Archive for category Uncategorized

SSH Tunneling on Insecure WiFi

Using public wifi can be dangerous since the connection is inherently unencrypted. Whenever connecting to public wifi at coffee shops or airports I’ve always tunneled my traffic through my SSH server at home. This can be done fairly easily in a few simple steps (I’m working on a Mac but there’s plenty of tutorials to do this on Mac, Windows or Linux):

  1. ssh myhost.com -D8080
  2. change your system’s proxy settings to use SOCKSv5 on localhost port 8080

OSX Networking Settings (Proxies)

This worked fine but I always worried that some traffic my not flow through my tunnel. I’d usually verify that everything was set up properly by visiting a site such as ipchicken.com which echoes back your IP address (and verifying that it is my home IP).

However, this is error prone since you need to explicitly direct traffic through the tunnel and some applications may not use your system’s proxy settings. So I recently started redirecting traffic through the tunnel using a firewall rule rather than in specific applications. This ensures all traffic will go through the tunnel.

After doing some research I found a tool which acts as a transparent proxy called redsocks (http://darkk.net.ru/redsocks/) and configured my firewall to redirect. (adapted from http://lucumr.pocoo.org/2013/1/6/osx-wifi-proxy/)

  1. install redsocks (sudo brew install redsocks)
  2. configure redsocks to proxy traffic from port 8888 to localhost:8080
    base {
        log_debug = on;
        log_info = on;
        log = stderr;
        daemon = off;
        redirector = generic;
    }
    
    redsocks {
        local_ip = 0.0.0.0;
        local_port = 8888;
    
        ip = 127.0.0.1;
        port = 8080;
    
        type = socks5;
    }
  3. install firewall rules to redirect traffic to proxy (sudo ipfw add 00100 fwd 127.0.0.1,8888 tcp from me to not me not dst-port 22)

So this worked great until I tried to connect to a vpn which was using split tunneling. VPN traffic would travel through the tunnel but all other traffic does not. Since my firewall rule was capturing all traffic I think it caused none of the vpn traffic to travel through the tunnel, so to fix this I added a rule with a higher precedence which would allow all vpn traffic through the tunnel.

  1. figure out what tunnel the vpn is using (netstat -nr)
  2. allow traffic to that tunnel (sudo ipfw add 00010 allow tcp from me to any via utun0)

From what I understand though, using a ssh tunnel as a vpn is not ideal since tcp over tcp can result in very poor performance. This seems to be working pretty well for me as a quick way to secure my internet access on the occasion that I’m on public wifi. I’m aware that this set up doesn’t tunnel my dns traffic but that can easily be done by adding a rule to route udp traffic through the tunnel as well.

Let me know if you guys have any suggestions or feedback!

2 Comments

Halloween Automatic Photobooth

Halloween at Workday is crazy. The office transforms in to different worlds from movies and video games (see photos from last year’s Halloween).

The theme for our team this year was Super Mario. Part of our decorations included a photobooth which captures photos of people punching a mystery box hanging from the ceiling. A trigger was rigged inside the mystery box (A) which triggered a pocket wizard (wireless transmitter). The pocket wizard fired off my camera (B) tethered to a laptop running EOS Utility. EOS Utility automatically downloads the image to the laptop and displays it on a 2nd monitor (C) for you to see immediately. I also wrote an application which continously scans for photos to upload to my SmugMug gallery and displays a QR code you can scan to get your photo (D).

Photobooth Setup

The photos were uploaded here: http://gallery.prenticew.com/Workday/Mario-Photobooth

Sample Image

Sample Image

4 Comments

Discovering Research Week at Cal Poly YouTube Ad

This begun as just a joke over dinner, that we should do a spoof of “The Man Your Man Could Smell Like” commercial for Old Spice, and now — here it is:


Discovering Research Week @ Cal Poly (http://www.youtube.com/watch?v=4E84Ax0p_1c)

When we shot this, we didn’t actually have the Discovering Research Week passports so I got to use Mocha for AE for the first time. Mocha is AMAZING. I also never used the sky as a blue screen before but it worked surprisingly well!. Unfortunately it was very windy when we shot this and I lack time and fancy-expensive equipment to make things better. All this was shot on camcorders rented from MDS on campus. Maybe some day I can afford the 5D Mark II :).

Special Thanks to
Dana Tryde at Clark Valley Farm
El Abar the horse
and Kara Schricker

If you’re bored, check out the other commercials I’ve done for eWeek: http://www.youtube.com/cpsloesc

No Comments

Yosemite Trip, Summer 2009

IMG_2692

This post contains hi-res images: Please hide the sidebar by clicking HERE.

