New Screen Capture Website

I’ve just finished building a brand new website called ScreenDrink.com. The purpose of this site is to provide image screen captures of websites. The key differentiator for this new site is I’m providing https as well as http access to the images.
This means you can keep your sites secure without serving insecure content from services you utilize.

I am currently self-hosting the site but if there is enough interest and usage, I’ll move the site into the cloud for more space and reliability.

Visit http://www.screendrink.com to learn how to use the free service on your own website!

Tanium How-to SigCheck

If you’ve read my blog over the past few days, you already know that I now work for Tanium. Tanium has a self-named product that is used at many of the top fortune 50 businesses to help them manage and get instant answers on the most common security and systems management questions they face in mere seconds!
I thought I’d start sharing some how-to articles related to the product. I’m still learning myself so I will share as I learn. For this first article, I thought I’d start slightly after the beginning. I’m sure anyone reading this has gotten the full intro and some basic training from their assigned Technical Account Managers. And if you have any questions, the TAMs are always listening and willing to help!
Now, for this first article I want to tackle a problem that comes up all too often when distributing software that might be used by the Tanium client itself. In the example below, I will teach you how to distribute the Sysinternals tool called SigCheck. To do this you will need to produce a few pieces of content:
1. “Has SigCheck” is a sensor that checks your endpoints and determines if you have the utility already installed or not. This sensor allows you to ask the following question: Get Has SigCheck from all machines. This question needs to return a Yes or No depending on the presence of the sigcheck.exe utility.
2. “Distribute SigCheck” is a package that pulls the SigCheck.zip from the Sysinternals website, it also pulls an unzip utility from our Tanium content site and since we’re building this on the Community website, pulls the distributesigcheck.vbs from the Tanium Community website.

The logical process once our content is built is as follows:
1. Ask the question “Get Has SigCheck from all machines”
2. Select the No answer and deploy an action, choose the “Distribute SigCheck” package and you’re execute.

“Has SigCheck” Sensor
Of course this all starts with the basic “has” sensor. To build this we’ll be writing an extremely simple sensor that will check the existence of our file within the Tools directory of our Tanium Client. This vbscript will look a little something like this:

‘========================================
’ Has SigCheck Utility
’========================================

’ This sensor will report on the existence of the sigcheck file.

Option Explicit
Dim objFSO
Dim strTaniumToolsDir, strFile
Set objFSO = CreateObject(“Scripting.FileSystemObject”)

strFile = “sigcheck.exe”
strTaniumToolsDir = GetTaniumDir(“Tools\Sigcheck”)

If objFSO.FileExists(strTaniumToolsDir&strFile) Then
WScript.Echo “Yes”
Else
WScript.Echo “No”
End If

Function GetTaniumDir(strSubDir)
‘GetTaniumDir with GeneratePath, works in x64 or x32
‘looks for a valid Path value

Dim objShell
Dim keyNativePath, keyWoWPath, strPath

Set objShell = CreateObject(“WScript.Shell”)

keyNativePath = “HKLM\Software\Tanium\Tanium Client”
keyWoWPath = “HKLM\Software\Wow6432Node\Tanium\Tanium Client”

’ first check the Software key (valid for 32-bit machines, or 64-bit machines in 32-bit mode)
On Error Resume Next
strPath = objShell.RegRead(keyNativePath&“\Path”)
On Error Goto 0

If strPath = "“ Then
’ Could not find 32-bit mode path, checking Wow6432Node
On Error Resume Next
strPath = objShell.RegRead(keyWoWPath&”\Path“)
On Error Goto 0
End If

If Not strPath = ”“ Then
If strSubDir <> ”“ Then
strSubDir = ”" & strSubDir
End If

Dim fso
Set fso = WScript.CreateObject(“Scripting.Filesystemobject”)
If fso.FolderExists(strPath) Then
If Not fso.FolderExists(strPath & strSubDir) Then
’’Need to loop through strSubDir and create all sub directories
GeneratePath strPath & strSubDir, fso
End If
GetTaniumDir = strPath & strSubDir & “"
Else
’ Specified Path doesn’t exist on the filesystem
WScript.Echo ”Error: “ & strPath & ” does not exist on the filesystem“
GetTaniumDir = False
End If
Else
WScript.Echo ”Error: Cannot find Tanium Client path in Registry"
GetTaniumDir = False
End If
End Function ’GetTaniumDir

