Internet Of Things Risks: Smart Home Device Security Threats

Posted by & filed under IOT, Research.

Abstract

The Internet of Things (IoT) devices connected to the Internet in 2015 is estimated to be five billion.  This number is seen growing to twenty-five billion within the next five years and thought to be the third wave of the Internet boom as described by O’Brien (2015).  This paper focuses on the security risks associated with smart home devices. Most consumers are unable to maintain smart home IoT devices. These device vulnerabilities are a safety hazard that motivated writing this paper.  Weak authentication & authorization methods are security risks to IoT devices.  Denial of service attacks (DoS) affects IoT device security and availability.  The research includes the creation of a home network and sampling ten smart home IoT products. Vulnerability tests were conducted using system analysis software to determine if passwords are encrypted or clear text and to understand if a Denial of Service attack stopped the IoT device from providing service.  Passwords were found to be clear text 60% of the time connecting from a web client to an IoT device.  A DoS attack vulnerability test found 70% of the devices unusable. Ideas to resolve security issues would be adoption of an IoT device certification standard adopted by the industry IoT manufactures.  Requirements to be put in place for manufacturers to release software updates through automated patching.  The consumer’s smart home IoT security risk are growing as online device use explode, and IoT manufacturers must be held responsible for protecting consumers security and privacy.

 

Table of Contents

  1. Author Note. 1
  2. Abstract 2
  1. Introduction. 5

Problem.. 5

Purpose. 6

Research Questions. 7

Significance of the Study. 7

Definition of Terms. 8

Limitations and Delimitations. 9

Assumptions. 9

  1. Literature Review.. 9

Architecture of Internet of Things. 10

Internet of Things Operating Systems. 11

Network Protocols. 11

Network Vulnerabilities. 11

Privacy Concerns. 12

Automated Software Updates. 12

  1. Hypothesis. 13

Introduction. 13

Research Questions. 13

Hypothesis. 14

Null Hypothesis. 14

Introduction. 14

IoT Sampling Size. 15

Research Method. 15

Software Used in Test 16

Data Collection Method. 17

Summary and Analysis. 19

Limitations of Study. 19

Introduction. 19

Sample. 20

Collected Data. 20

Statistics and Data Analysis. 21

  1. Discussion and Conclusion. 22
  2. References. 24
  3. Appendix. 26

 

Internet of Things Risks:  Smart Home Device Security Threats

Introduction

The computer revolution started years ago.  Back then computers were as large as two refrigerators and disk drives were the size of refrigerators.  They were cabled together with what were called bus and tag cables.  The connectors on the end of the bus and tag cables were as large as today’s five and a half inch hard drive, and the cables were the thicker than garden hoses.  Years have passed, and computers have continued to get smaller and faster.  A new computer term arrived, The Internet Of Things (IoT).

Research by Farooq, Waseem, Mazhar, Khairi, and Kamal (2015) discusses the evolution of the IoT.  They discuss that the term IoT arrived in 1982.  They inform us that the first IoT project was a modified coke machine, which was network-enabled and connected to the internet.   The coke machine was able to identify the number of drinks contained in the machine and whether the drinks were cold remotely over the Internet.  By the time 1991 rolled around, Mark Weiser, a visionary that worked at Parc Xerox, had a contemporary vision of IoT, back then called ubiquitous computing.  Weiser envisioned embedding microprocessors in everyday objects so they can communicate information.  Kevin Ashton, in 1999, proposed the term “Internet of Things” to describe a system of interconnected devices.  The idea of IoT is to allow the exchange of information between invisibly embedded different real world devices around us.

Problem

Barcena & Wueest (2015) discuss a research study by the Gartner Group. The research predicts more than 2.9 billion connected IoT devices in smart home environments in 2015.  These Internet-based devices could provide a large target for attackers to target network enabled smart homes.

Research by Barcena & Wueest (2015) discusses that repeat use of weak passwords in IoT devices is a common security issue. Many IoT devices do not have a keyboard and configuration is typically done remotely. Many of the device vendors do not force the user to change the devices’ default passwords on installation.  Some devices have unnecessary restrictions that can make the creation of long, complex passwords impossible.

Denial of Service attacks can affect the operations of an IoT.   Kolias, Stavrou, Voas, Bojanova, & Kuhn (2016) discuss that denial of service attacks such as jamming, eavesdropping, or message injection are common and can go unnoticed.  In a majority of cases, it is possible to manipulate media access control (MAC) layer messages execution by forging the transmission of the wireless protocol. The 802.11 Wi-Fi protocol is known to be susceptible to denial-of-service (DoS) and man-in-the-middle (MiM) attacks.  The secret key is also known to be cracked quickly.

As Asplund and Nadjm-Tehrani (2016) pointed out a quiet revolution that impacts several sectors, ranging from transport, home automation, energy, industrial control, and health services is undergoing with the addition of new networked devices leading to enhanced services. In this paper, the aim is to identify information security risks that are common over several smart home IoT devices.

Purpose

The goal of this study is to examine Internet of Things (IoT) device security threats using mixed method research.  Smart home IoT devices explored, and experiments will be conducted to understand the impact of authentication & authorization methods, denial of service attacks on IoT device security and quality of service quantitatively.  Analysis and interpretation of data collected will yield recommendations for implementing security for IoT devices.

Research Questions

This paper will address two issues regarding smart home IoT security risks. First, why does the implementation of weak authentication & authorization methods change security risks to IoT devices?  Second, does denial of service attacks affect IoT device security and availability?

Significance of the Study

The Internet of Things (IoT) is described by O’Brien (2015) as transforming and changing how we do business, go about daily activity and interact with others due to the undertaking of the rapid development of new software and hardware.  IoT is the third wave of the Internet boom.  Estimates and Predictions advise that up to five billion or more devices connected to the Internet.  In the next five years, there will be twenty-five billion devices actively connected to the Internet.  Sales from IoT are expected to exceed three hundred billion dollars.

 

O’Brien (2015) explained the IoT device application explosion is triggering concern about the security of the devices and the motives for which people’s personal data is collected and used.  This personal data collection raised concerns and increased risk that corrupt individuals or groups with an ulterior motive will intercept this private information.  Might IoT devices and products vulnerabilities trigger attacks against innocent consumers?  The response is most likely yes. Hewlett-Packard reported in 2014 that it found seventy percent of IoT devices at risk to attack.  The report found vulnerabilities include password security, encryption, and general lack of granular user access.

O’Brien (2015) conveyed that Federal Trade Commission (FTC) information identified that inexpensive IoT devices could be risky to buyers.  IoT device manufacturers lack monetary incentives to provide software updates and support for their product vulnerabilities.  Some examples of vulnerabilities identified by the FTC to customers are:

  • Data transmissions of one’s personal information by smart televisions could be exploited or compromised
  • Networks and systems attacked by IoT devices compromised used for denial-of-service attacks
  • Risks to personal and physical safety. An insulin pump was hacked remotely and changed the settings to deny the delivery of further medicine
  • Remote hacking of onboard automobile computer systems from another location

The significance of the study is to understand the security risks that are occurring in smart home IoT devices.  Then present a policy to be followed by device manufacturers to make smart home IoT devices secure. The study will increase consumers awareness of security risks smart home devices have when making a choice to install IoT devices on their home network.

Definition of Terms

Denial-of-service (DoS) – An attack that is intended to prevent legitimate users from accessing or having full use of a computer system, rather than attempting to destroy, steal, or modify information Plant & Murrell (2007).

