We would like to setup a small Wifi access point where we provide free internet in and around our store, with store banner pop ups added to any web content they browse using this net connection. What do we need to do this? I am expecting some kind of C# solution, but I can live with Java too.
you could try CoovaAP. It provides support for dd-wrt routers, and it is fairly easy to use and configure. I'm using it successfully at home.
Most Wifi access points allow to control access with a Radius server on the backend. To add some additional content you might consider using deloradius in combination with CoovaChilli.
You can try Socifi - free public WiFi advertising and monetization platform.
www.Socifi.com
Related
I'm trying to find the URL for the live snapshot on a new Honeywell HBL6GR2 camera I am evaluating. I need to be able to pull the image as a jpg from a URL such as:
http://xxx.xxx.xxx.xxx/image.jpg
I was told by Honeywell this was possible but can find nothing in the documentation (here), and their tech support has been useless as I bought direct and not through a "dealer."
I've found pages such as these and tried all combinations of URLs to get a JPG with no success:
https://www.ispyconnect.com/man.aspx?n=Honeywell
http://www.camera-sdk.com/p_183-how-to-connect-to-your-honeywell-ip-camera-onvif.html
I can access the admin portal fine, but need a direct link to the live image on the camera (a custom port will be needed also, but that can wait).
How can I go about finding this URL (if it even exists)? I can't imagine this camera doesn't support this.
The standard is ONVIF. Per their documentation:
ONVIF (Open Network Video Interface Forum) is a global standard for the interoperability of IP-based physical security products.
You can enable or disable ONVIF authentication on the Setup > Network Setup > Connection > ONVIF page.
Try this:
https://www.onvif.org/wp-content/uploads/2016/12/ONVIF_WG-APG-Application_Programmers_Guide-1.pdf
Easiest way to figure this out is to install Onvif Device Manager and Wireshark.
Add your device to Onvif Device Manager with Wireshark running and then search the Wireshark for GetSnapshotUriResponse. This will give you the URL of the snapshot if it is indeed supported by the device
Research On Firefox Extensions Connections
I have read the FAQ's on Firefox Extensions (https://addons.mozilla.org/en-us/faq) and have looked at their community forums for information but wasn't able to find anything on how extensions actually connect and collect your data.
The closest I found was the Mozilla Wiki page on data collection (https://wiki.mozilla.org/Firefox/Data_Collection) but it only gives you the basic opt in/out data collection levels.
What I'm trying to understand:
If I'm using a manually configured anonymous proxy in Firefox, could the extension potentially send my actual IP address (not my proxy IP address) back to a third party?
Example: Translate Extension
For example, if I were to use the Google Translate for Firefox, would Google be able to see my original IP?
What I was thinking
Since the proxy is the only way for the browser to connect to the internet, the extension would have to use the proxy IP address to connect and thus, would only be able to see the proxy IP address. However, I would love to be sure that there is no back door or way of the extension revealing my original IP.
Any insight is greatly appreciated. We are not doing anything unethical, we just have to maintain separate IP usage for various clients and do not want to risk mixing their information. Thanks again.
Firefox extensions are usually not limited in what they can do, only extensions based on the WebExtensions framework are sandboxed - currently the majority of Firefox extensions is still either classic XUL-based extensions or based on the Add-on SDK, these don't have inherent restrictions. So in theory an extension can do lots of things in order to deanonymize you, for example:
Use nsIDNSService in order to retrieve your local IP address (usually, this address isn't valid outside your local network however).
Change browser settings, in particular disable your configured proxy server.
Use external command line tools in order to read out system information or send a request bypassing the browser.
Read files on your hard drive in order to find your name.
Note that Chrome also offers an API to modify browser's proxy settings extensions, and a similar API is planned for WebExtensions. So even sandboxing doesn't always protect against deanonymization, and you need to trust the extensions you are installing.
However, the extensions hosted on Addons.Mozilla.Org are usually reviewed by Mozilla (the ones that aren't reviewed yet have a yellow install button and a warning). One aspect that the reviewers look into is: does this add-on do what it claims to do or are there unexpected side-effects? Any unexpected functionality has to be strictly opt-in, with full explanation about the implications. This was introduced in 2009 as the No Surprises policy and works remarkably well. Chrome Web Store doesn't have any comparable policy.
