Tech Tinkering

New home for Miscellaneous Tech Projects/Procedures

We'll see how these shakeout ... I suspect there will be some reorganization and categorization of topics  (e.g. smarthome, privacy) as page develops.  Notes on this page will likely be very random and may well be incomplete or a total mess!

Salvaged sub pages:

Misc Tech Notes, Tweaks or Struggles

OpenWRT on Linksys EA6350 V3 [In Process]

Ghadzooks!  STILL A WORK IN PROCESS - OpenWRT is a tad squirrely. 
Attempt #3 below seems to be confused about which DNS to use on which interface! 

------------------------------

Third time is the Charm!    I had been running GREAT for a quite a while, but noticed something was originally set wrong as I attempted to more devices onto the new network.  Needed to go back to retrace my steps AGAIN!  Pay particular attention to the first prep-step in The Quickstart Guide:  "Don't rush the installation, take your time. If something seems weird during installation, find answers first before continuing".

-----------------------------------------

Take 2:  I had this all working (quite well!) ... THEN ... went in to create an isolated network for our IOT 'Things' and mucked it all up! 
Starting from scratch *and* leaving some tracks for the next time I muck it up!

-----------------------------------------

**** Attempt 3  - This part works ****

***** The next part May STILL needs work *****

Now ... [CAREFULLY] Sing-a-long w/ https://openwrt.org/docs/guide-quick-start/start


 /// Wow, not for the faint of heart!!!,  twoudn't be any easier via cmdline!!  ///

****************

***********************

Initial Boot (or after factory reset - the button works on OpenWRT!)

Should be:   kernsize=500000

VERY quickstart for our net:


Removing "Classic" Google Sites from the Interweb [done?]

Now that Classic Google Sites have finally disappeared it seemed like a good time to do some cleanup:  search engines, web analytics and such ... 

Some breadcrumbs & notes in case I ever need to do something like this again:

Removing "New" Google Site from Google Analytics [done]

During cleanup from final shutdown of Classic Google Sites I was stumbling thru Google Analytics aftermath and decided to simply stop using the thing!  Google Analytics 4 (GA4) has really been more frustrating than useful and I'm really not wild about the concept of internet tracking.  Search engine statistics are will do the job if I'm ever curious ... Google Search Console, Bing Webmaster Tools, etc

Here are the steps used to stop using Google Analytics on our Google Sites:

3.  Clean up website disclaimers or warnings about use of Google Analytics in Privacy Policies and such.  

[ToDo] - Check on cookies after all of this.  Looks like 2 of them left (unavoidable?) - "CONSENT" and "NID" 

Greenbone/OpenVAS on Parrot OS 5.6  [Solved]

A little adventure getting OpenVAS (Vulnerability Analysis tool) working.   Originally thought I had it running on my AAO netbook but it was too slow/weak.   Retracing my steps here on a bigger/faster x86 machine just to to see if it really runs .... It Does Run!

Background:  It LOOKED like Greenbone/OpenVAS was pre-installed on the Parrot HTB Edition but apparently not quite right ... here are notes from attempts to get it working.  


Step by Step


Greenbone/OpenVAS appears to be installed w/ Parrot menu items for most of the GVM setup and admin.  Just a few tweaks to get it all working.  This should be the quick step-by-step on a new install of ParrotOS (If interested, see below for my original debug.) 





chown _gvm /var/log/gvm/openvas.log


 sudo systemctl stop gsad.service
 sudo systemctl disable gsad.service

edit /usr/lib/systemd/system/greenbone-security-assistant.service (which appears to be the same as /user/lib/systemd/system/gsad.service)
Changed the execstart line to look like this (it was 127.0.0.1)

 ExecStart=/usr/sbin/gsad --listen 0.0.0.0 --port 9392

Bring it all back up

sudo systemctl enable gsad.service

sudo systemctl daemon-reload

sudo systemctl start gsad.service


Note:  My system periodically displays timeout when starting gsad.service ... BUT ... all seems OK!   It must simply be slow ...

 Job for gsad.service failed because a timeout was exceeded
 See "systemctl status gsad.service" and "journalctl -xeu gsad.service" for details.



That should do it ...


***********************************************


Original Stumble-by-Stumble (prob a mess) 


Notes from initial attempt to get it working ... useful or not?


via terminal or ssh:


Step 1: Checking OpenVAS (Scanner)...
ERROR: No OpenVAS Scanner found.
 FIX: Please install OpenVAS Scanner.

ERROR: Your GVM-21.4.3 installation is not yet complete!

Please follow the instructions marked with FIX above and run this script again.


 Test completeness and readiness of GVM-21.4.3

Step 1: Checking OpenVAS (Scanner)...  

       OK: OpenVAS Scanner is present in version 21.4.4.

