\n"
        end
    else
        puts "could not find message"
        say "Help. I cannot access the C S N website."
        return
    end
    sleep 5
end

# Ouput an audible message via Mac OS X's speech function
def say(message)
    `say "#{message}"`
end

We set this to run every 15 minutes on the living room iMac, and we turned up the volume. Every 15 minutes we could hear “Checking” from the computer. A few hours later we heard the script announce that a class had opened up. Michael, I’m still waiting for my $3.

Categories
Government Main Morals Pornography Speech

Can pornography be made unpopular?

My friend Cam has started a cause called Fight the New Drug (FTND). That “New Drug” is pornography, and their approach parallels the fight against tobacco.

This is about changing the messaging. For example, if smoking is a way to rebel against authority, then parents and medical experts saying Don’t smoke! only reinforces the rebellion. But if smoking is succumbing to executives at Big Tobacco, then smoking isn’t a form of rebellion at all, it’s a form of conformity. What rebellious kid wants to conform to Big Tobacco executives? That’s the message of The Truth campaign.

Become a Fighter - Fight the New Drug
Fight the New Drug

Imagine a similar change of messaging around pornography: Pornography isn’t glamorous, it isn’t sexy. Love and romance without pornography is glamorous and sexy. By making the negative externalities of pornography more visible, it would become less appealing. While organizations like CP80 and Lighted Candle Society fight the supply-side of pornography, FTND fights the demand-side.

I’m very excited about this approach.

Mary Eberstadt at Stanford’s Hoover Institution calls pornography the “new tobacco” and said:

Yesterday, smoking was considered unremarkable in a moral sense, whereas pornography was widely considered disgusting and wrong — including even by people who consumed it. Today, as a general rule, just the reverse is true. Now it is pornography that is widely (though not universally) said to be value-free, whereas smoking is widely considered disgusting and wrong — including even by many smokers.

Can we change minds again?

Columnist Kathryn Jean Lopez said:

…I’ve been flashing back to something Traci Lords once said: “I have to thank Ed Meese for saving my life.” At 18, her career as a porn star ended in a federal raid. How many Tracis are on a computer near you today? And who else is porn harming? It’s a question that our society — which in its rhetoric and culture says it cares about women and children and lives and love — needs to grapple with. If Eberstadt’s comparison is right, the time [is] coming. The shrugs will cease. Yet I hope the turnaround comes, not because the government has made porn highly inconvenient, but because we have decided we want something better. (Smoking Is Out, Porn Is In.)

Seth Godin said you can’t fight an ideavirus (“pornography is okay”) by “challenging the medium in which it spreads.” Instead, you must counter “one ideavirus with another one.”

You don’t counter racism by making the act of uttering racist statements against the law. You do it by spreading an idea (racism is hateful, wrong and stupid) that keeps the racist from expressing his ideas because all his friends will shun him if he does. (“Thinking about this war”.)

Here is some of the FTND messaging, paraphrased:

1. Educate people about the negative effects of pornography and let them choose their pornography involvement for themselves. We do not contest the legality to produce pornographic material.

2. Just because it’s legal to smoke cigarettes, doesn’t mean it’s healthy. Similarly, porn can have devastating effects on you and your loved ones.

3. Although pornography consumption can lead to powerful addictive behaviors, we don’t contest people’s right to view it.

4. People need to be educated about the negative effects of pornography on individuals, families and businesses.

5. We fight against the demand for pornography. Through education, we believe people will no longer want to use porn and those with addictive behavior will seek help from professionals.

6. People addicted to porn often feel they have no options. We’re letting people know that they have a choice.

7. We want to infuse more sexiness into the world. Two committed people together — that is sexy. A lonely, addicted person sitting in front of a computer is not sexy.

Please make a $10 donation to FTND to become a “fighter”. Ten dollars from 1,000 people is better than $10,000 from 1 person. The money will be used to develop messaging campaigns to fight the demand for pornography. This will be a grass-roots movement to make pornography unpopular.

I’ve put in my $10 and I’m hoping many, many more friends will as well.