Man-in-the-middle (MiM) – an account hijacking threat where the attacker can alter or intercept messages in communications between two parties (Farooq, Waseem, Mazhar, Khairi, and Kamal 2015).

Media access control (MAC)  – On an Ethernet LAN, each computer has a unique address (known as its MAC or hardware address), and all transmissions are strictly formatted to include source and destination addresses, plus error-detection codes to ensure that all collisions are detected (Plant & Murrell, 2007).

Limitations and Delimitations

A restriction or assumption for this research is that the network breached already occurred by a person or group.  They have breached the network and are now working to gain access to the smart home IoT devices.

Assumptions

Weak authentication & authorization methods on IoT devices increase the threat of device penetration or security because breaking into weak authentication & authorization(clear text HTTP post) devices will be easier and faster than breaking into then and IoT device with high or strong encryption(HTTPS or SSL) method.

An increase in denial of services attacks on IoT device will decrease the availability of the IoT devices because it will not allow the IoT device to function by flooding the communication ports.

 Literature Review

Many different industries use Internets of Things (IoT).  Lin & Bergmann (2016) point out a few that are disrupting the industry verticals.  Examples are smart home, industrial or manufacturing, automobile or transportation, healthcare, retail or merchandising and wellness and living.  IoT devices, in most cases, are usually low powered and slower CPU chipsets that collect data and transmit back to a place to be centralized and turned into actionable information.

Architecture of Internet of Things

Architecture and standards produced by the Internet Engineering Task Force (IETF) played a key role in standardizing IoT industry as discussed by Lin & Bergmann (2016) and Kumar & Patel (2014).  The layers adopted were the Application Layer (IETF, COAP), transport layer (UDP), network layer (IPv6, RPL), adaption layer (6LoWPAN), mac layer (802.15.4), and the physical layer (802.15.4).  Today after these standards have been adopted, most IoT’s are usually run on light-weight communication protocols because the environments are constrained.

Lin & Bergmann (2016) concluded there were three architectures for data collection methods in IoT.  They are middleware, cloud storage, and gateway architectures. The software layer called middleware sits between a low-level layer of devices and the high-level application layer. It usually provides a standard data exchange structure.  Data collection in the cloud gives IoT devices an easy place to monitor, collect, store and process data. Data analyzed in the cloud can trigger actions defined by manufacturer or users for IoT control.   The IoT gateway is the third example of data collection. This device runs on the network with other sensors and collects the data on that network centrally and then pushes the data to another location for analysis and processing.

Simply put by Lin & Bergmann (2016) informed the reader that the most common risks and attacks have three themes.  Confidentiality, authentication, and access.  Con?dentiality means allowing authorized users, both humans, and machines access to data.  Cryptography is key to achieving con?dentiality.  Authentication is verifying data is untampered with, and that the data can be veri?ed sent to the claimed author. Access refers to allowing authorized users to access data, communications infrastructure, and computing resources.

Internet of Things Operating Systems

Asim & Iqbal (2016) and Hahm, Baccelli, Petersen & Tsiftes (2016) identified common Operating Systems (OS) for IoT Environment are Mbed, RIOT, Contiki, and FreeRTOS. Integration of IoT to objects are possible via software along with Wireless Sensor Network (WSN)  and RFID technologies. Interactions with objects or devices get enabled through the OS. The OS for IoT occupies a few kilobytes of memory and has low power consumption. The OS for IoT has some unique security features to avoid compromise of usability and stability of the OS.  The OS for IoT is quite different compared to the regular operating system(Windows or Linux) because the goal is to use a low amount of resources, efficiently, when exchanging information between various devices. The IoT OS is still prone to third party attacks.  Encryption, intrusion detection, and data hiding techniques are used to protect IoT infrastructure.

Network Protocols

Lin & Bergmann (2016) discuss the creation of low power Internet-enabled network protocols by the Internet Engineering Task Force (IETF) working groups.  The following are the most used:

  1. IPv6 over Low-Power Wireless Personal Area Networks (6LoWPAN)
  2. IPv6 Routing Protocol for Low power and Lossy Networks (RPL)

These standards have played a significant role in the creation of light-weight communication protocols for constrained environments over the existing IP network.

Network Vulnerabilities

Asim & Iqbal (2016) identified Smurf, Black Hole, Sybil, Clone ID and Hello flooding vulnerabilities occurring on RPL networks.  The 6LoWPAN network has fragmentation, confidentiality and authentication vulnerabilities.   Lin & Bergmann (2016) consider the biggest vulnerability in Smart Home IoT devices is that homeowners cannot afford to hire security professionals to manage a complex smart home network.

Privacy Concerns

O’Brien (2015) discusses the liability that will occur more frequently as IoT devices get breached.  An example is an autonomous car driving down the road.  If the person that owns the autonomous car hits a person on the street, who is liable to pay for the injuries of the person hit?  Would it be the manufacturer that built the vehicle that was driving the car or the person who purchased the car?  These are interesting questions that will evolve with IoT devices in the years to come.

Automated Software Updates

One project discussed by Lin & Bergmann (2016) called Generic Extension for Internet-of-Things Architectures (GITAR), is meant to create a regular software patching or update system.  The idea is similar to the way Microsoft Windows Update gets software patches installed on the Windows operating systems.  The same would hold true for IoT manufacturers. They would integrate GITAR into the various IoT operating systems closing off the security vulnerabilities by automation of software updates before a breach occurs.  As the IoT industry continues to grow over the next few years, more automatic update and patching of devices and sensors will make it easier for all the device manufacturers across industries to upgrade the software on a regular basis and lower the security risks for all IoT devices.

Many research papers had common themes.  They were experiments on devices that discussed vulnerabilities or the overview of the IoT business outlining IoT Architecture and standards, operating systems used for IoT, methods of data collection and centralization, security vulnerabilities in current IoT environment and ideas around lowering security risks in the IoT device marketplace.

 

 

Hypothesis

Introduction

This research design will be an information security assessment of smart home IoT devices.  The evaluation conducted is defined in the research design and hypothesis of the document.   Scarfone, Souppaya, Cody, & Orebaugh (2008), in their paper, describes an information security assessment as a process of determining how effectively an entity assessment, an IoT device, in this case, meets specific security objectives. The paper identifies three types of evaluation methods used to accomplish the assessment.  They are testing, examination, and interviewing.  The process of exercising objects under stated conditions to equate real and projected behaviors is testing. The process of checking, inspecting, reviewing, witnessing, studying, or analyzing one or many objects to gain an understanding, reach an explanation, or find evidence is known as an examination.  Interviewing is leading a discussion with a person or team inside an organization or business which answers a question or questions, checks evidence, or creates and explanation. In this research design, we will be using testing and examination evaluation methods.

Research Questions

This research design will address two issues regarding smart home IoT security risks. First, why does the implementation of weak authentication & authorization methods change security risks to IoT devices?  The second research question is how a denial of service attack affects IoT device safety, security, and availability.

Hypothesis

Weak authentication & authorization methods on IoT devices increase the threat of device penetration or security because breaking into weak authentication & authorization(clear text HTTP post) devices will be easier and faster than breaking into then and IoT device with high or strong encryption(HTTPS or SSL) method.

An increase in denial of service attacks on IoT device will decrease the availability of the IoT devices because it will not allow the IoT device to function by flooding the communication ports.

Null Hypothesis

Weak authentication & authorization methods on IoT devices does not increase the threat of device penetration because breaking into weak authentication & authorization(clear text HTTP post) devices will be easier and faster than breaking into then and IoT device with high or strong encryption(HTTPS or SSL) method.