Function GeneratePath(pFolderPath, fso)
GeneratePath = False
If Not fso.FolderExists(pFolderPath) Then
     If GeneratePath(fso.GetParentFolderName(pFolderPath), fso) Then
         GeneratePath = True
         Call fso.CreateFolder(pFolderPath)
     End If
 Else
     GeneratePath = True
 End If
End Function ’GeneratePath

Notice that I have copied code from existing sensors, namely the GetTaniumDir function (also requires GeneratePath and RegKeyExists) which reads the registry to determine where our client is installed. Providing an argument will append that to the end of the Tanium directory that was read. The new community will soon have the feature to add reusable code blocks like this with a simple checkbox. But until then, simply copy-paste the functions needed from other code.

“Distribute SigCheck” Package
The distribution package has multiple components that are a bit complicated when combined together. I will boil down each component and help you build this package. The Tanium Client will automatically download all files related to the package for us… they’ll all be sitting in the working directory of the command line we specify. Typically that is Tanium Client\Downloads\Action_XXXX. Knowing that, let’s look at the overall logic we’ll be using:
1. Unzip the SigCheck.zip file
2. Get the Tanium client directory using the same reusable code we added to the sensor.
3. Copy the SigCheck.exe into the Tools directory under the Tanium Client directory.
4. Agree to the Sysinternals EULA by indicating agreement within the Registry. (this is required or the SigCheck utility will hang every time waiting for user input which will never come since you’re running as SYSTEM on the endpoint).

Distributing SigCheck

Steps 1, 2, and 3: Unzip SigCheck.zip into Tools Directory
To unzip our utility we acquired from Microsoft, we’ll need to use a command line unzip utility. In the official content, we often use 7za.exe. It is an extremly small utility we will add to our package with the following details:

Filename: 7za.exe
URI: https://community.tanium.com/files/7za.exe
SHA–256: c136b1467d669a725478a6110ebaaab3cb88a3d389dfa688e06173c066b76fcf
Check for Updates: Never

The following reusable code block will be used to unzip our utility zip file:

Sub Unzip(strZipFilePath, strTargetDir)
’ Takes full file path to zip file, path to target directory
’ will extract to target directory as a subdirectory
’ overwriting anything in the subdirectory and showing no UI.
 Dim objShell, objFSO, strCurrentDir, strZipUtil
 Dim strTempDir, strZipFileName, strCommand, intResult

 Set objShell = WScript.CreateObject("WScript.Shell")
 Set objFSO = CreateObject("Scripting.FileSystemObject")

 strCurrentDir = Replace(WScript.ScriptFullName, WScript.ScriptName, "")

 If Not objFSO.FileExists(strZipFilePath) Then
     WScript.Echo "Cannot continue - " & strZipFilePath & " does not exist"
     Exit Sub
 End If

 strZipUtil = strCurrentDir & "7za.exe"

 If Not objFSO.FileExists(strZipUtil) Then 
     WScript.Echo "Cannot continue - " & strZipUtil & " does not exist"
     Exit Sub
 End If 

 If Not objFSO.FolderExists(strTargetDir) Then
     objFSO.CreateFolder(strTargetDir)
 End If

 strZipFileName = objFSO.GetFile(strZipFilePath).Name
 ' remove .zip from end"
 If InStr(LCase(strZipFileName),".zip") = Len(strZipFileName) - 3 Then ' ends in zip
     strZipFileName = Left(strZipFileName,Len(strZipFileName) - 4)
 End If
 strTempDir = strCurrentDir & strZipFileName
 WScript.Echo "Unzipping to " & strTempDir
 If Not objFSO.FolderExists(strTempDir) Then
     objFSO.CreateFolder strTempDir
 End If

 strCommand = Chr(34) & strZipUtil & Chr(34) & " x -y -o" & Chr(34) & strTempDir & Chr(34) & " " & Chr(34) & strZipFilePath & Chr(34)

