m d3velopment a technical and security blog

18Apr/150

Ubiquiti NVR: Upgrading the OS and AirVision Software

nvrUpgrading the Ubiquiti Network Video Recorder (NVR) operating system (Debian) and AirVision recording controller can be a fairly daunting task I've you are unfamiliar with the Debian command line interface (CLI) and/or Linux distrobutions in general. In addition, Ubiquiti doesn't provide a GUI based upgrade option for older NVR software versions (e.g. 2.x) and no upgrade capability for the OS.

This simple outline should help you get the job done.

1. Open a shell session to the NVR appliance:

ssh root@(IP Address)

2. Enter the following commands to upgrade your NVR's Debian OS:
#apt-get update ; apt-get upgrade -y ; apt-get dist-upgrade -y ; apt-get autoremove -y ; apt-get autoclean ; apt-get clean

3. Once complete reboot the NVR:
#reboot

Command Outline:
apt-get update retrieves a new list of software packages from the Debian repository
apt-get upgrade -y downloads and installs all updated software and automatically answers yes to all questions
apt-get dist-upgrade -y installs a new UNIX kernel (when available) and automatically answers yes to all questions
apt-get autoremove -y removes any unused software packages and automatically answers yes to all questions
apt-get autoclean deletes any old software archive files from previous apt-get sessions
apt-get clean deletes any downloaded software archive files from previous apt-get sessions

4. Once the NVR has rebooted re-login via SSH.

5. Install screen for terminal managemement
# apt-get install screen

6. Initiate a screen
# screen

7. Download the latest Debian package:
# wget http://dl.ubnt.com/firmwares/unifi-video/3.1.1/unifi-video_3.1.1~Debian7_amd64.deb

*Note, at the time of posting this is the latest version but check the UniFi Video Software page for the latest version.

8. Purge the current AirVision Software
# sudo apt-get remove --purge airvision
# sudo apt-get purge airvision

9. Initiate the new package install:
# dpkg -i unifi-video_3.1.1~Debian7_amd64.deb

10. Once the process completes you can login to your AirVision controller using https://ip-address:7443/

19Feb/150

Internet Explorer 11 – Cannot Download Files

Default installations of Microsoft Internet Explorer 11 on Windows Server 2012 and Windows Server 2012 R2 do not permit files (e.g. .exe) to be downloaded from untrusted websites. An error will occur similar to "Your current security settings do not allow this file to be downloaded."

By design, Internet Explorer on hardened servers does not permit downloads without modifying the default IE security policy. To modify this (temporarily or permenantly) do as follows:

1. Open Internet Explorer
2. Navigate to the 'Tools' menu (top left, cog)
3. Click 'Internet options'
4. Click the 'Security' tab
5. Click 'Internet' then 'Custom Level'
6. In the settings zone, find the ‘Downloads’ heading.
7. Under 'Downloads' the ‘File Download’ option should be visible to you. Select Disable.
8. Click OK and Exit. Restart Internet Explorer.

You will now be able to download files from untrusted websites. Please note that it is not recommended to leave this setting in place on production servers.

Filed under: Windows No Comments
7Dec/140

Deciphering A PRI Turn-up Worksheet

The following outlines some of the more confusing vocabulary pertaining to Primary Rate Interface (PRI) turn-up.

PIC/LPIC - Probably the most confusing acronym out of the bunch. PIC stands for Primary Interexchange Carrier. This is your long distance carrier. This is a code that is kept in a database and when you need to make a long distance call, the telco consults this database to know whose network to send the call along. A great explanation of long distance calls can be found HERE. Conversely, the LPIC is the Local Primary Interexchange Carrier. In other words, they are the company that handles your local calls that aren’t long distance. These two providers can be different, and in many cases they are. In rural areas, the LPIC is the local telco, and the PIC is a larger carrier like AT&T or Verizon. I’ve found that many companies will give you a deal if you specify them for both PIC and LPIC. Most of the time, the PIC/LPIC choice will be whomever is installing the PRI for you, such as AT&T or Cox Communications.