An increase in denial of service attacks on IoT device will not decrease the availability of the IoT devices because it will not allow the IoT device to function by flooding the communication ports.

Research Design

Introduction

The purpose of this research design is to conduct vulnerability tests on the smart home internet of things (IoT) devices and identify the security threats using mixed method research. Goel & Mehtre (2015), in their research paper, refer to vulnerabilities flaw in the application, which allows an attacker to harm the user of the application or gain elevated privileges.

A selected sampling of smart home IoT devices picked, and vulnerability tests carried out on the authentication & authorization methods and denial of service attacks on IoT device security and quality of service quantitatively.  Analysis and interpretation of data collected will yield results of the test.

 

IoT Sampling Size

The sampling size, as defined by Kumar (2014) is a process of picking a few, or a sample from a larger group (the sampling population) which is the basis for estimating or predicting the frequency of an unidentified piece of information, situation or outcome regarding the bigger group. A subgroup of the population that is studied is known as a sample.

This research design will select a sample of ten smart home IoT devices. Sample size for this research design use the following selection criteria:

  • Home users install the device, not professionals
  • Continuous IoT connection to the Internet
  • Device is accessible via web page to configure
  • The device uses a wireless connection

Research Method

The research instrument for testing the hypothesis’s of this paper will be software installed on the simulated home computer network.  The result of the literature review uncovered many discussions about vulnerabilities of smart home IoT devices.  None of the literature stated the method of collecting the raw data for a vulnerability discussed.  Asim & Iqbal (2016) discussed the IoT operating systems and security challenges, but there was no mention the process or steps that were taken to identify the vulnerability.  In this research method, we will describe the method planned for each hypothesis described.

This research method is a simple process. It will discuss the software to be used as the instrument or the software to conduct data collection, the home installation and configuration of the network router, IoT device installation on the network and data collection.  Last the data collection format for the data collected from each vulnerability test.  Then perform one test per hypothesis per smart home IoT device.

Network and Computer Environment Set-up.

For each smart home IoT device, we will need the following:

  1. Network router set-up defined in installation instructions
  2. The IoT device installed per manufactures installation instructions
  3. A computer to run diagnostic software and software for data collection
  4. Wireshark network sniffing software
  5. Denial of service emulation software
  6. Excel spreadsheet to record results

Software Used in Test

Software used during the data collection:

Wireshark.

Wireshark, a network analyzer or know by some as a network sniffer is one piece of software used.  Banerjee Vashishtha & Saxena (2010) describe this software as logging data packets.  Data packet holds information such as the protocol used, destination hardware address and much more information.  Unreliable packets detection occurs studying the contents.  This study design we will search for the user id and password sent from the web browser to the IoT device.

 Opnet Modeler Suite.

The Opnet Modeler suit is a product that can simulate a denial of service attack.  Bahl, Sharma,  & Verma (2012) describe a denial of service (DoS) attack as series of packets flooding the network that leaves a device unable to send and receive packets. The device is no longer able to perform the service it was designed to do(an example might be a webcam or thermostat).

Microsoft Excel.

Tracking, collection and graphing of data documented with Microsoft Excel.

Network Configuration.

Comcast Network will simulate a consumer’s network; The Surfboard SBG6782-AC will be set-up following the Comcast installation instructions contained in ARRIS Enterprises (2015).   ARRIS Enterprises (2015) Describes the specifications as a device with four products in one. Which includes:

  • DOCSIS 3.0 cable modem
  • Dual-Band Concurrent 802.11ac Wi-Fi Access Point
  • 4-Port Gigabit Ethernet Router and MoCA Technology
  • MoCA Technology

IoT Device Installation.

A sample of smart home IoT devices are complete, and devices purchased or on loan from the manufacturer.  The devices installed on the Comcast network as documented in the installation guide supplied.  Each IoT device installed according to the manufacturer instructions.

Data Collection Method

Two software vulnerability tests performed against each IoT device to collect data.  The data will assist in answering the research questions and hypothesis.

Network Analysis For User Id and Password.

Network traffic will be collected using Wireshark as the connection from the computer workstation to the smart home IoT device passes the user id and password over the network to log in.  The high-level process will include the following steps:

  1. Start Wireshark network sniffing
  2. Record default username and password to login into the IoT device
  3. Login with username and password
  4. Stop Wireshark sniffing software
  5. Save file off for data analysis

Denial of Service Attack.

Network traffic will be collected using Wireshark as the connection from the computer workstation to the smart home IoT devices passes the user id and password over the network to log in.  A simulated DoS attack started using Opnet Modeler Suite.  With a DoS attack in progress, the login processes are conducted again and confirm or deny a successful login.

The high-level process will include the following steps:

  1. Install IoT device
  2. Record default username and password to login into the IoT device
  3. Start Wireshark network sniffing
  4. Login to the site via URL supplied in documentation
  5. Log out of the site provided by the IoT device
  6. Save file off for data analysis
  7. Start a DoS simulation targeted at the IoT Device
  8. Repeat step 3 through 5
  9. Save file off for data analysis

Summary and Analysis

The data collected will be analyzed.   The data to be analyzed is from the Wireshark network logs, the DoS data gathered by the Opnet Modeler Suite, and the raw data recorded in the Excel spreadsheet.   The data will produce a report and discuss the findings for each IoT device.  The objective of the document is to describe for each IoT device tested:

  1. The password was cleartext or encrypted on login from the client to the IoT device URL
  2. The IoT device could be logged into from web client to IoT device URL while a DoS attack was in process

We also summarize the results to depict the percentages of the two tests described above.

Limitations of Study

A restriction or assumption for this research is that the network breached already occurred by a person or group.  The attackers have breached the user’s home network and are now working to gain access to the smart home IoT devices.

Another limitation of study could be the cost to buy the hardware if the manufacturers can not lend hardware for a security test.

Results

Introduction

The results of the research will cover the sample devices selection, the results and the analysis performed on the data.

 

Sample

A sampling of ten smart home IoT devices collected.  Selection criteria for the sample size are using only devices installed by the home user.  Other criteria for selecting the sample size were the user must log into the device via a URL to configure the device and device is always on, available, and communicating over the Internet wirelessly. Table 1 shows the sample devices used in data collection.

Table 1

NOTE: These is not valid data.  Ran out of time with the research Paper

Smart Home IoT Device Sample

Device
Name Type
ACTi IP Camera Web Camera
Dahua DVR DVR
Dahua Ip Camera Web Camera
Honeywell Wi-Fi Smart Thermostat Thermostat
IPX-DDK DVR DVR
Mobotix Network Camera Web Camera
Nest Camera Web Camera
Samsung Thermostat Thermostat
Swann 8-Channel 1080p DVR DVR
Vivotek IP Camera Web Camera

 

A summary of the device types selected in the sample are:

  • 5 Home web cameras
  • 3 Digital Video Recorders (DVR)
  • 2 Thermostats

 

Collected Data

NOTE: These is not valid data.  Ran out of time with the research Paper

Data collection for the IoT devices completed now the data most be coded and prepared for data analysis.  The first set of the data gathered in Table 2 includes the default user id and password obtained from each IoT device installation manual. Scanning of the raw network logs for the user id and password while the client logged into to the IoT device.    The data collected were the device name, user id, password and a Yes or No variable called Password Encrypted.  The value of Yes indicates the password is encrypted.  If No then the password was found to be in clear text in the log analysis.