 WScript.Echo "running unzip:"
 WScript.Echo "   command: " & strCommand

 objShell.Run strCommand, 0, True

 If objFSO.FolderExists(strTempDir) Then
     WScript.Echo "Copying " & strTempDir & " to " & strTargetDir
     On Error Resume Next
     intResult = objFSO.CopyFolder(strTempDir,strTargetDir,True) ' overwrite
     On Error Goto 0
     If intResult = 0 Then
         WScript.Echo "Success"
     Else
         WScript.Echo "Failure - result is " & intResult
     End If
 End If
End Sub ’Unzip

This function allows us to unzip with a single command: Unzip Source-Zip-File Destination-Folder
We’ll accomplish steps 1–3 in one fail swoop after setting up a few variables for use. We need the full path of our zip file as well as the destination folder to extract into. To get our current working directory where the zip file was downloaded for us, we can use the filesystem object as follows:

Set objShell = CreateObject(“WScript.shell”)
strCurrentDir = objShell.CurrentDirectory
To get the destination folder, we’ll reuse the technique we learned from the sensor above to get the tanium client directory:
strTaniumDir = GetTaniumDir(“Tools”)
Now accomplishing steps 1 through 3 is as easy as:
Unzip strCurrentDir&“\SigCheck.zip”, strTaniumDir

Step 4: Agree to Sysinternals EULA
Before we can execute the SigCheck utility, Sysinternals requires you to agree to their EULA. When you execute it for the first time a popup box appears with the EULA with an Agree or Cancel button. After some research I learned the EULA agreement flag is stored in the users profile inside of the registry. (HKEY_CURRENT_USER\Software\Sysinternals\SigCheck)
Before the Tanium Client can use this utility, the SYSTEM user must agree to the EULA. This presents a problem since SYSTEM doesn’t have a UI nor are we sitting at the thousands of machines we want to run the utility on. Thus we will need to indicate agreement by adding the “EulaAccepted” registry value. We’ll do that with the following code:

Dim WshShell
Set WshShell = WScript.CreateObject(“WScript.Shell”)
WshShell.RegWrite “HKEY_CURRENT_USER\Software\Sysinternals\SigCheck\EulaAccepted”, “1”, “REG_DWORD”
set WshShell = Nothing

Downloads
You can download the “Has SigCheck” sensor from the Tanium Community website at: https://community.tanium.com/repo/sensor/788
I’m still building the packages feature of our Community so I’ll follow up later with the package download link.

Bonus… Distribute SigCheck Automatically
All done! To review, we built a sensor to check the existance of our SigCheck utility and built a package to distribute it to our computers. The only problem now is we may want to have distribution occur anytime an endpoint comes online and doesn’t have the utliity. To accomplish this we’ll need to ask our new sensor question and deploy our new package with the reissue option specified. The following is a screen shot of what this looks like:

Reissue SigCheck

New Mac Enthusiast

It’s official enough that I’m willing to announce it. I am now a Mac person. During this past summer I traded my motorcycle for a Macbook Air and a few other gadgets and some cash for savings. This Macbook Air was used off and on as a place for me to develop the bigfix.me community content and as a way to separate work projects from personal ones. This worked out well, but it still was no where as equivalent to my desktop computer which was an i7 with 16gb ram and a SSD. The Macbook Air had a paltry i3, 4gb of ram and an SSD.
Since leaving IBM, I have since purchased the latest Macbook Pro (late 2013) with a retina screen and fully equipped… i7, 16gb ram and a 512mb SSD. Now this is a competitive piece of hardware and it’s portable.
I have since done everything on this new Mac, and what I can’t do here I remote into one of the dozen or so workstations and servers at my disposal. I even built the new Tanium community using PHP, jQuery, Ajax, Javascript and CSS using a very nice Mac app called Coda 2.
There is very little that I haven’t been able to do. If you haven’t tried a Mac before, I would challenge you to purchase a Macbook. Don’t forget to double-down and pay the extra to max out your configuration… you won’t be sorry!

New Job Announcement

As many of you may already know, I am no longer a BigFix Engineer with IBM. This is purely a voluntary thing as I have moved onto a new opportunity which, in my opinion, goes way beyond what BigFix, err IBM Endpoint Manager, can do.

logoEssentially, BigFix was “invented” back in the late 90’s. The technology was amazing and extremely advanced at the time. It remained so for more than a decade. If you examine the market for truely generic software that allows very large enterprises to manage hundreds of thousands of endpoints… you would be hard pressed to find more than a couple. BigFix would top that list and is used at many of the fortune 50 companies.