       OK: Server CA Certificate is present as /var/lib/gvm/CA/servercert.pem.

Checking permissions of /var/lib/openvas/gnupg/*

       OK: _gvm owns all files in /var/lib/openvas/gnupg

       OK: redis-server is present.

       OK: scanner (db_address setting) is configured properly using the redis-server socket: /var/run/redis-openvas/redis-server.sock

       OK: redis-server is running and listening on socket: /var/run/redis-openvas/redis-server.sock.

       OK: redis-server configuration is OK and redis-server is running.

       OK: _gvm owns all files in /var/lib/openvas/plugins

       OK: NVT collection in /var/lib/openvas/plugins contains 115774 NVTs.

Checking that the obsolete redis database has been removed

       OK: No old Redis DB

       OK: ospd-OpenVAS is present in version 21.4.4.

Step 2: Checking GVMD Manager ...  

       OK: GVM Manager (gvmd) is present in version 21.4.5.

Step 3: Checking Certificates ...  

       OK: GVM client certificate is valid and present as /var/lib/gvm/CA/clientcert.pem.

       OK: Your GVM certificate infrastructure passed validation.

Step 4: Checking data ...  

       OK: SCAP data found in /var/lib/gvm/scap-data.

       OK: CERT data found in /var/lib/gvm/cert-data.

Step 5: Checking Postgresql DB and user ...  

       OK: Postgresql version and default port are OK.

gvmd      | _gvm     | UTF8     | C.UTF-8 | C.UTF-8 |  

       OK: At least one user exists.

Step 6: Checking Greenbone Security Assistant (GSA) ...  

Oops, secure memory pool already initialized

       OK: Greenbone Security Assistant is present in version 21.4.4.

Step 7: Checking if GVM services are up and running ...  

       Starting ospd-openvas service


the control process exited with error code.

See "systemctl status ospd-openvas.service" and "journalctl -xeu ospd-openvas.service" for details.

       Waiting for ospd-openvas service

       ERROR: ospd-openvas service did not start.

       Please check journalctl -xe

Sep 28 03:15:41 parrot openvas[2635]: init_openvas: Can not open or create log file or directory. Please check permissions of log files listed in /et>

Sep 28 03:15:47 parrot openvas[2636]: init_openvas: Can not open or create log file or directory. Please check permissions of log files listed in /et>

Sep 28 03:15:52 parrot systemd[1]: ospd-openvas.service: Control process exited, code=exited, status=1/FAILURE

░░ Subject: Unit process exited

░░ Defined-By: systemd

░░ Support: https://www.debian.org/support

░░  

░░ An ExecStart= process belonging to unit ospd-openvas.service has exited.

░░  

░░ The process' exit code is 'exited' and its exit status is 1.

Sep 28 03:15:52 parrot systemd[1]: ospd-openvas.service: Failed with result 'exit-code'.

░░ Subject: Unit failed

░░ Defined-By: systemd

░░ Support: https://www.debian.org/support

░░  

░░ The unit ospd-openvas.service has entered the 'failed' state with result 'exit-code'.

Sep 28 03:15:52 parrot systemd[1]: Failed to start ospd-openvas.service - OSPd Wrapper for the OpenVAS Scanner (ospd-openvas).

░░ Subject: A start job for unit ospd-openvas.service has failed

░░ Defined-By: systemd

░░ Support: https://www.debian.org/support

░░  

░░ A start job for unit ospd-openvas.service has finished with a failure.

░░  

░░ The job identifier is 3151 and the job result is failed.

Sep 28 03:16:19 parrot sudo[2640]:     tped : TTY=pts/1 ; PWD=/home/tped ; USER=root ; COMMAND=/usr/bin/journalctl -xe

Sep 28 03:16:19 parrot sudo[2640]: pam_unix(sudo:session): session opened for user root(uid=0) by tped(uid=1000)


chown _gvm /var/log/gvm/openvas.log

       OK: ospd-openvas service is active.

       Starting gvmd service

       Waiting for gvmd service

       OK: gvmd service is active.

       Starting gsad service

       Waiting for gsad service

       OK: gsad service is active.

Step 8: Checking few other requirements...

       OK: nmap is present in version 21.4.4.

       OK: ssh-keygen found, LSC credential generation for GNU/Linux targets is likely to work.

       WARNING: Could not find makensis binary, LSC credential package generation for Microsoft Windows targets will not work.

       SUGGEST: Install nsis.

       OK: SELinux is disabled.

       OK: xsltproc found.

       WARNING: Your password policy is empty.

       SUGGEST: Edit the /etc/gvm/pwpolicy.conf file to set a password policy.


It seems like your GVM-21.4.3 installation is OK.