The second data collection for the DoS attack on an IoT device is the use of Wireshark to sniff the network traffic and save two log files.  One log file with no DoS attack simulated and one log file saved after login in from client to IoT device during a simulated DoS attack on the IoT device using the Opnet Modeler Suite software.  DoS and login before a DoS service attack and a Login during a DoS attack.  This data is available in Table 2.  Both values were recorded as Yes if the login is successful and No if login is unsuccessful.

Table 2

Data Collection Results For Password Authentication and DoS Login

NOTE: These is not valid data.  Ran out of time with the research Paper

      Password DoS Login
Device Name User id Password Encrypted Before During
ACTi IP Camera admin 123456 No Yes No
Dahua DVR root 8888888 Yes Yes No
Dahua Ip Camera root 7ujMk0admin No Yes Yes
Honeywell Wi-Fi Smart Thermostat admin hwadmin Yes Yes No
IPX-DDK DVR supervisor supervisor No Yes No
Mobotix Network Camera admin meinsm No Yes No
Nest Camera nestadmin 54321 Yes Yes Yes
Samsung Thermostat sadmin temp123 No Yes No
Swann 8-Channel 1080p DVR admin VideoIQ Yes Yes No
Vivotek IP Camera root zipper No Yes Yes

 

Statistics and Data Analysis

NOTE: These is not valid data.  Ran out of time with the research Paper

All ten devices were attached to the network and tested.  The results of the research found that clear text authentication & authorization methods on IoT devices occurred 60% of the time. The other 40% had an encryption applied to the password. The results confirmed the hypotheses set-up to test was true.

While a simulated DoS attack occurred, 70% of the time, the login to the IoT device failed from a web browser client.  These results confirm the hypothesis that the DoS flooded the communication ports of the devices and stopped the device from providing any services.

Discussion and Conclusion

Resolving the security issues of IoT devices is achievable.  Many IoT devices are installed with default passwords and have no requirement to change the password on the first login to the device. This paper examined IoT security threats.  It questioned if the implementation of weak authentication & authorization methods changes security risks to IoT devices.  The paper also examined another research problem, which was to find out if denial of service attacks affect IoT device security and availability.

The purpose of the paper was to identify if IoT devices use clear text or encrypted passwords when authenticating the login into the IoT device and discover if a DoS on IoT devices affect its service.

The research method sample included ten smart home IoT devices vulnerability tested with specific a data collection method on a network installed with a default configuration.  For each device, two vulnerability tests were conducted to identify security risks in the smart home IoT products.

The research results supported both hypotheses.  A majority or 70% of IoT devices services are dysfunctional with a simulated DoS attack in progress.  More than half of the devices or 60% of them use clear text when a login in occurs from a web client to the IoT device.  From a consumer’s perspective, this is a high risk for devices that take on crucial functions in a home such as heating and cooling or monitoring security.

The results of the literature review found much of the existing research outlined know vulnerabilities that can occur.  None of the research papers reviewed conducted vulnerability test that collected data on devices and outlined results.  Further research should be carried out in the future on the most popular smart home IoT products. Once done consumers need an awareness of the security risks, they may encounter before purchasing smart home IoT merchandise off the shelf.

IoT device security certification testing and standards adoption is paramount to be put in place by the IoT manufacturers or the governing body for IoT manufacturers. As more and more consumer smart home IoT devices come online, the security risk is growing, and IoT manufacturers must be held accountable for protecting consumers security, privacy and held legally libel from breaches that should be prevented by automated product patching.  This paper is one step towards exposing consumers to the manufacturer’s security vulnerabilities and the hope that future research continues to conduct simple vulnerability tests which increase the legal liabilities and force changes to the way devices manufacturers produce products in the future.

 

References

Asim, M., & Iqbal, W. (2016). IoT operating systems and security challenges. International Journal of Computer Science and Information Security, 14(7), 314-318. Retrieved from http://search.proquest.com.ezproxy2.apus.edu/docview/1815514758?accountid=8289

ARRIS Enterprises. (2015). Surfboard SBG6782-AC Wireless Gateway with MoCA User Guide. [PDF]. Retrieved from

http://surfboard.com/wp-content/uploads/2016/05/ARRIS_SURFboard_SBG6782-AC_User_Guide.pdf

Asplund, M., & Nadjm-Tehrani, S. (2016). Attitudes and perceptions of IoT security in critical societal services. IEEE Access, 4, 2130-2138. doi:10.1109/ACCESS.2016.2560919

Bahl, N., Sharma, A. K., & Verma, H. K. (2012). On denial of service attacks for wireless sensor networks. International Journal of Computer Applications, 43(6), 43-47. doi:10.5120/6111-8348

Banerjee, U., Vashishtha, A., & Saxena, M. (2010). Evaluation of the capabilities of WireShark as a tool for intrusion detection. International Journal of Computer Applications, 6(7) doi:http://dx.doi.org.ezproxy1.apus.edu/10.5120/1092-1427

Barcena, M. B., & Wueest, C. (2015, March 12). Insecurity in the Internet of Things [PDF Document]. Retrieved from https://www.symantec.com/content/dam/symantec/docs/white-papers/insecurity-in-the-internet-of-things-en.pdf

Farooq, M. U., Waseem, M., Mazhar, S., Khairi, A., & Kamal, T. (2015). A review on internet of things (IoT). International Journal of Computer Applications, 113(1) doi:http://dx.doi.org.ezproxy2.apus.edu/10.5120/19787-1571

 

Goel, J. N., & Mehtre, B. M. (2015). Vulnerability assessment & penetration testing as a cyber defence technology. Procedia Computer Science, 57, 710-715. doi:10.1016/j.procs.2015.07.458

Kolias, C., Stavrou, A., Voas, J., Bojanova, I., & Kuhn, R. (2016). Learning internet-of-things security “hands-on”. IEEE Security & Privacy, 14(1), 37-46. doi:10.1109/MSP.2016.4

Kumar, R. (2014). Research methodology: A step-by-step guide for beginners (4th ed.). Los Angeles, CA: SAGE Publications.

Kumar, J. S., & Patel, D. R. (2014). A survey on internet of things: Security and privacy issues. International Journal of Computer Applications, 90(11) doi:http://dx.doi.org.ezproxy1.apus.edu/10.5120/15764-4454

Lin, H., & Bergmann, N. W. (2016). IoT privacy and security challenges for smart home environments. Information, 7(3), 44. doi:http://dx.doi.org.ezproxy1.apus.edu/10.3390/info703004

O’Brien, H. M. (2015, 10). The internet of things: The inevitable collision with product liability. The Licensing Journal, 35, 6-12. Retrieved from http://search.proquest.com.ezproxy1.apus.edu/docview/1729721023?accountid=8289

Plant, R. T., & Murrell, S. (2007). An Executive’s Guide to Information Technology: Principles, Business Models, and Terminology. Cambridge: Cambridge University Press.

Scarfone K., Souppaya M., Cody A., Orebaugh A. (2008) Technical Guide To Information Security Testing and Assessment (NIST Special Publication800-115). National Institute of Standards and Technology. Retrieved from:                        http://nvlpubs.nist.gov/nistpubs/Legacy/SP/nistspecialpublication800-115.pdf.

Google Zeitgeist 2010 Reveals The Top Internet Searches For The Year

Posted by & filed under Data Analytics, Search Engine, Social Media Analytics.

Always Interesting what people are searching for on the Internet.   Google Zeitgeist list the most searched words for 2010.  All Zeitgeist New Zealand’s Zeitgeist‘sIpad’s popular for sure world wide and Christchurch Earthquake seems to be up there in NZ.