During my employment with BigFix/IBM, I founded an online community for BigFix enthusiasts to share knowledge, content and collaborate to solve problems. The http://bigfix.me community is still alive and extremely active with more than 1000 community members and nearly 500 visitors last week alone.

This community building experience and the projects I started as part of that community is what caught the attention of my new employer, Tanium, Inc.

Tanium is a software designed and built by the exact same people that invented BigFix all those years ago. Their decade long experience has served them well as they created the next generation of enterprise management software.

I joined Tanium with the express purpose of building a community to help customers solve huge problems with this truely amazing product. To give you a few hints, Tanium allows administrators the ability to ask plain english questions and get answers back from nearly 400,000 computers in 15sec–1min timeframe. I have personally seen this work on a 50,000 computer deployment with the customer getting responses back in less than a few seconds on a huge batch of computers and the entire query completeting in far less than a minute.

It took a few months, but I have just finished the first version of my new Tanium Community at http://community.tanium.com. This first itteration allows visitors the ability to search and download Tanium sensors as well as actually build them right on the website. Just like the inventors of Tanium drawing from their BigFix experiences, I too have pulled the knowledge I accrued while building the bigfix.me community to create this wonderful new community. Here are a few of the features I gave a lot of attention to:

1. Must be Mobile compatible. The new community is mobile friendly. It is built using the Responsive techniques I have learned about over the past 6 months. This means you can simply resize your browser and the website will adapt itself for your screen size.
2. Content building Teams. It is rare that enterprises have a single developer. Thus this new community allows for teams to work on content that is shared between them. Any community user can create one or more teams which they can then add any other community user as a member. This means any member of the team can add or edit content (sensors, packages, dashboards, etc) assigned to that team.
3. Private/Hidden content. Every piece of content uploaded or created on this new community website can be hidden. This means only you and your team mates can see it. This allows you to decide what is public and what is private and allows you to experiment with different content ideas before sharing it with the world.
4. One account to rule them all. This will occur in phases, but the Tanium KB and Forum will be pulled into our community and linked directly to your community account. This means you do not have to remember more than one username/password to take full advantage of this new community.
5. Common interface. This one is a bit unusual in that this new website very closely matches the interface used for product. As you use the website and/or the console for the product, you will become extremely familiar with the navigation. This means without any training you can seemlessly transition between the two.
6. Build content right on the website! This one is very different from my previous community experience. I wanted an almost effortless way to build content from this single interface. Having this built right into the community website means I will be able to open it up with lots of script writing enhancements and help menus to make developing content extremely easy.

I am very excited about my new opportunity here at Tanium. As time permits I will strive to publish more on the Tanium product, and my experiences building communities for top notch products like BigFix and Tanium.

Installing DB2 Enterprise v10.1

Extract installer file…

 

Run Prechecks…

SNAGHTMLf817c13

I already solved the first one… See below on how to disable SELinux on your RHEL system.

 

Below that, I’ll show you how to solve the missing packages so we can continue with DB2 installation

 

 

 

 

 


Fully Disabling SELinux

Fully disabling SELinux goes one step further than just switching into permissive mode. Disabling will completely disable all SELinux functions including file and process labeling.

In Fedora Core and RedHat Enterprise, edit /etc/selinux/config and change the SELINUX line to SELINUX=disabled:

# This file controls the state of SELinux on the system.
# SELINUX= can take one of these three values:
# enforcing - SELinux security policy is enforced.
# permissive - SELinux prints warnings instead of enforcing.
# disabled - No SELinux policy is loaded.
SELINUX=disabled
# SELINUXTYPE= can take one of these two values:
# targeted - Only targeted network daemons are protected.
# strict - Full SELinux protection.
SELINUXTYPE=targeted

… and then reboot the system.

