VPN

IP Vanish for your home network

Shyam Unnithan Leave a comment

Before we hit to vanishing using IP Vanish. I have been trying out different tools and utilities over the past year but, unfortunately have not been spending time on sharing it. It’s almost a year, since I put up my last post. I was busy, but also had a lack of commitment from my side, and made countless excuses for not putting up the posts.

I have pulled myself up again and make myself responsible for ensuring that, there is a small writeup here every week. It’s not going to be easy but will give it a try and see how it goes.

Coming back to our topic. I have been trying to ensure security and privacy over internet for me and my loved ones. Have used and tried various VPN offerings, but have recently moved to IP Vanish. The service is good, it is economical, provides the necessary security. They also provide scripts, for connecting to the VPN tunnel for linux hosts.

The level of documentation provided on IP Vanish site is also good. The one thing found missing on the internet, was content mentioning, how IP Vanish can be configured for the home network, using a linux box. I had to do this because of an outdated router. It does not have a VPN configuration. Thought of sharing it here, just in case you are in the same boat. So, let’s Start

We will be performing the following steps

  1. Register for a new account with IP Vanish
  2. Install IP Vanish connection script
  3. Modify firewall rules to accept network packets and forward it to VPN tunnel
  4. Modify router configuration to use this linux machine as your gateway.

Register for a new account with IP Vanish

You can signup for a new account at https://signup.ipvanish.com/

After you have signed up and created a password, you can login to your account. If you visit the Server List you should be able to see the Configuration Options for OpenVPN and the list of Servers available

Install IP Vanish connection script

You can download the necessary script, to setup your version of linux from the following link https://www.ipvanish.com/vpn-setup/linux/#linux-setup

I am running CentOS 7 and I have used the OpenVPN file from the Fedora Setup. Once downloaded change to the ipvanish directory and run the command

./ipvanish-vpn-linux start

You will have to provide details like your username, password, the server which you wish to you to complete the startup process

Modify Firewall rules

If you are on CentOS 7 like me you just need one command and few rules to configure the firewall and routing. All below network configuration commands are to be run as a superuser

firewall-cmd --zone=external --add-interface=tun0
iptables -t nat -A POSTROUTING -s 192.168.0.0/24 -o eth0 -j MASQUERADE
iptables -A INPUT -i tun0 -j ACCEPT
iptables -A FORWARD -i eth0 -o tun0 -j ACCEPT
iptables -A FORWARD -i tun0 -o eth0 -j ACCEPT

This will configure your system accept packets from your internal network, masquerade and forward it to tun0. The above command assumes that, tun0 is your active tunnel. You can actually verify the interface name by using

ip addr show

You may have to check if ip forwarding has been enabled by using

sysctl net.ipv4.ip_forward

The outcome of the command should be net.ipv4.ip_forward = 1. In case it is not you can do so by running

sysctl net.ipv4.ip_forward=1

Modify Router configuration

Modify your router dhcp configuration as shown above. Set the Default Gateway IP to the IP Address of the linux box on which you are running IP Vanish (192.168.0.100 for me). You can test the connectivity by manually setting your ip address and the gateway values on a laptop and testing if your connectivity works fine. Post this you can change the configuration on the router

You can visit https://www.whatismyip.com/ to ascertain that your network is indeed using the VPN Tunnel and to ensure you do not have any leaks

With this your entire network should be setup to use the VPN tunnel. Please feel free to drop in a note or ask in case you come across any issues. I may not respond right away, but will try to come back soon.

I am running my tunnelling on a Virtualized CentOS guest on Xen. You can read more about setting up Xen here

I will be back next week with a solution to block all the ads and improve your surfing experience .Until then, Happy hacking!!!

Laptop Depicting some code

Xen HyperVisor on Debian with Ubuntu HVM

Shyam Unnithan Leave a comment

Installing the Xen Hypervisor on Debian Stretch

It’s not that complex

I have been trying to find installation instructions and commands for the Xen HyperVisor for Debian. Even after some long search I never found anything which made sense. After spending a couple of days, going through documentations, I finally managed to install it. I am sharing the steps which I used to create a domain and run an Ubuntu HVM on the same.

Script

You can modify the part of the scripts mentioned below as per your requirement and use the same to install Xen on your system.