**********************

SAVE THIS ... it happened on the AAO but NOT this time around .... not sure what changed, but was a dickens to fix 



Learning Python [AGAIN]

Building a NLP Python Development Environment:  Attempting to get the same world on Macbook AND Raspberry Pi.  Probably just a bookmark collection for now:

SpaCy on my Pi and Mac?

Virtual Environments:  Everybody seems to be doing it!

Lightweight/Simple IDE that runs on Mac and RPI


Apple Homekit:  Interfacing Non-compliant Cameras [done]

Homebridge Tweak:  Adding Cameras to Apple Homekit world to integrate into IOS Home app and to see how they may fit into home automation.  The following uses older/cheap WiFi cameras that were previously interfaced using their own apps.  Not too difficult, here are a few notes and links from the activity. 

Camera Plugins:   Gadzooks!  There were 20 options when searching for Homebridge plugin @  https://www.npmjs.com/search?q=keywords%3Ahomebridge%20camera.    Settled on Homebridge Camera FFmpeg, it seems to works fine.  Installed plugin via Homebridge Config UI X .  Some camera naming oddities but plugin seems to do fine with multiple cameras. 

Interface strings for cameras:  There is a large database of working/tested configurations on GitHub, will submit our working configs to the DB if everything seems solid.   There is also a handy-looking RTSP directory @ https://security.world/rtsp/.  

Other useful links:

Bottom-line:   Cameras work but of marginal utility, will play with adding MotionEye to our HomePi world to incorporate into home automation.

Migrate from Smartthings V1 hub to Aerotec [done]

We will see how this all works out:   Samsung/Smartthings sent an email offer to get an Aeotec hub for $35.  Appears that ST is getting out of the hardware biz?   Anyhoo, our ST hub is pretty old, v1 from 2014 or ..... so .... I bought the new hub.  Will attempt to keep ST devices going for a few more years - looks easier than making a zigbee/z-wave gizmo out of a Raspberry Pi!   This chatter may become a page of its own ...

Objective:  Migrate ST V1 home hub and devices to Aeotec

Notes/Research 

Step by Step (apparently no migration tool for ST Hub V1 to Aeotech .... soooo hereeeee weeee goooo)





MoviePi:  Fix YouTube Kodi App [solved]

Background:  YouTube Add-on on Kodi stopped working in past year or so.  I simply stopped using it on my parent's MoviePi.  Created another MoviePi for our house and YouTube seemed to work fine ... FOR A WHILE.  I'll be back to figure this out and clean this up

I fugured this out a while ago - step-by-step is in MoviePi Recipe

Notes/Research 


Duplicate LIFX Bulbs in Homekit [solved]

Another cleanup item

The Problem:  One of our LIFX (wifi) bulbs appears to have paired with Smarttings AND Homekit.  Shows up twice in home app.

This was easily fixed when I moved from the Smartthing Hub to Aerotec - THERE WAS NO MIGRATION TOOL!  I simply reset the LIFX bulbs and now use native HomeKit (Apple), never moved them back to Smartthings!   See below ... we now now using Smarthings for as little as possible ... in our home, only to control original Smartthings devices (Centralite Zigbee) or Z-Wave.  

Factory Reset article here - https://support.lifx.com/hardware-resetting-your-lifx-ryXKbdiLO


Hue V1 Bulb Factory Reset [solved]

The Big Issue:  Our "Smarthome" is getting outdated.  Hubs and devices purchased during the dawn of IoT are slowly being dropped from support

Little Issue:  We have a lone v1 Hue Light bulb  that was paired directly to a v1 Smartthings hub.  I needed to factory reset it and move to the Hue Hub in an attempt to get a few more years out of it.  Here's my How-to-collection and hopefully a procedure that works

Circa 2017 (some broken links):

Easier than the last time I tried this ... BUT ... 

ST "Smart Lighting" app is now gooffed upped!  When I try to adjust ANY Automations in the Smart Lighting App  - I see "Something Went wrong.  Please try to reinstall the SmartApp again" ... which is a pain in the arse because we have all sorts of  complicated lighting automations that were really hard to define on the stupid ST app in the first place.

Ack!  Rebooted the hub, reset all IOS ST apps, still the same ... will have to hand-record all automations and delete, re-add the "Smart Lighting App"(This is going to turn out bad, I just know it!) .  The topic is on fire on the ST support board @ https://community.smartthings.com/t/help-smart-lighting-app-issue-with-error-something-went-wrong-please-try-to-install-the-smartapp-again.  I put a watch on it and filled my email inbox!

I basically recreated all of the Smart Lighting App rules using the 'Automations' feature on the new ST app.  Really wasn't that bad to do.  I'll bet the ST folk are trying to get others to use this feature and get rid of the smart apps.  They should just say something on the forum!

Stuff to Research

Data Privacy, Data Science & Division  - How'd we get here?