Fastest Rising Worldwide

  1. chatroulette
  2. ipad
  3. justin bieber
  4. nick minaj
  5. friv
  6. myxer
  7. katy perry
  8. twitter
  9. gamezer
  10. facebook

Fastest Rising in New Zealand

  1. grabone
  2. chatroulette
  3. christchurch earthquake
  4. justin bieber
  5. geonet
  6. fifa
  7. facebook login
  8. youtube music
  9. lotto results
  10. avata

Removing Oracle RAC from Windows X64

Posted by & filed under Oracle RAC, Software.

I had to remove Oracle 11g and reinstall Oracle 10gRel2 for a client recently.

1a, b and d are required if you are using RAW devices for your OCR and Votedisk If you are using OCFS for these files, skip to step 1c followed by 1e.

1. Remove the partitions that have been initialized for ocrcfg and votedsk

b. Stop windows services on each cluster node and set them to manual. So if nodes reboot while you tidying up the services will not attempt to start all by themselves.

OracleCSService
OracleCRService
OracleEVMService

c. Delete the partition using that was created

d. It is advisable to remove and recreate your logical drives on top of extended partitions at this time
from Windows Disk Management.

2. Execute the Oracle Universal Installer to remove all software from the CRS home

3. Run the Oracle Universal Installer to remove the empty CRS home and clean up the inventory file

4. Remove Oracle binaries using Windows explorer (right mouse click delete), both the CRS home and the files located in

c:\program files\oracle

5. Be sure to check the registry for each cluster node be sure all oracle services have been removed from windows server:

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet\Services KEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services and any others

Example Oracle Services that should not exist anymore

OracleCSService
OracleEVMService
OracleCRService
OracleObjectService
OracleClusterVolumeService
OraFenceService

6. Using Windows explorer, be sure %systemroot%\windows\system32\drivers\ocfs.sys, %systemroot%\windows\system32\drivers\orafencedrv.sys, %systemroot%\windows\system32\drivers\orafenceservice.sys are removed

7. Reboot all servers in your RAC configuration

Once the reboot has completed start the with Oracle Clusterware re-installation

Settling In

Posted by & filed under Boulder, Christchurch, Colorado, New Zealand.

Have been in Christchurch New Zealand since 27th Apr 2008. Getting bearings on which way is the sea and which way are the alps. Surfers looked pretty cold off the pier in Christchurch but seemed to be enjoying the surf in the cold fall water and wind. We have lived in 2 different house in the short time we have been here but enjoying the change in culture. Goodbye Boulder Colorado.. Hello Christchurch New Zealand

Coldfusion Nested Cfloop or Cfloop within a Cfloop

Posted by & filed under ColdFusion.

Coldfusion Cfloop within a cfloop or gives interesting results. I couldn’t believe it was a bug. But looks to be true once tested. Thanks to Blog of Jehiah Czebotar who bailed me out of this issue after looking at it for some time with eyes crossed and debugging.

Here is the summary from Jehiah blog post. Thanks Again Jehiah!

There is a bug in the processing of nested cfloop tags in Macromedia Cfloop ColdFusion MX, as the example below shows. I have developed a workaround for this which is also below.

Example of Problem




    
        #outerqueryset.column1# #innerqueryset.column1#

    




‘outerqueryset.column1‘ results in the first record’s data being displayed regardless of current iteration in the outer loop.


Workaround


The workaround is to force the display of the current row, by accessing it via array.



    
        #outerqueryset.column1[outerqueryset.currentrow]# #innerqueryset.column1#
    




					
						
 
						
						 
					
					
 
					
										
										
					

						
						

						
							
							
							
oracle rac running on vmware esx using lefthand networks san

							
							
Posted  by  & filed under Lefthand Networks iSCSI SAN, Oracle RAC, vmware.

						
						
 
					
						

							






I am interested to find out from vmware and oracle why Oracle RAC running on Red Hat under vmware esx is not supported by either company yet. I have spoke to both companies and there seems to be an indication that they will be certifying it soon.  But no official response as to when.


If anybody is running in a production environment. I would like to here from you on experiences or issues.  Thanks.

					
						
 
						
						 
					
					
 
					
										
										
					

						
						

						
							
							
							
Colorado Anti-Junk Mail Legislation Halted – Consumers can still stop junk mail privately

							
							
Posted  by  & filed under Junk Mail.

						
						
 
					
						

							
BOULDER, COLO. “ Mar. 19, 2007 “ Legislative efforts to allow consumers to eliminate junk mail from their mailboxes have been halted in Colorado. But Coloradoans still have options, such as StopTheJunkMail.com, to remove themselves from mass mailing lists. Stopthejunkmail.com wants consumers everywhere to know that even though similar efforts throughout the country are being stifled, they can still opt-out of getting direct mail using the company’s private service.








The bill, sponsored by state Rep. Sara Gagliardi, a freshman Democrat from Arvada, faced opposition from businesses, unions and postal workers whose livelihoods depend on the multibillion-dollar direct mail industry. Gagliardi said she introduced the bill to address environmental concerns and the threat of identity theft that accompanies direct mail. The proposal would have allowed Coloradoans to sign up on a “do not mail” list, similar to the “no call” list that stops telephone solicitations.




Having the option to stop receiving unsolicited mail, while easing the conscience of the “green-minded” population, would have resulted in Postal Service layoffs. Approximately half of the 12.5 million pieces of mail delivered in the state are classified as direct mail, and account for one-third of their operating budget.




Similar legislation is pending in Arkansas, Connecticut, Hawaii, Maryland, Michigan, Missouri, Montana, New York, Texas, Washington and Vermont. While Coloradoans no longer have a state-sponsored option for reducing unsolicited mail, they can still say no to junk in the mailbox by using stopthejunkmail.com’s service, as can any consumer – nationwide – who is tired of sifting through piles of unwanted mail.




Stopthejunkmail.com, a Boulder, Colo. based company, was founded in 2001 as a convenient, cost-effective way for subscribers to opt out of receiving unsolicited mail.


For a nominal fee, stopthejunkmail.com will remove subscriber information from select mailing lists and through a partnership with American Forests Organization will plant a tree in an effort to repopulate forests being depleted by junk mail production.




For more information about stopthejunkmail.com, and how it’s filling the void left by the recently terminated legislation, please contact Margot Brown at 866.769.5885 or media@stopthejunkmail.com.

					
						
 
						
						 
					
					
 
					
										
										
					

						
						

						
							
							
							
Survey Shows Consumer Opinions on Junk Mail

							
							
Posted  by  & filed under Junk Mail.

						
						
 
					
						

							






Survey Shows Consumer Opinions on Junk Mail


BOULDER, COLO. – Mar. 7, 2007 – Consumers think they are getting too much junk mail according to StopTheJunkMail.com’s 2006 fourth quarter survey. Results show that the majority of survey participants receive at least 6-10 catalogs per week, almost all of which are discarded immediately, leaving many to question the impact of direct mail on their homes and businesses, as well as the environment.


StopTheJunkMail.com releases their consumer opinion survey quarterly in an effort to determine how best to control or eliminate the nuisance and environmental impact of junk mail. The survey is given anonymously to a nationwide sampling of consumers to accurately show attitudes toward unwanted mail.


The survey also asks consumers what they believe are direct mail’s “worst offenders” with banks at the top of the list, followed by catalogs and coupons. The top three cancelled catalogs during the last quarter were Lands’ End, Wine Country Gift Baskets and Herrington. Direct mail lists that consumers most asked to be removed from included the Direct Marketing Association, Experian and Equifax.