I was hoping that someone with chromecast experience could help me with the following.
I want to make a simple digital signage application using chromecast. My plan is to set up a bunch of monitors with chromecast attached. Each monitor would point to a particular URL on the local network -- not a public facing web site. Each one would refresh its view every few minutes, completely replacing its content with the information on the web server.
I'd like to do this without mirroring, so that the chromecast itself would keep reloading the page without another device helping it along.
Can someone point me in the right direction?
Maybe start with the Chromecast developer guide: https://developers.google.com/cast/
From here you could choose to use the API here: https://developers.google.com/cast/docs/downloads
When you're ready to release it you probably need to register an API key with them for your sign app here: https://developers.google.com/cast/docs/registration
Good luck with your app.
From the sounds of it, Greenscreen.io would be perfect for this application. Especially when you're running a local server.
I want to do a similar digital signage app, but ended up needing to go for Raspberry Pi's with wifi that connect to a public webpage. I'd have preferred to use Chromecast for it though!
I want to develop a software which restricts users internet access using vb6 or vb.net.
This is not a baby sitter program but
1) whenever a client machine takes any browser it should ask for username and password.
2)There should be option for adding new users at the server side application.
can anyone suggest any name of such a software. or some sites where I can get some help
on the same..
You could implement a HTTP proxy using sockets. You would turn off internet connection sharing on your server and configure the other machines to connect to the web via your proxy.
I would recommend going for an off the self solution e.g. in a router rather than building something from scratch.
If you are dead set on using VB6 you could make use of the winsock control. Here is a project using winsock to serve files. You could modify it to become a multithreaded proxy server instead. It will be a tough challenge though.
http://www.codeproject.com/KB/IP/winsock.aspx
I have a site i am working on that i would like to display only to a few others for now. Is there anything wrong with setting up windows user names and using windows auth to prompt the user before getting into the development site?
There are several ways, with varying degrees of security:
Don't put it on the internet - put it on a private network, and use a VPN to access it
Restrict access with HTTP authentication (as you suggest). The downside to this is it can interfere with the actual site, if you are using HTTP auth, or some other type of authentication as part of the application.
Restrict access based on remote IP. Just allow the IPs of users you want to be able to access it.
Use a custom hostname. Have it on a public IP, but don't publish the hostname. This means make an entry in your HOSTS file (or configure your own DNS server, if possible) so that "blah.mysite.com" goes to the site, but that is not available on the internet. Obviously you'd only make the site accessible when using that hostname (and not the IP).
That depends on what you mean by "best": for example, do you mean "easiest" or "most secure"?
The best way might be to have it on a private network, which you attach to via VPN.
I do this frequently. I use Hamachi to allow them to access my dev box so they can see whats going on. they have access to it when they want , and/or when I allow. When they are done I evict them from my Hamachi network and change the password.
Hamachi is a software VPN. Heres a link to Hamachi - AKA LogMeIn
Hamachi
They have a free version which works quite well.
Of course, there's nothing wrong with Windows auth. There are couple of (not too big) drawbacks, though:
your website auth scheme is different from the final product.
you are giving them more access to the box they really need.
you automatically reimaging the machine and redeploying the website is more complex, as you have to automate the windows account creation.
I would suggest two alternatives:
to do whatever auth you plan on doing in the final website and make sure all pager require auth
do a token cookie based auth - send them a link that sets a particular token in a cookie and in your website code add quick check for that token before you even go to the regular user auth
If you aren't married to IIS, and you need developers to be able to change the content, I would consider Apache + SSL + WebDav (aka Web Folders). This will allow you to offer a secure sandbox where developers can change and view the content without having user accounts on the server.
This setup requires some knowledge of Apache so it only makes sense if you are already using Apache or if you frequently need to provide outsiders access to your web server.
First useful link I found on the topic: http://pascal.thivent.name/2007/08/howto-setup-apache-224-webdav-under.html
Why don't you just set up an NTFS user and assign it to the website (and remove anonymous access)