(thanks… http://www.crypt.gen.nz/selinux/disable_selinux.html)


Installing dapl…

On my ISO are the various RPM packages I’ll need.  Attempting to install dapl resulted in additional dependencies…

image

…installing libibverbs…

image

…installing librdmacm…

image

and finally… it works

image


Installing sg3_utils…

This seems to be a recurring theme any time I play with *nix boxes.. dependencies upon dependencies…

image

…installing libsgutils2 which refers to sg3_utils-libs…

image

and finally… it works

image


I was unable to find an sg_persist package… so I re-ran the db2prereqcheck script… and looks like it is included in one of the packages that were installed… and v10.1.0.0 is ready for installation!

Back to the installation:

image

After answering some basic questions like where to install, etc…  it finished!

 

To validate it is running… try this:

ps –eaf | grep –i db2sysc

image

 

To automatically start DB2 instance…

/opt/ibm/db2/V10.1/bin/db2iauto –on db2inst1

image

Installing Microsoft SQL 2012

Like many of my step-by-step articles, it’s mostly for corporate level documentation purposes.

I won’t describe every screen, only those that include important decision points that affect my particular use case.

 

MSSQL_2012_Install_01

MSSQL_2012_Install_02

MSSQL_2012_Install_03

MSSQL_2012_Install_04

MSSQL_2012_Install_05

MSSQL_2012_Install_06

MSSQL_2012_Install_07

MSSQL_2012_Install_08

MSSQL_2012_Install_09

MSSQL_2012_Install_10

MSSQL_2012_Install_11

MSSQL_2012_Install_12

The above dialog is warning me that the firewall does not allow remote database connectivity.  The below command line can be used to open up the SQL port.  The cmd prompt must be opened with administrative permissions for this to work.
netsh advfirewall firewall add rule name = SQLPort dir = inprotocol = tcp action – allow localport = 1433 remoteip = localsubnet profile = DOMAIN

MSSQL_2012_Install_13

MSSQL_2012_Install_14

This is one of those major decision points.  My purpose for this database is to house the newest IBM Endpoint Manager v9 database… nothing else.  So I only require a few items to accomplish this simple task.  The following items are needed for my particular use case:

  • Database Engine Services
    • Full-Text and Semantic Extractions for Search
  • Management Tools – Basic
    • Management Tools – Complete

MSSQL_2012_Install_15MSSQL_2012_Install_16

MSSQL_2012_Install_17

MSSQL_2012_Install_18

MSSQL_2012_Install_19

MSSQL_2012_Install_20

MSSQL_2012_Install_21

In order to get IEM installed properly… an SA account is required. So I’ll configure the database authentication in “Mixed Mode” and specify a password for the SA account.

MSSQL_2012_Install_22

MSSQL_2012_Install_23

MSSQL_2012_Install_24

MSSQL_2012_Install_25

MSSQL_2012_Install_26

MSSQL_2012_Install_27

MSSQL_2012_Install_28

That’s all there is to it.  Installations are almost always straight forward… but some corporations require complete step-by-step documentation, I hope this fits the bill.

Installing Windows Server 2012

Recently I’ve had a need to setup a Windows Server 2012 and wanted to document the process for future attempts.

I won’t document every single screen, only those that include decisions to be made and considerations to be considered.

 

Windows_Server_2012_Install_01

Windows_Server_2012_Install_02

Windows_Server_2012_Install_03

Windows_Server_2012_Install_04

Windows_Server_2012_Install_05

I’ll be using this server as a root server for my new IBM Endpoint Manager v9, so a GUI would be very handy during install and general maintenance of that application.

Windows_Server_2012_Install_06

Windows_Server_2012_Install_07

At first I wanted to go with a regular install… not Custom… so I chose the top option.

Windows_Server_2012_Install_08

Turns out this is for upgrading an existing OS installation.  Since this is a brand new hard drive with no pre-existing OS, I should have chosen the “Custom” option.  After hitting Close, I was sent back to the very beginning of the installation.

Windows_Server_2012_Install_09

Windows_Server_2012_Install_10

Windows_Server_2012_Install_11

Windows_Server_2012_Install_12

Windows_Server_2012_Install_13

Once I arrived at the start up screen… it hung there for nearly 30 minutes.  Turns out since I was setting this up on a VMWare ESXi v5.0 server it doesn’t support Windows Server 2012.  So after some research I came across this article: http://kb.vmware.com/selfservice/microsites/search.do?language=en_US&cmd=displayKC&externalId=2006859 

I learned that I had to upgrade my VMWare ESXi server to a patch or v5.1… I opted for v5.1 and was able to get past this sticky part.