#!/bin/sh
#Automation of installation of Xen Hypervisor

#Install non-free firmware
apt-get -y install firmware-linux-nonfree

#Install Large Volume Management
apt-get -y install lvm2

#Create the allocated LVM as a Physical Volume. Change sda4 to whichever
#device you had created as LVM for installation
pvcreate /dev/sda4

#Create a Volume Group (extents) using physical Volume
#Replace sda4 with device mentioned in pvcreate
vgcreate vg0 /dev/sda4

#Install bridge utils for network bridging
apt-get -y install bridge-utils

#Configure bridging interface
echo "" >> /etc/network/interfaces
echo "#The bridge network interface" >> /etc/network/interfaces
echo "auto xenbr0" >> /etc/network/interfaces && echo "iface xenbr0 inet dhcp" >> /etc/network/interfaces
# Change the iface name enp3s0 as applicable e.g. eth0
echo -e "\t bridge_ports enp3s0" >> /etc/network/interfaces

#Restart the network service
service networking restart

#Install Xen Server
apt-get -y install xen-hypervisor-4.8-amd64 xen-tools xen-utils-4.8

#Create a lv disk to be used with our vm
lvcreate -ndisk_0 -L20G vg0

Ubuntu.hvm

The HVM file contains the entire information for setting up the VM. You may need to change the <ISO_FOLDER> to folder which contains your ISO in this case the Ubuntu Server X64 version.

# =====================================================================
# Example HVM guest configuration
# =====================================================================
#
# This is a fairly minimal example of what is required for an
# HVM guest. For a more complete guide see xl.cfg(5)

# This configures an HVM rather than PV guest
builder = "hvm"

# Guest name
name = "ubuntu_srv"

# 128-bit UUID for the domain as a hexadecimal number.
# Use "uuidgen" to generate one if required.
# The default behavior is to generate a new UUID each time the guest is started.
#uuid = "XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX"

# Enable Microsoft Hyper-V compatibile paravirtualisation /
# enlightenment interfaces. Turning this on can improve Windows guest
# performance and is therefore recommended
#viridian = 1

# Initial memory allocation (MB)
memory = 2048

# Maximum memory (MB)
# If this is greater than `memory' then the slack will start ballooned
# (this assumes guest kernel support for ballooning)
#maxmem = 512

# Number of VCPUS
vcpus = 2

# Network devices
# A list of 'vifspec' entries as described in
# docs/misc/xl-network-configuration.markdown
vif = [ 'bridge=xenbr0' ]
# Disk Devices
# A list of `diskspec' entries as described in
# docs/misc/xl-disk-configuration.txt
disk = [ '/dev/vg0/disk_0,raw,hda,w','/<ISO_FOLDER>/ubuntu-17.10.1-server-amd64.iso,raw,hdc,cdrom' ]
# Guest VGA console configuration, either SDL or VNC
sdl = 0
serial='pty'
vnc = 1
vnclisten=""
boot = "c"

Steps

  • Modify the shell script as per your requirement and run it. This will install Xen and all necessary tools. Restart the server.
  • Create a file ubuntu.hvm in your /etc/xen/ and copy the contents mentioned above. Modify information as per your system
  • Run the following command to create and start the VM
xl create /etc/xen/ubuntu.hvm

This will create a VM and start the VM with the the ISO image mentioned in the HVM file.

You will be able to see the installation screen by connect to the ip address of the debian machine on which Xen is currently installed on port 5900 using VNC viewer.

  • Walk through Ubuntu installation and you will have your Ubuntu VM ready at the end of it.
  • Run the command
xl list

and you should see a list of VM’s installed on the system e.g.

Name                                        ID   Mem VCPUs	State	Time(s)
Domain-0                                     0  3957     4     r-----     211.5
ubuntu_srv                                   1  2040     2     -b----     336.2

The b in the state column suggests that the VM is in blocked state. This does not indicate that the VM is hung. In case you run a processing intensive task on the VM you will see the state changed to r.

Things to Remember

In this section I am covering the key aspects which you should remember while creating the VM’s else you end up in the issues mentioned below.

Dreaded GRUB Install failure

I learnt this the hard way. Twice, after the entire installation process I was unable to install the GRUB boot manager in the MBR. After searching a lot of sites and going through equally large number of articles, I figured out that he size of the first partition has to be small, since a larger partition results in the size of core.img becoming greater than that the MBR can accommodate. This is a classic problem with LVM. So ensure when you partition the disk for installing ubuntu, create a /boot partition with roughly 200MB-300MB space and you will not encounter this issue.

Enabling auto configuration of eth0

On first boot of the guest VM you will have to edit the
/etc/network/interfaces file and update the information regarding the eth0 interface. Add following lines without the comment marks
# auto eth0
# iface eth0 inet dhcp
This will ensure that your guest vm is able to connect to the network get an IP and hosts will be able to connect to this guest

References

https://wiki.xenproject.org/wiki/Xen_Project_Beginners_Guide

href=”http://www.mimastech.com/2018/01/31/how-to-install-xen-hypervisor-on-debian-9-stretch-and-debian-8-jessie-linux-systems/

http://www.virtuatopia.com/index.php/Configuring_and_Installing_a_Xen_Hardware_Virtual_Machine_(HVM)_domainU_Guest

The above mentioned files install_xen.sh and ubuntu.hvm can also be obtained from the following github location

https://github.com/shyam-unnithan/xen

This was a small attempt at demystifying the Xen server installation. I hope you all will find it useful to run your own VM’s. Hope the information helps and look forward to your comments and suggestions.

