Tuesday, February 19, 2013

IP Cam Viewer App with the Samsung SDE-5001

The Samsung iPolis mobile app for the Samsung SDE-5001 home security system doesn't work with Android Jelly Bean 4.2.2 (it works fine for Ice Cream Sandwich).   However, you can also use Robert Chou's IP Cam Viewer app for Android and IOS, which provides a Lite version for 6 camera angels and a Pro version for unlimited.  

Here are things to note when using the IP Cam Viewer app with the SDE-5001:

1) Samsung's SDE-5001 system comes with a free www.samsungipolis.com Dynamic DNS service. However, unlike most Dynamic DNS services, it relies on a URL path associated with each dynamic host (i.e. http://www.samsungipolis.com/HOMEDVR) instead of a dedicated subdomain (it appears to use HTTP meta tags to perform the same functionality as traditional Dynamic DNS).  As a result, the IP Cam Viewer currently does not support Samsung's Dynamic DNS approach.

If you try to configure http://www.samsungipolis.com/123 with port 4524, the current app seems to only pick up the samsungipolis.com URL and chooses the original 554 port.    (We're hoping the author will be able to update the IP Cam Viewer app to support Samsung's Dynamic DNS service.  The service relies on HTTP <meta> refresh tags instead of HTTP headers, so there is a bit more work involved.)

You can signup for no-ip.com but there apparently is a requirement to login every 30 days to confirm your account.    You will need to reconfigure the Samsung SDE-5001 to use no-ip.com instead of the IPolis DDNS service.

2) If you tried to select the Samsung SDE DVR option with the IP Cam Viewer app, you may fail to get a camera image. But if you use the Scan functionality with the camera, you may find that many other cameras work with the SDE-5001 including the Night Owl and Night Owl RTSP(TCP) DVR service.  Use the Night Owl Make and Night Owl RTSP(TCP) DVR with RTSP port 4524 and you should be able to connect to the system.

Tuesday, February 12, 2013

Passing variables to awk

Note: the ENVIRON variables only work in bash for those that have been exported:

$ export ABCD=123; 
$ echo | awk '{print ENVIRON["ABCD"]}'
123

http://rosettacode.org/wiki/Environment_variables

The ENVIRON array contains the values of the current environment:
$ awk 'BEGIN{print "HOME:"ENVIRON["HOME"],"USER:"ENVIRON["USER"]}'
HOME:/home/suchrich USER:SuchRich
Environment variables can also be assigned to awk variables before execution, with (-v) options:
$ awk -v h=$HOME -v u=$USER 'BEGIN{prin

Sunday, February 10, 2013

Setting up the Samsung SDE-5001 DVR for online viewing

With all the recent attention of Samsung catching up as a viable competitor to Apple, the trouble I had today getting their SDE-5001 DVR working for online access really made me wonder whether they had invested much time on any part of building an intuitive design for using this device.   It appears that much of their design team has been focused on the mobile phone business, but their expertise hasn't spilled into other areas of their product lines such as their home security systems.

The SDE-5001 device comes with Dynamic DNS support through their http://www.samsungipolis.com service.  When you register your device at this site, you also create a Product ID.  The URL will then become part of the URL (i.e. http://www.samsungipolis.com/abcdef).    Assuming your device is configured for the Dynamic DNS service, this web service will redirect your browser to the IP address with META HTTP refresh tags(<meta http-equiv="refresh" content="0;url=http://1.2.3.4:80"/>).

One trouble that I encountered was that the stock firmware 1.0.0 when using the iPolis DynDNS had a User ID and password prompt, but you couldn't fill out the password prompt through a web browser much less through the infrared control.   I noticed today that Samsung has released the 1.0.2 firmware that probably fixed this bug (http://www.samsungsv.com/Support/DVRFirmwareUpdate), but there are very few instructions about how to go about doing so.    The first thing you need to do is to verify which firmware to use, since some of Samsung's firmware include material codes.

To upgrade the firmware, it turns out that you have to download the .zip file to a USB drive in the root directory and then insert this device into the DVR.  You then have to go into the System Management section of the DVR and wait 20-30 seconds before a screen shows up.  If the DVR recognizes there is a USB device (USB hard drives may not work), it will indicate a "Upgrade Software" button that you can use.  I tried several times and often got "Upgrade Failed", so I eventually decided to unzip the image and place it on the same drive while switching to a smaller 32GB flash drive.   Eventually after trying different USB sticks and unzipping the firmware files, I got the upgrade to succeed.

There also isn't much documentation about how to setup port forwarding.  If you navigate to the Protocol section, you will also noticed that the protocol type is set to TCP, port 4520, webviewer port 80:


You can also see at the bottom of this picture is "TCP Port 4505-4530, Webviewer Port 80". According to the SDE 5001 User manual (http://www.samsungsv.com/Download/SDE-5001_User_Manual.pdf), what this section really means is:

Multi Browser Support : You can use a Silverlight-compliant web browser to connect to the Web Viewer. Multi browsers are enabled only if the TCP port is set to between 4505 and 4530 with the Web Viewer port of 80. This is a security measure in order to enable Silverlight.