 

This past weekend, my friends and I took an awesome trip to Yosemite. For our 3 day trip, we planned on hiking Cloud’s Rest when we got there on Saturday, Half Dome on Sunday and go relax and rafting in the valley on Monday before we drive home.

Sept 5 - Driving to Yosemite!

So to get there early enough to do Cloud’s Rest we decided to leave SLO at around 5am and drive to Tenaya Lake where we’d start our hike.

Fires

Unfortunately when we got there, the road to Tenaya Lake was closed due to the fires… so change of plans…

IMG_2715

We decided to stop at Bridalveil Falls and explore that area since it was on the way into the valley…

IMG_2719

There was nearly no water left coming down the falls so we were able to climb all the way into the base of the waterfall!

IMG_2737

Nick ventured into the icy cold waters :)

IMG_2769

We also stopped to get some food Nadia really seemed to enjoy…

Tent Cabin in Curry Village

Then met up with Eric and Angie to hike around Mirror Lake… which was also completely dry!

IMG_2792

IMG_2820

IMG_2823

Beautiful greenery

On the hike I found this squirrel who was lit just perfectly by a ray of sun that broke through the trees above…

Can't leave Yosemite without a squirrel pic

IMG_2884

On our way back to Curry Village, we encountered some deer near the campgrounds…

IMG_2901

It was interesting that we saw more deer here than during our Half Dome hike. All the hikers must have scared the deer away from the trails :(.

IMG_2909

We also encountered some assholes who decided to litter beer cans all over the ground… so Nick heroically ran to recycle them :)

IMG_2930

Then we took a nice drive up to the top of Glacier Point where we got a good view of Half Dome.

IMG_2923

There were some pretty amazing views from up there and we even packed an awesome dinner Nadia made for us to enjoy with the scenery!

IMG_2970

The next day we began our hike before the sun rose… at 5 am, we left Curry Village.

IMG_4649

Amazingly, even the Mist trail was dry…

Mist Trail

It was freezing once we got up to Nevada Falls… I think the temperature was in the 50’s or 40’s!

Nadia and Nick

After many more hours of hiking, we were close… nearly to the top!

Almost there!

We then stopped for lunch and rested up our feet for the long hike up the stairs…

180 on the way to Half Dome

Up the stairs

and then up the cables…

Half Dome

a super steep climb, nearly 60 degrees maybe at some points.

IMG_4740

But we finally made it to the top!

360 Half Dome

Nadia at the top of Half Dome!

We made it!

And stood on inspiration point…

Nadia on Inspiration Point

Top of Half Dome!

And jumped some more….

We on top of the world baby!

We even saw a man in a Kilt on top of Half Dome!

Man in Kilt on Inspiration Point

Then it was time to go down…

IMG_4797

Almost a straight plunge down…

IMG_4808

IMG_4800

Better not let go :)

Hold on tight...

After making it back down, we hiked to Nevada Falls…

IMG_4813

where we cooled off our feet in the awesome water…

Dippin' our feet in the water.

and filled up our water bottles….

IMG_4819

and jumped some more…

Nevada Falls

Sept 6 - Hiking to Half Dome

then we continued our journey back down…

IMG_4900

By the time we got back, it was already dark… so we started hiking before the sun rose and got back after the sun set. It was an epic hike that took over 12 hours climbing over 5000ft in approximately 16 miles.

IMG_4918

The next day we had anticipated rafting, but since there’s hardly any water left in the river… that was closed for the season. We ended up touring the awesome architecture of the Ahwahnee Hotel and then hitting the rocks at Bridalveil Falls again.

Sept 7 - Leaving Yosemite

And alas, it was time to say goodbye to the beautiful place and drive on home!

All these photos and more are in this slideshow below and in this set on
Flickr:

, , , , ,

1 Comment

ACM Banquet Center Pieces

_MG_6808

I had fun making these :P… roses and gold fish!

No Comments

Documenting your life in 24 frames.

I found this really cool project called A Million Little Pictures: Documentary (http://arthousecoop.com/projects/amlp/about).  Basically, you sign up… they send you a disposable camera… and you’re supposed to document your life in 24 photos.  Which leads me to think… if I were to document my life in 24 photos… what would I take pictures of?

, , ,

13 Comments

Remember the Milk

I was looking for a simple GTD app I could host myself, eventually modify a little to integrate with my Google Cal and sync with my phone… but I have come across something far better!  Remember the Milk (RTM) is a simple yet robust webapp which synchronizes with gCal and iCal.  The basic account is free but for $25 a year, the pro account allows you to sync with MilkSync.

url: www.rememberthemilk.com

, , ,

No Comments

Subscribe!

Get email notification when posts are made!

>>> Click the Subscribe link on the sidebar >>>

Get access to protected posts.

No Comments