While the overall findings show that most people don’t appreciate and immediately throw away unwanted mail, they wouldn’t mind the occasional catalog or direct mail offer if they could control the frequency. One-third of survey participants wouldn’t mind getting catalogs once every three months, while the majority still says they would rather get a catalog once or twice a year with e-updates, or shop online exclusively.


Almost half of all survey participants claim to be concerned about the environmental impact of junk mail – not a surprising statistic in light of the “green awareness” sprouting up in more and more businesses everyday. StopTheJunkMail.com’s environmentally friendly opt-out service is a hassle-free way for individuals to make a positive impact on the environment, while lightening their mail load.


To view a copy of the survey results or get more information on StopTheJunkMail.com, please contact Margot Brown at 866.769.5885 or media@stopthejunkmail.com.


———————————————————————————-


StopTheJunkMail.com, a Boulder, Colo. based company, was founded in 2001 as a convenient, cost-effective way for subscribers to opt out of receiving unsolicited mail. For a nominal fee, StopTheJunkMail.com will remove subscriber information from select mailing lists and plant a tree in an effort to repopulate forests being depleted by junk mail production.

					
						
 
						
						 
					
					
 
					
										
										
					

						
						

						
							
							
							
Turn Off Disable Oracle Recycle Bin

							
							
Posted  by  & filed under Oracle RAC.

						
						
 
					
						

							
In a comment today about the Empty Oracle Recycle Bin , A person wanted to know how one turns off or disables the Oracle Recycle Bin?In ORACLE 10G Release 1 there is a knob to turn to disable the behavior of recycling bin. The “_recyclebin” which defaults to TRUE.  We can disable it by setting it to FALSE.


Command to disable that would be:


ALTER SYSTEM SET “_recyclebin”= FALSE SCOPE=BOTH;








ORACLE 10g RELEASE 2 the following syntax to turn the recycle bin off is:


ALTER SESSION SET recyclebin = OFF;


ALTER SYSTEM SET recyclebin = OFF;


The dropped objects that where in the recyclebin will remain there even when the recyclebin parameter is set to off.


Keep your oracle database clean and green!

					
						
 
						
						 
					
					
 
					
										
										
					

						
						

						
							
							
							
Empty Oracle Recycle Bin

							
							
Posted  by  & filed under Oracle RAC.

						
						
 
					
						

							
 A new feature in Oracle 10g Release 2 was the Reycycle Bin. The recycle bin in the Oracle database is where all dropped objects reside. Underneath the covers the object are taking up the same space when they were created.   


 "DROP TABLE mytable", it doesn't really drop it. It instead renames it to e.g.: BIN$67815682942.








Dropped objects are not deleted they are just rename with a prefix of BIN$$. One can get access to the data in a dropeed table or even use a Flashback Query if you have this feature enabled on your version of Oracle.








To completely remove a table from the system and not keep in recycle been use PURGE TABLE command. So if table is called mytable.


The syntax would be PURGE TABLE mytable;


Other ways to purge the recycle bin are:


PURGE TABLE mytable; (purges mytable from system and recycle bin)


PURGE INDEX myindex; (purges myindex from system and recycle bin ) PURGE recyclebin;


Purge all object in recyclebin PURGE dba_recyclebin; (purge all objects / only sysdba can do this command)


 


To drop and purge a table in one command it would be: DROP TABLE mytable PURGE; So thats It.


Clean up your recycle bin today.







					
						
 
						
						 
					
					
 
					
										
										
					

						
						

						
							
							
							
VMware Server verse Microsoft Virtual Server

							
							
Posted  by  & filed under vmware.

						
						
 
					
						

							






Seems much of 2006 was spent testing virtual server software. I find it interesting that for years on the mainframe we have been using virtual machines. I just read the article by M. T Jones on Virtual Linux and it talks about the history and kinds of virtualization.








Spent much of 2006 working with Microsoft Virtual Server(MVS) and VMware Server Most of my time was spent with MVS no that isn’t the MVS of the old days on an IBM mainframe. It was not easy to set-up MVS on with Redhat Linux running on it. But we did accomplish the task. The main issue when installing redhat was the system wanted to reboot constantly until you could get the .rpm’s installed provided by microsoft. But hey it worked and was free.

But in December we installed VMware’s free Server product. Which honestly was way easier to operate and understand. Getting redhat up was no problem. In fact we just finished a demo Vmware ESX 3.0 box and did a conversion from VMware Server to VMware ESX 3.0 using the VMware beta converter The converter moved the redhat linux image to ESX with no issue found to date. That is pretty good. Wonder what the difference is between the ESX and teh VMware server files that the image needs conversion?


Anyhow believe VMware Server and beta converter are way easier to use than Microsoft Virtual Server

					
						
 
						
						 
					
					
 
					
										
										
					

						
						

						
							
							
							
Expanding iSCSI Lefthand Networks lun on a Windows Operating System

							
							
Posted  by  & filed under Lefthand Networks iSCSI SAN.

						
						
 
					
						

							






Needed to expand a existing volume / iSCSI lun on a Windows based system.


Increasing the Volume Size via the Lefthand SAN Central Management Console.

1. Launch the CMS from Windows desktop


2. Select the volume to increase


3. double click to bring up the Edit Volume window


4. Adjust the volume size, hard threshold and soft threshold accordingly.








Increase the Volume Size in WIndows


1. launch Windows Logical Disk Manager – This will rescan the disks and see the new volume size.


2. launch diskpart.exe from dos prompt.  With dos prompt at c:\


3. list the volumes that appear on the system by type the command “list volume”


4. select the volume to extend by type “select volume #” where # is the volume corresponding number you want to expand.


5. with the volume selected, type “extend” to grow the lun / volume to the size of the full disk that has been expanded on the san.


Notice that an asterisk is put by the volume and the new size of the volume has been updated.

					
						
 
						
						 
					
					
 
					
										
										
					

						
						

						
							
							
							
Relink Oracle Database Software on Unix Linux RAC Cluster

							
							
Posted  by  & filed under Oracle RAC.

						
						
 
					
						

							






Had problems with running Oracle RAC on a cluster on Redhat Release 3 AS.  So we started the conversion to Redhat Release 4 AS. We run a 2 node RAC Cluster on iSCSI Lefthand Networks SAN.  The Oracle software is installed on a  lun on each machine and the database is on lun’s of RAW disk manged by ASM.  This allows flexability by moving the luns from OS to OS and recompiling the Oracle binaries when we need to move the Oracle Cluster to a new version of the OS.








1. First we need to check if the Oracle Home (10.2) & ASm Oracle home were re-linked correctly.


2. Relink The 10.2 Oracle Server manually following the next steps:


2.1 Shutdown all Oracle Instances and Listeners running on your 10.2 ORACLE_HOME


2.2 Manual relink your 10.2 ORACLE_HOME


==============start relink by type this on command line =============


script relink_1020.out


export ORACLE_HOME


PATH=$ORACLE_HOME/bin:$PATH


env | sort


$ORACLE_HOME/bin/relink all


exit


==============end script========

Note the previous commands need to be executed line by line on the OS prompt.


3. No relink the ASM ORACLE_HOME as follows


1.1 Shutdown all Oracle Instances and Listeners running on your ASN ORACLE_HOME


2.2 Manual relink your ASM ORACLE_HOME


==============start relink by type this on command line =============


script relink_asm.out


export ORACLE_HOME


PATH=$ORACLE_HOME/bin:$PATH


env | sort


$ORACLE_HOME/bin/relink all


exit


==============end script========

Note the previous commands need to be executed line by line on the OS prompt.


