I do not want this to be used for a nefarious purpose. totally legitimate, only my computers.
im trying to figure out the best way to secure my laptop incase it ever gets stolen. here are some of the things i would like to be able to do with it incase it does ever vanish.
when they connect it to the internet i want some way to get the IP they are connecting from. i have heard of dyn dns i think its called. it does something like this.
i want complete remote control of the laptop including screen view and key logging. i dont want to use teamviewer cause you can tell when its connected to.
it would be cool if i could include a way to send it a message somehow no matter where it is connected from to start a connection back to me. lets say every time it gets on the internet from a new IP it checks to see if its an approved IP. if not then it will create a automatic connection back to my other laptop. this shouldnt be too hard. set up a website with port forwarding. everytime the laptop connects to the internet it connects to that site, verifies approved IPs, if not approved it will connect to the site which forwards the request to my other laptop. i wouldnt know how to do the IP verification though.
then if its not an approved IP have it start various tasks in the background, keylogger, screen capture, have it delete/hide/encrypt certain files, backup certain files to the website, send me the networks info (name/password), etc
think you guys could help me out with this project? i think it would both fun and cool to have.
** i have found a few programs out there that do some of these things but not all of them, and none of them are automatic. i want more control than what they offer. Prey looked cool but it doesnt offer a keylogger. i dont think any of them do actually. and none of them are automatic (i think). you have to log in and start the process. that does no good if im at work when its stolen and i dont know about it and the thief has been on it all day.
if someone could sit down with me and seriously help me out on this (i cant program worth crap) im willing to pay for the time and help. i cant afford a lot but it will be worth it.
stolen laptop security
Re: stolen laptop security
really? no one is willing to help me with this? its too complicated for just me. i need to find a programmer.
Re: stolen laptop security
There's a lot of moving pieces here, and I'm drunk so I'll try to make sense
First off, if you have not implemented full disk encryption on your machine and it is stolen, then it is compromised. There isn't any wiggle-room here; however, this actually causes a problem because if a drive is full disk encrypted, and there is no access, then a savvy thief will just format and begin anew; which destroys any effort you put into controlling your machine.
At any rate, you are right in that you will need a dynamic DNS service, I've used freedns.afraid.org for a while now (2 years), and have no complaints.
The approved IP part is difficult. Say you have a router with IP forwarding in your office, and a server which listens for a remote connection from your stolen computer through your dyndns setup. Whenever the server hears the remote call, it will have the routers IP address... that's not very useful.
I would imagine that if you had a script running every hour or so, looking for the local IP of another `test` machine in your network, and acting in response to the absence of that machine... you would have better luck then trying to whitelist an ever changing IP that your provide issues you.
As for keylogging and control, I find myself wondering what OS you are using...
You could set up an ssh account (is RDP the windows equivilant) with root or admin privileged, and then have your script reach out to the local `test` machine. If the test machine is not found, then it will push IP address information to an email account you control; in which case you could remote login and activate whatever reconnaissance actions you would want to.
Here's hoping that made some sense
First off, if you have not implemented full disk encryption on your machine and it is stolen, then it is compromised. There isn't any wiggle-room here; however, this actually causes a problem because if a drive is full disk encrypted, and there is no access, then a savvy thief will just format and begin anew; which destroys any effort you put into controlling your machine.
At any rate, you are right in that you will need a dynamic DNS service, I've used freedns.afraid.org for a while now (2 years), and have no complaints.
The approved IP part is difficult. Say you have a router with IP forwarding in your office, and a server which listens for a remote connection from your stolen computer through your dyndns setup. Whenever the server hears the remote call, it will have the routers IP address... that's not very useful.
I would imagine that if you had a script running every hour or so, looking for the local IP of another `test` machine in your network, and acting in response to the absence of that machine... you would have better luck then trying to whitelist an ever changing IP that your provide issues you.
As for keylogging and control, I find myself wondering what OS you are using...
You could set up an ssh account (is RDP the windows equivilant) with root or admin privileged, and then have your script reach out to the local `test` machine. If the test machine is not found, then it will push IP address information to an email account you control; in which case you could remote login and activate whatever reconnaissance actions you would want to.
Here's hoping that made some sense
knuffeltjes voor mijn knuffel
[img]http://i911.photobucket.com/albums/ac320/stuphsack/Sig.jpg[/img]
[img]http://i911.photobucket.com/albums/ac320/stuphsack/Sig.jpg[/img]
Re: stolen laptop security
After a bit of rest it occurs to me that; it would not work to have you machine forward information to an email account.
Most users operate behind a firewall built in to their router; so, even with IP information being reported to you, there is a chance that your connection would be halted at their router.
A solution would be to have your stolen computer call out a connection to a web address every once in a while, that you could catch... this poses it's own security issues though.
A more complicated, although slightly more secure way might be to have your script scrape a web page you control, and parse the scrapings into commands that you are issuing. (I use web page here because it's simple; you could just as easily use IRC for command and control) The advantage of using a web page though is that no one blocks port 80 I guess.
Most users operate behind a firewall built in to their router; so, even with IP information being reported to you, there is a chance that your connection would be halted at their router.
A solution would be to have your stolen computer call out a connection to a web address every once in a while, that you could catch... this poses it's own security issues though.
A more complicated, although slightly more secure way might be to have your script scrape a web page you control, and parse the scrapings into commands that you are issuing. (I use web page here because it's simple; you could just as easily use IRC for command and control) The advantage of using a web page though is that no one blocks port 80 I guess.
knuffeltjes voor mijn knuffel
[img]http://i911.photobucket.com/albums/ac320/stuphsack/Sig.jpg[/img]
[img]http://i911.photobucket.com/albums/ac320/stuphsack/Sig.jpg[/img]