DID – Another one that confuses people. In this case, DID stands for Direct Inward Dial. This is a huge change from the way an analog circuit works. With an analog circuit (like my house), when you call my number it sends an electrical signal along the wire telling the device at the other end to ring. When we hook this circuit up to a CUCM/CCME system, we usually have to configure Private Line Automatic Ringdown (PLAR) in order to be sure something gets trigger when the electrical signal arrives. A PRI doesn’t use electric signals to trigger ringing. Instead, they are configured with two different fields, the Calling Party and the Called Party. In this example, the Calling Party is what is most often referred to as “Caller ID”. The Called Party on a PRI is the DID. This is a number that is delivered to the PRI and sent to the PBX equipment on the other end. The name comes from the fact that these numbers are most often used to directly reach internal extensions without the need to reach a PBX operator or automated attendant. The DID can be configured to ring a phone, a group of phones, or even a recording. The numbers that used to belong to your analog circuits will usually be moved over to a group of DIDs and pointed at the PRI.

Outpulsed Digits - This one sounds straight forward. Digits are being sent somewhere, right? Remember that this worksheet is from the perspective of the service provider, so the outpulsed digits are what the provider is sending to your equipment. You have tons of options, but most providers will usually limit your options to 4, 7, or 10 digits.

Filed under: Asterisk Continue reading
18Sep/140

Ford Ranger Wildtrak 3.2 Hacks & Tricks

Ranger 1As a service to others and a reminder to myself I am going to use this post to document various hacks and tricks I have discovered with the 2014 Ford Ranger Wildtrak 3.2. Most if not all of these tricks will work on other Ford Ranger models and on some Ford vehicles.

1. Follow Me Home Lights

When you exit your vehicle and don't want the "follow me home" safety lights or parking lights on, simply flash the head light flasher (left stick) and they will go out. You can also use this to turn the light on and off when the engine is turned off.

2. Roller Shutter (Wildtrak Only)

If you want to open the roller shutter a quarter-way (rather than fully), when you open the shutter grab the return strap and pull it to the left. This resets the latch mechanism and the shutter will stop at the first latching point. If you want to open the roller shutter completely pull the strap to the right and the latching mechanism will release.

3. Seatbelt Alarm

A seatbelt alarm sounds in the Ranger when the speed exceeds 20 km/hr and the driver or front passanger are not wearing a seat belt. Whilst this is a great safety feature it can also be a great irritation if you are simply moving your card in your drive way. To disable the seatbelt alarm completely:

a.  Turn key to ignition or start car,
b. Wait for seatbelt indicator light to go out on the dash,
c. Plug in and unplug seatbelt 4 times within 10 seconds, the seatbelt warning light will flash for a few seconds,
d. Once the seatbelt warning light stops flashing then the seatbelt alarm will be disabled for that seat. Repeat for any other seat/s in the vehicle as needed.

4. Window Reset

If you experience issues with your windows auto up/auto down after having had the battery disconnected:

a. Run window all the way up & release the switch,
b. Push switch up for another 5 sec or so, you will hear a click,
c. Run window all the way down and repeat the release, reapply, hold on sequence,
d. Window should now work with auto up and down.

5. Headlight Auto Mode Auto Off / Parker Lights Off

In headlight auto mode, if you want your headlights to switch of immediately when locking your ranger dip your high beam stalk once.

To turn of your parker lights off when door/doors left open dip your high beam stalk twice, this will lessen your chances of a flat battery.

Filed under: Vehicles No Comments
17Jul/14Off

Norton ConnectSafe

Norton ConnectSafe is a free public DNS service offered by Symantec Corporation that claims to offer a faster and more reliable web browsing experience while blocking undesirable websites.

Users can use Norton ConnectSafe by setting their DNS server addresses to those of the Norton ConnectSafe servers. Client software for Windows, Mac OS X, and Android is available to automatically configure devices to use Norton ConnectSafe.

DNS queries routed through Norton ConnectSafe are checked using the Norton Safe Web database to ensure that they do not point to malicious or inappropriate websites. Symantec thus seeks to block malware and phishing attempts, as well as pornographic and inappropriate websites if the user desires.

Policy A — Security

This policy blocks all sites hosting malware, phishing sites, and scam sites. To choose Policy A, use the following IP addresses as preferred and alternate DNS server addresses:

199.85.126.10
199.85.127.10

Policy B — Security + Pornography

In addition to blocking unsafe sites, this policy also blocks access to sites that contain sexually explicit material.

Filed under: Security Continue reading