Pankajam Sreedevi @GHCI 2017

Amazing keynote by Pankajam Sridevi @ GHCI17

Shyam Unnithan Leave a comment

Day 1 Keynote GHCI 17

The annual GHCI conference, GHCI17 this year was held on 16th and 17th November at the Bangalore International Exhibition Center. You can learn more about this event here. This event over the last couple of years has seen over 90% participation from Bengaluru, unlike this year where Bengaluru had 56% participation. Other significant participation being from cities Pune and Hyderabad. Pankajam Sridevi, Managing Director, ANZ Operations and Technology India Pvt. Ltd presented the opening day keynote.

She shared her personal experiences in her journey from an Engineer to her current position. Pankajam chose to stress upon Narratives, Developing Financial Acumen, Celebrating Success and Building a Support ecosystem for women to be successful professionals.

Her stories touched upon topics, like having work-life Integration rather than work-life balance. Also, how she chose and made decisions and sacrifices to keep a healthy progress in her professional life, while also ensuring necessary care for the family.

She requests women to be assertive on what they want professionally.She calls upon women to have narratives corrected. Since, women are being adjectivized as “Motherly, Good, etc”. She says though it does not offend, it requires that these narratives be corrected like ” but I am also Strategic” or “I also am a  Visionary” at times.

Pankajam called upon women to improve on Financial Acumen. Her examples state the relevance in current times for women to have a sound understanding of Financial matters in order to be independent.

Question Answers

The keynote was followed by a Question-Answer session. Many queries were answered. One of them which stood out, by a girl student. She was mentioning her concern with remarks from her male classmates. Regarding women having easy access to jobs due to gender diversity factors in organizations. Though she felt she was equally capable and she didn’t want to have any special considerations. Pankajam mentions, during such transformation there is a lot of noise, which should sometimes be ignored.

You may also like to see the GHCI17 Day 2 Keynote by Rebecca Parsons here.

Rebecca Parsons @GHCI 2017

“Continuous Learning” Rebecca @ GHCI17

Shyam Unnithan Leave a comment

The second day at GHCI17 started with a Keynote from Rebecca Parsons CTO ThoughtWorks. Her story is a great inspiration for women and men alike. Her story also depicts her focus on Continuous Learning.

Continuous Learning

Rebecca is known for her knowledge and understanding of varied programming languages. Sharing her learnings through her life starting from coding at the age of 14.

She stated different career decision phases in her life and most of the time she chose what she is passionate about. She emphasizes on taking up ambiguous challenges since it is exciting to work with ambiguity.

Lessons Shared

  • Don’t be afraid to just try something new. Learning does not always require teaching. Explore, Play
  • Ask for what you want. You may be surprised and get it!
  • Trust your instincts
  • Know when to move on
  • Make sure you’re moving towards something, not simply moving away from something
  • Look for opportunities and grab them when you see them
  • Fake it ’til you make it
  • Not all decisions are right. Learn from your mistakes. Don’t dwell on them.

Read regarding the keynote from Pankajam Sridevi of ANZ here.

Amazon Echo Device

The All New Amazon Echo Plus

Shyam Unnithan Leave a comment

Just got my hands across the Echo Plus device from Amazon. It was an invitation only sale by Amazon. Expressed my interest to procure a device and received an invite on 5th October, purchased it the same day. Amazon India was to start shipping the Echo products from the 1st of November and as usual Amazon lived up to the expectations and delivered the same on 2nd November, packed neatly.

Unboxing and Initial Setup

Took about 5 mins to unbox. Plug the device in and switch on the power. The all famous Orange ring illuminates. Just takes a couple of seconds and voila greetings by Alexa, the voice assistant, with the device in setup mode.  Alexa prompts to download the Alexa app from PlayStore. Download the Alexa application, search for the wifi devices on the phone you will see a device like Amazon-XXX (XXX being some number) hit the connect, start the Alexa android application and about 3 screens down the device is set with my Home wifi. Within seconds Alexa is ready for use. The regional settings set as India.

Alexa Voice Experience

I have used the Echo Dot, have built some custom applications earlier, for my organisation and have pretty good experience with it. The Echo Dot used earlier for my development was a US import and the region settings were also US and Alexa had a US accent. The Echo Plus has an Indian accent. The sound from the Echo Dot is a lot flatter whereas from the Echo Plus has more depth. After some questions to Alexa by my daughter we were able to ascertain that this is an Indianised version of Alexa, where Alexa’s favourite actor is Shah Rukh Khan, the actress Kangana Ranaut.