The review all output to be sure there are no errors.


Now that we have finished with no errors we should be able to bring up the new recompile Oracle binaries under RHEL4 AS.

					
						
 
						
						 
					
					
 
					
										
										
					

						
						

						
							
							
							
IPTV Lacrosse TV

							
							
Posted  by  & filed under Lacrosse, Technology.

						
						
 
					
						

							






Interactive Television Networks, Inc. (ITVN)Announces the launch of Lacrosse TV IpTV TV network for Lacrosse .   This station is for the National Lacrosse League to launch Lacrosse TV See http://www.lacrossetv.com for more infomration.  The sound of TV across the Internet is appealing since we have a two houses.  If we could share the box between both places we might be able to save some monthly charges.








Yet The only network available is the Adult Entertainment and Lacrosse TV. I guess we could demo the the Lacrosse TV for the season and see how it works.


Couple of questions I got answered about the service both Lacrosse TV and the new TV services to be launched.


Questions Answered by Support 1/3/06.


When will normal TV Service be avaliable?


Mainstream programming will be available at the end of January.


Is the LacrosseTV just 1 station or more than that?


At this time, LaCrosseTV is one Network  devoted expressly to the NLL. 


Do you require a ITVN Box for each TV in the house or can you operate more than one TV on a set-top ITVN box?


Each Television would require a Set Top Box and a separate monthly billing plan.


We have a second home with a broadband connection. Can we take the set-top box from the pirmary residence up to our second home with out any problems?


It can be used basically anywhere that there is a qualifying Broadband Internet Connection. The box is in no way “attached” to a physical address.



					
						
 
						
						 
					
					
 
					
										
										
					

						
						

						
							
							
							
New Year

							
							
Posted  by  & filed under Dunno.

						
						
 
					
						

							
Well a new year has come. 2006 is here to stay. I am trying to figure out how to use wordpress 2.0 just updated.  Nice new features.  Also tried to set-up http:///pulisher.yahoo.com rss feed.  Seems to be working.

					
						
 
						
						 
					
					
 
					
										
										
					

						
						

						
							
							
							
Oracle Enterprise Edition Release 2

							
							
Posted  by  & filed under Oracle RAC.

						
						
 
					
						

							






Downloaded Oracle Enterprise Edition Release 2 from the oracle technology network.  It was 3 cds. Unzipped them into the oracle directory d1 d2 d3 for the 3 cds and tried install.  Got Error.

Nothing but trouble.

Found a post on metalink that indicated a bug in the software and one needs to unzip all 3 cd’s into the same directory.

					
						
 
						
						 
					
					
 
					
										
										
					

						
						

						
							
							
							
RedHat Trouble netdump

							
							
Posted  by  & filed under Linux Red Hat AS.

						
						
 
					
						

							






Netdump Server and Client setup


netdump server:  collard.alf.cpqcorp.net (16.113.5.139)

netdump client:    bubba.alf.cpqcorp.net (16.113.5.104)








Setup Netdump Server:


1.   Check to see if the netdump-server is installed:

#rpm –qa | grep –i netdump-server


If it is not already installed, install the netdump-server package.

#rpm –ivh netdump-server-0.6.11-3.i386.rpm


2.    Set a password for the netdump user.

# passwd netdump

Changing password for user netdump

New password:

Retype new password:

passwd: all authentication tokens updated successfully


3.     Optional:  Copy the scripts files.

#cp /usr/share/doc/netdump-server-0.6.11/example_scripts/* /var/crash/scripts/


4.     Configure and start the service.

# chkconfig netdump-server on

# service netdump-server start

Starting netdump server:                                   [  OK  ]


Setup Netdump client:


1.  Check to see if the netdump-0.6.11-3 is installed.

#rpm –qa | grep netdump


If it not already installed, install the netdump client package

# rpm –ivh  netdump-0.6.11-3.i386.rpm


2.	Edit the file /etc/sysconfig/netdump.

Add a line NETDUMPADDR=x.x.x.x  in which you specify the address of the netdump server.

NETDUMPADDR=16.113.5.139 (address of the server)


3. Get netdump init script to send a dynamic random key to the server.


# service netdump propagate

The authenticity of host ‘16.113.5.139 (16.113.5.139)’ can’t be established.

RSA key fingerprint is e8:67:5e:d3:a8:19:14:04:c4:9f:c3:74:ab:fb:c3:c8.

Are you sure you want to continue connecting (yes/no)? yes

Warning: Permanently added ‘16.113.5.139’ (RSA) to the list of known hosts.

netdump@16.113.5.139’s password:


(The password that was used for the netdump user on the server)


4.  Configure and start the service


# chkconfig netdump on

# service netdump start

initializing netdump                                       [  OK  ]


To test the setup


On the client, this only works on the supported Ethernet drivers.  As of now, the supported drivers are 3c59x, eepro100, e100, e1000, tlan, and tulip.  RedHat suggests to check the  /var/log/messages to see if you have a supported driver.


•	Enable the magic sysrq key

# sysctl -w kernel/sysrq=1

•	Enable panic_on_oops

# sysctl -w kernel/panic_on_oops=1

•	Check to see if netlog is working

# echo h > /proc/sysrq-trigger

( A directory with the client’s IP address should be created on server’s /var/crash)

•	Sync  all mounted file systems

# echo s > /proc/sysrq-trigger

•	Crash the system

# echo c > /proc/sysrq-trigger


On the netdump server’s   16.113.5.104-2005-03-15-21:15 directory two files should be created:  log and vmcore.


To have the sysrq enabled on reboot:


#vi /etc/sysctl.conf

kernel.sysrq=1

kernel.panic_on_oops=1


Netdump whitepaper:    http://www.redhat.com/support/wpapers/redhat/netdump/

					
						
 
						
						 
					
					
 
					
										
										
					

						
						

						
							
							
							
Red Hat Trouble SYSrq

							
							
Posted  by  & filed under Linux Red Hat AS.

						
						
 
					
						

							






SysRq


How to Enable Magic SysRq in Red Hat Linux


Magic SysRq key sequence is used to collect additional system information to aid in the troubleshooting of system hangs or panics.


NOTE:  Disable ASR so that ASR will not restart the server before the SysRq information can be captured.








1.  Ensure that “Kernel Hacking” has been compiled into the running kernel.

CONFIG_MAGIC_SYSRQ=y This is required for SysRq to work.  It’s enabled  on all RHEL by default.


2.  Configure Red Hat to run in runlevel 3.  This requires editing of /etc/inittab.    (id:3:initdefault: )


3.  Enable SysRq in /etc/sysctl.conf.  ( kernel.sysrq = 1 )  Then do sysctl –p for the system to read the sysctl file.


4.  It is recommended that a serial console be set up to capture the SysRq information.  Attached to the serial console will be another computer running a terminal emulator such as minicom or hyperterminal.


To enable the serial console port, edit the boot loader kernel load statement.


For GRUB this would be in /boot/grub/grub.conf.  (kernel /vmlinuz-2.4.9-e.40  ro root=/dev/cciss/c0d0p2 console=ttyS0,9600n8 console=tty0 )


5.  Attach the computer running the terminal emulator to the serial console port using a null modem cable.  ttyS0 is COM1 and ttyS1 is COM2.