Windows_Server_2012_Install_14

Windows_Server_2012_Install_15

Windows_Server_2012_Install_16

Windows_Server_2012_Install_17

Windows_Server_2012_Install_18

Windows_Server_2012_Install_19

Windows_Server_2012_Install_20

The server manager has been redesigned for the new GUI.  Interesting choices…

Windows_Server_2012_Install_21

Windows_Server_2012_Install_22

Windows_Server_2012_Install_23

I don’t want this application to come up every time I log in… so choosing the Manager –> Server Manager Properties, I was able to check the “Do not start Server Manager automatically at logon”.

Windows_Server_2012_Install_24

Now I need to add my new server to my LDAP domain.  Choosing “Local Server” from the left menu…

Windows_Server_2012_Install_25

Click on “WORKGROUP” and the familiar computer properties dialog opens where you can change these settings.

Windows_Server_2012_Install_26

Windows_Server_2012_Install_27

Windows_Server_2012_Install_28

Windows_Server_2012_Install_29

Windows_Server_2012_Install_30

Windows_Server_2012_Install_31

Windows_Server_2012_Install_32

One restart later I was able to log in and I’m done.

Add Intelligence to your Home

home_automationI hobby in home automation and love to fiddle around with my home’s system.  As such, I was recently asked to design a system for someone’s new home. New to them, but the home is considered an “existing” home since it is fully built.  This is important to remember when designing a home automation solution for someone.

The following is what I recommended to them, figured you guys would be interested in some of the decisions I’d made regarding their new HS solution:

———————————————————–
Wireless Internet Router:
Before I decided on a business class non-wireless router… i was looking seriously at this one:

ASUS RT-ACU Dual-Band ($192.99) http://www.newegg.com/Product/Product.aspx?Item=N82E16833320115

But that might be too expensive… so go with one of it’s cheaper models ($107.99): http://www.newegg.com/Product/Product.aspx?Item=33-320-062%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20

Either one will set you up for wireless within the house. If you want to extend that coverage to a majority of your yard… consider going with a high-power wireless access point ($275): http://www.newegg.com/Product/Product.aspx?Item=N82E16833168099 This would extend your wireless coverage to a major portion of your yard.

If you’ll be adding a separate shop like your current one, you have two options for internet connections out there…

  1. Underground Wiring: http://www.platt.com/platt-electric-supply/Category-Cables-Cable-Outdoor-Rated/Honeywell-Genesis/50901008/product.aspx?zpid=611774
  2. Get a second outdoor access point to connect your house and shop together.

Reasons for connecting your shop…

  • a. you could setup a computer in the shop which is connected to a big screen TV. This could be a cheap one like the one for computer control… and it would run a program which puts the security system up on the TV.
  • b. Wireless internet would keep your cellular data usage on your phone low while you’re out there… pulling up video cameras takes a lot of bandwidth. If you’re on your cellular connection, better hope you have unlimited internet… otherwise be near a wireless access point.
  • c. If you choose not to run video surveillance wires to your shop… you can pick up wireless or wired IP cameras which will let you monitor them.

———————————————————–
Computer Control ~ $250
Would Need: PC, Controller, Modules — Cost: $159.94 + (each light) 38.81… plus shipping
You don’t need a super powerful system as the brain for your home. It basically does a lot of "watching" of sensors which is not particular resource intensive.

