Linux-Anti-Theft

Released under the GNU General Public License
http://www.wains.be/projects/linux-anti-theft/

Download : http://www.wains.be/projects/pub/


What is it ?

A tool intended at my personal use in the first place.
If my laptop is ever stolen, this tool could help authorities tracing the thief.

The idea is pretty simple.

Any time you plug your computer to a network, it will send a specially crafted "probe"
to a page you own on the web, basically saying "hi, I'm there !".
The remote website will store the date and IP of the probe in a MySQL database.
In case your computer is stolen, you would expect a probe coming as soon as it is powered
on and connected to a network (unless you have to deal with a tech-savvy thief).
You would get important data allowing further investigation against the thief (yet to be
verified if this would be considered by authorities though... *cough* I have doubts about
belgian authorities *cough*).


What you need :

The script is running under Linux (since I don't use anything else).
You need a highly available remote website handling PHP and MySQL to process the probes.
The server should be synchronized to a NTP server to get the exact time of probes.


Details :

The tool requires your computer is set up to use DHCP.
Several computers can send probes to a same remote location, you can share a database with friends.
Probes from friends would be stored in different tables.
Each time a probe is sent, it deletes any records in the table older than 30 days.
With a month worth of data stored (with an average of 1 probe/day), a table is under 3 Kb in size.


OK, my computer just disappeared ! What now ?

You would hopefully find some probes reaching your web page if the thief is dumb enough
to plug the computer to a network and boot the machine.
With the IP and date of connection in mind, authorities could investigate in collaboration
with the ISP from which the computer has been used.

THERE IS NO PROOF THE COMPUTER COULD BE RETRIEVED BY RUNNING LINUX-ANTI-THEFT ON YOUR COMPUTER !!!
WHILE A PROBE REACHING YOUR WEBSITE COULD BE A LEAD, THIS DOESN'T MEAN AUTHORITIES WOULD BE ABLE TO CATCH THE THIEF.


Installation :

1. Files included

database.sql   : schema of MySQL database
lat_client.sh  : the script that will probe the remote site
lat_server.php : the file that will be placed on the remote server
readme         : the file you're currently reading


2. Requirements

These tools : ping, host and curl.
A properly configured and running MySQL and Apache/PHP server.
The server should be synchronized using NTP.


3. Install on server side

3.1 MySQL

Create the user and import the database structure.
Feel free to change the username, password and database name.


server$ mysql -p

mysql > GRANT USAGE ON * . * TO 'theft'@'localhost' IDENTIFIED BY 'theft';
mysql > GRANT SELECT , INSERT , UPDATE , DELETE ON `linux-anti-theft` . * TO 'theft'@'localhost';
mysql > CREATE DATABASE `linux-anti-theft` DEFAULT CHARACTER SET utf8 COLLATE utf8_general_ci;
mysql > quit

server$ mysql -p linux-anti-theft < database.sql


3.2 Web server :

Copy lat_server.php somewhere in a web directory.
It is recommended to rename it to whatever you like.
Edit the file to match your MySQL configuration.
Choose an ID, that will be the shared secret between your computer and the remote site that will
authenticate your computer.


4. Install on client side

Put lat_client.sh somewhere on the filesystem (eg : /usr/local/bin/).
# chmod +x /usr/local/bin/lat_client.sh

Edit the necessary values in lat_client.sh. Make sure the ID is similar to what you specified under lat_server.php.

Edit /etc/rc.local to have the script starting at boot and staying in background until connection is up.

# /usr/local/bin/./lat_client.sh &