To match the 9600n8 setting in the previous step, the terminal emulator should be set to 9600bps, no parity, 8 data bits, 1 stop bit, hardware flow control.


6.  Reboot the server.

7.  There should be text output on the terminal emulation screen during a portion of the Red Hat boot up sequence.  This will verify that the terminal emulator is set up and connected properly.  There will be no keyboard interaction at the terminal emulator window.  The terminal emultor is installed to aid in capturing all of the text output of the SysRq commands.  All of the SysRq commands will be initiated at the server console.


8.	To invoke the Magic SysRq, press .   The most useful


run the

commands:


echo m > /proc/sysrq-trigger

echo t > /proc/sysrq-trigger

echo p > /proc/sysrq-trigger


This will dump debugging information the file /var/log/messages. If the system hangs during the copy, go to the keyboard attached  and press the following keystrokes:


ALT-SysRq-m

ALT-SysRq-t

ALT-SysRq-p


Some keyboards may not have a key labeled SysRq but the SysRq key is also known as the ‘Print Screen’ key. This will dump the debugging information even if the system is unresponsive. If it doesn’t dump it, you have either a hardware problem or a serious issue with the kernel .


Command keys are as follows:


‘m’ – Will dump current memory information to your console.

‘p’  – Will dump the current registers and flags for each processor to your console.  Press ENTER for each processor.

‘t’   – Will dump a list of current tasks and their information to the console.


Run alt-SysRq-p multiple times so that we can be sure to get output from all CPUs on the machine.


Also, run alt-sysrq-m last as it has a possibility of locking the box up harder then it already is.


If the system was setup as a netdump client, the SysRq output will also get logged to the log file on the netdump server.


Addition command keys are:


‘r’ – Turns off keyboard raw mode and sets it to XLATE.

‘k’ – Secure Access Key (SAK) – Kills all programs on the current virtual console.

‘b’ – Will immediately reboot the system without syncing or unmounting the disks.

‘o’ – Will power off the system (if configured and supported).

‘s’ – Will attempt to sync all mounted filesystems.

‘u’ – Will attempt to remount all mounted filesystems as read-only.

‘0’ – ‘9’ – Sets the console log level, controlling which kernel messages will be printed to the console.  (‘0’, for example would make it so that only emergency messages such as PANICs or OOPSes would be displayed on the console.

‘e’ – Send a SIGTERM to all processes, except for init.

‘i’ – Send a SIGKILL to all process, except for init.

‘l’ – Send a SIGKILL to all processes, INCLUDING init.

‘h’ – Will display help.


One can cleanly reboot a hung/frozen system with the following keyboard combination (SysRq is enabled and system responds to the keys):


Alt-SysRq-R (keyboard in raw mode)

Alt-SysRq-S (save unsaved data to disk)

Alt-SysRq-E (send termination signal)

Alt-SysRq-I (send kill signal)

Alt-SysRq-U (remount all mounted file systems)

Alt-SysRq-B (reboots the system)


Here are the correct sequences if you set up in iLO the remote console hotkeys similar to mine or if you are doing it from the physical alternate console:


remote   Physical Console     What it should display

ilo cons (Alternate Cons)

——– —————-     ——————————-

ctrl-T   Ctrl-Alt-SysRq-p     To display process information

ctrl-U   Ctrl-Alt-SysRq-m     To display memory information

ctrl-V   Ctrl-Alt-SysRq-t     To display call trace information

ctrl-W   To switch to a non-graphics alternate console


SysRq also writes the info to /var/log/messages if it is able to do so.

If you are doing this from an iLO Remote console using the hotkeys I defined, you should see something similar to the following when you enter ctrl-T, ctrl-U, and ctrl-V:


++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++


[root@colard root]# SysRq : Show Regs


Pid/TGid: 0/0, comm:              swapper

EIP: 0060:[] CPU: 1

EIP is at default_idle [kernel] 0x29 (2.4.21-20.ELsmp)

ESP: 080b:c01091c2 EFLAGS: 00000246    Tainted: P

EAX: 00000000 EBX: c0109100 ECX: c043bc80 EDX: c9b20000

ESI: c9b20000 EDI: c9b20000 EBP: c0109100 DS: 0068 ES: 0068 FS: 0000 GS: 0000

CR0: 8005003b CR2: b729f000 CR3: 376c9900 CR4: 000006f0

Call Trace:   [] cpu_idle [kernel] 0x42 (0xc9b21fb0)

[] call_console_drivers [kernel] 0x63 (0xc9b21fc4) [] printk [kernel] 0x153 (0xc9b21ffc)


Zone:Normal freepages:108783 min:  1279 low:  4544 high:  6304

Zone:HighMem freepages:1209405 min:   255 low: 20990 high: 31485

Free pages:      1321089 (1209405 HighMem)

( Active: 78806/14876, inactive_laundry: 4493, inactive_clean: 0, free:

1321089

)

aa:0 ac:0 id:0 il:0 ic:0 fr:2901

aa:0 ac:0 id:0 il:0 ic:0 fr:2901

aa:0 ac:32699 id:3 il:1 ic:0 fr:108783

aa:18729 ac:27378 id:14873 il:4492 ic:0 fr:1209405 1*4kB 4*8kB 5*16kB 3*32kB 2*64kB 0*128kB 2*256kB 1*512kB 0*1024kB 1*2048kB 2*4096kB = 11604kB) 31*4kB 48*8kB 10*16kB 1*32kB 0*64kB 4*128kB 1*256kB 1*512kB 1*1024kB 1*2048kB 105*4096kB = 435132kB) 1363*4kB 495*8kB 121*16kB 21*32kB 2*64kB 3*128kB 0*256kB 2*512kB 1*1024kB 1*2048kB 1177*4096kB = 4837620kB) Swap cache: add 0, delete 0, find 0/0, race 0+0 51200 pages of slabcache 180 pages of kernel stacks 0 lowmem pagetables, 799 highmem pagetables

Free swap:       2044072kB

1572863 pages of RAM

1277945 pages of HIGHMEM

95987 reserved pages

94481 pages shared

0 pages swap cached


[] sys_read [kernel] 0x97 (0xe34d3f94)


bash          S 00000002  1776  3221   2619                     (NOTLB)

Call Trace:   [] schedule [kernel] 0x2f4 (0xe3651e78)

[] vgacon_cursor [kernel] 0xf3 (0xe3651e9c) [] schedule_timeout [kernel] 0xbc (0xe3651ebc) [] write_chan [kernel] 0x151 (0xe3651ed4) [] read_chan [kernel] 0x291 (0xe3651ef4) [] do_tty_write [kernel] 0x14d (0xe3651f40) [] tty_read [kernel] 0x114 (0xe3651f74) [] sys_read [kernel] 0x97 (0xe3651f94)


hpdiags-bin   S 00000001  4244  4593   2457                2459 (NOTLB)

Call Trace:   [] schedule [kernel] 0x2f4 (0xf701bdc0)

[] schedule_timeout [kernel] 0xbc (0xf701be04) [] wait_for_connect [kernel] 0x1a8 (0xf701be3c) [] tcp_accept [kernel] 0x145 (0xf701be98) [] inet_accept [kernel] 0x35 (0xf701beb4) [] sys_accept [kernel] 0x86 (0xf701bed4) [] tcp_listen_start [kernel] 0x191 (0xf701bf2c) [] inet_listen [kernel] 0xb3 (0xf701bf50) [] sys_listen [kernel] 0x50 (0xf701bf68) [] sys_socketcall [kernel] 0xd9 (0xf701bf80)

++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++