Basically it means that the Samsung DVR really only works with Internet Explorer.  You also appear to need to set TCP ports 4505-4530 open, as well as port 80 to make it work.   It appears that you can choose either TCP or UDP connection mode, so the grayed out parameters seem to apply for whichever mode.

For good measure, I setup TCP port 80/4505-4530 and UDP 8000-8160 port forwarding to support both modes.

Also, if you connect with a non-Safari and non Internet Explorer, you get a blank white screen. If you look at the JavaScript for the page, the reason is that this section of the code has specific checks whether to even render the login page if you're not using Safari or IE. You can bypass by adding the same parameters at the end (i.e. http://[YOUR IP]/cgi-bin/webviewer?ip=0&_port=0) but you still need Silverlight/ActiveX plugins and it still appears to render a blank screen.

There is a mobile app, but the Samsung IPolis appears to be broken for Android Jelly Bean 4.2: https://play.google.com/store/apps/details?id=com.samsung.ipolis&hl=en. You can connect and request channels, but no video panels will render. I looked through a bunch of forum comments and people have been complaining that the latest update broke things (https://play.google.com/store/apps/details?id=com.samsung.ipolis&hl=en).  You can use the IP Cam Viewer app for IOS and Android, which is described in this blog post.

Finally, if you're wondering about what RTSP port should be used for the IPolis mobile app, it should be the last port defined in the range (i.e. for port range 4520-4524, use 4524).  


Footnote: there is a major security vulnerability that is still unpatched in the web interface software.  For more details, see http://hustoknow.blogspot.com/2013/11/samsung-dvr-security-vulnerability.html

Friday, February 8, 2013

OpenSSL encryption libraries add a Salted__ header.

http://openssl.6102.n7.nabble.com/Decrypting-with-key-and-initialization-vector-don-t-decrypt-the-first-8-bytes-td10420.html

When you encrypted data with a password using openssl command line, the 
first 16 bytes of the output are actually a header of the form 
'Salted__XXXXXXXX' where the last 8 bytes represent the salt used to 
derive the key and the IV. 

Monday, February 4, 2013

subprocess module

Awesome writeup/explanation of all the use cases of the Python subprocess module..

http://sharats.me/the-ever-useful-and-neat-subprocess-module.html

lxml cannot use absolute path on element

It turns out when you use lxml.fromstring(XML), it returns back the element instead of a document tree (unlike lxml.parse()).  You have to do lxml.fromstring(XML).getroottree().  This way, doing findall() will avoid triggering the "cannot use absolute path on element" error.

http://www.inductiveload.com/solutions-to-errors/

LXML

Error: SyntaxError: cannot use absolute path on element
Problem: I was trying to do:
root = doc.getroot()
tags = root.findall("//tagname")

Solution: You need to use the XML document directly to use an absolute path:
tags = doc.findall("//g")

Friday, February 1, 2013

ngrep

Another useful network debugging tool:

http://ngrep.sourceforge.net/usage.html

It works similar to grep except it scans network ports!

You can use -d to specify the Ethernet interface and -x to dump the data in hex.    It also has primities such as "port 80" to listen to only web service traffic.  The -W byline command helps to expose the line feeds.

 -W normal|byline|single|none
              Specify  an  alternate manner for displaying packets, when not in hexadecimal mode.  The ``byline'' mode honors embedded line‐feeds, wrapping text only when a linefeed is encountered (useful for observing HTTP transactions, for instance).  The ``none'' mode  doesn't  wrap under any circumstance (entire payload is displayed on one line).  The ``single'' mode is conceptually the same as ``none'', except that everything including IP and source/destination header information is all on  one  line.   ``nor‐mal'' is the default mode and is only included for completeness.  This option is incompatible with ``-x''.

Socket Stats

A bunch better tool than netstat...it can even show you memory usage for all your sockets:

http://www.cyberciti.biz/files/ss.html

What do all these memory letters represent?

Recv-Q Send-Q       
   0      0            
 mem:(r0,w0,f0,t0)

You can do man netstat to understand what Recv-Q and Send-Q mean:


 Recv-Q
     The count of bytes not copied by the user program connected to this socket.

 Send-Q
     The count of bytes not acknowledged by the remote host.

The rmem, wmem, fmem, and tmem refers to specific Linux kernel values:


rmem = sk->sk_rmem_alloc; 
wmem = sk->sk_wmem_queued; 
fmem = sk->sk_forward_alloc; 
tmem = sk->sk_wmem_alloc;

sk_forward_alloc is the forward allocated memory which is the total memory currently available in the socket’s quota.
sk_wmem_queued is the amount of memory used by the socket send buffer queued in the transmit queue and are either not yet sent out or not yet acknowledged.

http://www.cse.scu.edu/~dclark/am_256_graph_theory/linux_2_6_stack/structtcpdiag__meminfo.html#m1

For more information, see Chapter 9 of TCP/IP Architecture, Design and Implementation in Linux:
http://books.google.com/books?id=sKoo-cFNPYsC&lpg=PA300&ots=We7wmJfrVj&pg=PA298#v=onepage&q&f=false