Alexa Skills

The next step includes adding skills to Alexa to put her to real use. Searched the available skills in the app and it was a surprise to find some great apps which would really help take the overall personal assistant experience to the next level. The list has Uber, GoIbibo, FoodPanda to name a few. Expecting a lot of apps to hit the skill store considering so much excitement around the Echo devices in India. Downloaded the mentioned apps and did some fiddling with it and things really work. Didn’t want to lose 43 Rs on my Uber cancellation so gave that a skip.

Audio

After the usual tests, it is time to test Alexa’s audio quality. Considering the premium to buy the Echo Plus rather than settling for Echo Dot, I expect it to perform in this section. So, downloaded the Saavn skill and asked Alexa to play a few songs and boy the audio is crisp and clear has a great punch on the bass and can fill the room even at Level 5 Volume.  Have seen the Echo devices as more of an assistant, but this can really play music like few of the expensive smaller speakers delivering enough clarity and bass, so great work on that one and the premium is worth every dime spent. Have similar review from another friend who also purchased the Echo Plus instead of the Echo Dot.

Zigbee the plus in Echo Plus

Unlike the Dot, the Echo Plus also offers a built in Smart Home Hub which can connect and control ZigBee smart devices. You can automate your home by purchasing compatible lights and accessories from Philips,  Syska, OAKTER, TP-Link to name a few. It is as simple as telling Alexa “Discover my devices”. I have to get some devices to try it out, before I can review on this.

So that’s it for now. I am working on a few apps to help with home automation and take the experience to the next level. Will keep posting about it more. Will be great to hear from you guys on what you like to hear more on. So please do keep those comments coming in, because I am listening :).

Offer

Offer Management Using Sentiment Analysis

Shyam Unnithan Leave a comment

Offer Management Using Sentiment Analysis, is the concept of applying knowledge from Sentiment Analysis in recommending suitable offers for customers. We do need to understand Sentiment Analysis, before we start to understand how it applies to offer management.

Sentiment Analysis

Sentiment Analysis is also known as opinion mining, and is the process of determining opinion (Sentiment) from a source material about a particular topic.

Source for Sentiment Analysis

The source for Analysis maybe be blogs, websites, articles, social networking sites and much more. Let us use a research by Vivid Social Research Division. As of January 2016, in Australia, the number of users reported for the sites were Facebook-15,000,000, LinkedIn-3,700,000, Twitter-2,80,000 and BlogSpot-2,450,000. All these users, contribute with their thoughts and opinions, and are a significant source of data for Sentiment Analysis.

Offer Management

The concept of proposing a customer with a promotion from the business, which, will appeal to his/her interest, and engage him/her to opt in for the promotion is Offer Management.

Offers & Predictability

Most of the information I present here are considering the banking business. Also, the same knowledge maybe applicable to other industries.

The banks make offers to Individuals, on basis of their risk ratings and his/her relationship with the bank. These types of offers, fail to consider the prevailing socio economic situations, within the individuals geography and hence, most of the time fails to interest. Which, brings us to a questions like, “Can this be addressed?”, “Can we really predict outcome of offers?”.

Yes, except a few cases. The likelihood of an individual accepting the offer is determined by various criteria. A few of these criteria can be the individual’s preferences, market outlooks, herd behaviour or recommendations by financial institutions, advisors, friends and family. Hence, if we analyse this information we have a very high chance of predicting the outcome.

Sentiment Analysis & Offers

Sentiment Analysis can help assess some of the criteria mentioned above and influence the presentment of an offer. Assume if opinions reflect in multiple blogs, articles, social networking sites, that real estate are at their lowest and hence it is the best time to buy a home. In such a situation, there is a higher chance of an individual to accept a home loan offer, rather than a mortgage loan. Because, in a situation when the real estate prices are low, a mortgage will yield his property a lower value than usual.

Let us consider another example, of an individual who liked a post. One, mentioning a credit card giving extra travel miles on spend, and he did not do so for a card with 2x reward points. It signifies that the card offering extra miles interest him more. The chances of him accepting a credit card offer for the travel card is higher than the rewards card.

Conclusion

The world is moving at an unprecedented pace, hence people have less time to spend on their banking apps. Due to which, the number of offers they will skim through is relatively less. Also, the situations in which they will have to visit a branch, or a representative is even less. This is forcing banks to capitalise on every opportunity  they get to engage with their customers. The Sentiment Analysis based Offer Management will go a long way in ensuring that the customers get appropriate offers. Which, also considers prevailing socio economic conditions and market trends within their geographies. This will ensure  focus on customer engagement and result in more converted offers for Banks .

Citations

https://en.wikipedia.org/wiki/Sentiment_analysis

Statistics compiled by SocialMediaNews.com.au for October 2016. Stats and research produced by the Vivid Social – Social Media Agency. Figures correct as of 31/10/16.

If you find this article informative, please do let me know through your comments. Also let me know of any other topics which are of your interest, and I can incorporate the same.