I’d go with something like this ($109.99): http://www.newegg.com/Product/Product.aspx?Item=N82E16883255979

To control stuff you’ll need a Z-Wave Controller ($49.95): http://store.homeseer.com/store/Aeon-Labs-Aeotec-Z-Stick-S2-Z-Wave-USB-Interface-P746C66.aspx

Appliance/Lighting modules to control desk lamps and such…

Other Z-Wave Recommendations

———————————————————–
Security ~ $250
Need: Alarm System Kit, Door/window sensors and Wire… Costs: $221 + (each door/window) $1.57 + (each motion) $15.55 + $40… + shipping

The security system comes in a kit with almost everything for the core system: http://store.homeseer.com/store/DSC-KIT32-219CP01NT-Hybrid-Wireless-Security-System-Kit-P1154C236.aspx (you’ll need the kit $213.50 + AC Power Transformer $7.50 + IT-100 Integration Interface $59.94 [get the it-100 interface if you’re doing the computer control])

Just because you pick and install the security system yourself doesn’t mean you can’t get professional security monitoring ($8.95/month): http://www.smarthome.com/alarm.html

SENSORS:
I’d also recommend wiring it yourself… it’s a hell of a lot cheaper, and I believe it is more reliable.

You’ll also need 4-conductor wire, for wiring the keypad to the box and computer if you wanted that.

Wireless sensors are a lot more expensive but saves a lot in labor
If you go wireless, you’ll require a wireless signal receiver ($55.18): http://store.homeseer.com/store/DSC-RF5132-433-PowerSeries-Wireless-Receiver-P1159C235.aspx

———————————————————–
Video Surveillance

You have two main options for video…

  1. Use a DVR which is a single purpose device and records connected computer for upwards of 1-2 weeks with the started 4-cameras. This option includes an iPhone app but it too is single purpose and can only view cameras, a separate app is required to for home control and remote security. This option can be WAY cheaper than option 2…
  2. Use wired or wireless IP cameras. This option is more expensive because each camera is a self-contained mini computer which connects to your wireless router or wired in using cat5 cable.

OPTION 1 – self contained DVR.
Need: DVR 4-camera Kit… Costs: $249 + $79… + shipping
I’d recommend you go with a DVR; this one is 8-channel with 4 cameras and wire included: http://www.newegg.com/Product/Product.aspx?Item=N82E16881192198

It doesn’t have a hard drive, so you’ll want to pick one up… 1Tb Hard Drive ($79): http://www.newegg.com/Product/Product.aspx?Item=N82E16822136776 (avoid Seagate since they can get really hot)

This DVR has 8 channels… so you can add 4 more cameras, includes wire, for only ($109): http://www.newegg.com/Product/Product.aspx?Item=81-339-014&ParentOnly=1

The DVR supports up to (2) 1Tb hard drives… Each camera will provide 30gigs of video every 24 hours. So with this 4 camera system… a 1Tb hard drive will support a week’s worth of video. If you add the additional 4 cameras, that’ll cut it to only 3.5 days, so get a second 1Tb hard drive to keep it at a week.

OPTION 2 – IP Camera, recorded on the computer
Need: IP Camera… Costs: $30 + (each camera) $100
If you want live monitoring this is great and can be fully integrated into the home control/security iPhone app and doesn’t require any additional equipment.

If you want to record it, then a cheap $30 software (http://www.blueirissoftware.com/) will turn the control computer into a DVR…just remember to get a large hard drive.

For wireless, I’d recommend getting the more expensive router or the outdoor one since video is bandwidth heavy.

Lots of wireless cameras are available here (avg $100/ea): http://store.homeseer.com/store/Netcams-C194.aspx

For wired cameras, use the Foscam wide angle ethernet cameras ($105): http://www.newegg.com/Product/Product.aspx?Item=9SIA1R00M31192

Foscam also has a wired/wireless version, but not wide angle ($95): http://www.newegg.com/Product/Product.aspx?Item=9SIA1PK0MG8083

I would highly recommend wide angle… it distorts the image but shows you more without having to push the camera further away from your target.

 

If you have recommendations, alternatives, or just want to comment, leave it below… I respond to all, but spam.

Content Database

Large App Icon

I’ve just added a new feature to my BigFix.me website… the Content Database!!! Come check it out!

This side-project catalogues fixlets, tasks, and analyses into one big content database (CDB). The first available feature of the CDB is the ability to search relevance statements. Type in one or more keywords like "operating system" or "exists" and you’ll get back tons of examples of how to use those inspectors or key words within your own relevance statements. The database even knows what type of data will be returned and we sort all the results by re-use count, which can be helpful in finding the most popular statements.

If you want to contribute to the database, simply logon or register and visit our import BES content page.

You can learn more here: http://bigfix.me/cdb.