Facing the possibility that your laptop (or even desktop) could get stolen, lost or otherwise disappear makes me think of what I’d do. While it wouldn’t be earth shattering for me, there’s a lot of work I’ve put into this thing and it has a lot of data on it I’d like to get back.
Note: This tutorial was written for Ubuntu or Debian based Linux distros. It will work with other distro’s with only minor modifications, mainly the way to install new programs.
That got me interested in some security measures I could take and more, what I could do to locate my laptop if it ever did get stolen? Here’s a quick guide to setting up a ‘Lojack’ for your laptop. If it’s taken and put on a network somewhere (obviously without being reformatted or reinstalled) you’ll be able to find it.
First, you’re going to need an account with a free dynamic DNS provider. DynDNS is a great one to use and will be focused on in this tutorial. This allows you to alias a dynamic IP address to a static hostname. They offer a number of domains from which you can choose. I have a DNS entry now at dnsdojo.net.
Once you’ve got an account with DynDNS, set up a dynamic DNS host by clicking on Add Host Service, and then Add Dynamic DNS Host. 
You’ll see in the image above that it has defaulted to BLANK.selfip.info. If you set this to your computer’s host name (in this example we’ll use arsgeek) it would be arsgeek.selfip.info. This is your host name. Jot this down, you’ll need it in a few minutes.
Then we’re going to install a client that will keep DynDNS updated as to what the laptop’s real, actual IP address is. This is important as, especially with laptops that tend to roam around a bit, you’re IP address will change a lot. We want to be able to pinpoint your computer’s IP no matter what it is.
The client we’ll use is one called ddclient. Let’s install it.
sudo apt-get install ddclient
Once the install begins, you’ll be asked a couple of questions. When it asks you for a fully qualified domain name for your host, you’ll plug in what you just jotted down above (in this example:) arsgeek.selfip.info.
Then you’ll be asked to type in your DynDNS username and password.
Lastly, it will ask you what interface you’re going to use for this. Type in ‘web’ without the quotes.
That’s pretty much all you’re going to do to set this up. To verify it’s working, head on over to DynDNS again, click on My Services at the top. Once you’re on the My Services page, look at the Host Level Services at the bottom. You should see your Dynamic DNS services listed. Click on it and you’ll see a report containing a message that looks like this:
Alternatively, you can try pinging, sshing or otherwise connecting to your own machine via the new DNS entry that you’ve set up.
If your laptop ever is stolen, start looking for your DNS entry by pinging it. Once you see that it’s online, you can use a program like traceroute from another machine to find your laptop’s default gateway. Once you have that, notify the police and the ISP in question and get your computer back!
(Note – if you have another Ubuntu machine that you want to use to trace your laptop, be sure you install traceroute on it: sudo apt-get install traceroute)
With props to the UbuntuGuide for the tips.
Technorati Tags: lojack, stolen laptop, find your laptop, laptop recovery, computer lojack, little brother
It is not everyday that an affiliate business opportunity comes your way. The basic rule of internet marketing is to grab such an opportunity. Often free web hosting services do not comply with such features. On such incidences, one might have to go for another web page hosting instead. Often changing the domain solves such dilemmas, resulting in free use of sem strategies like cpc and ppi.
May 5th, 2007 at 8:12 am
Rather simplistic guide, surely this should be “How to set up DynDNS on your Ubuntu/Debian system” and not “How to track and recover your Linux laptop if it gets stolen” sure, settings up DynDNS on it could be one of several steps.
I remember something a while ago which had a cronjob check a file on your web server at certain intervals and execute it, which enabled you to dump various information via http://ftp. As that guide concentrated on Macbook Pros, it described how to dump pictures from the inbuilt camera and upload them via ftp to identify the thief…or even captured packets.
So yes, rather simplistic but I’m sure anyone who wants to know how to set up DynDNS and can’t figure out how to use apt/aptitude will be grateful!
May 5th, 2007 at 9:46 am
Ok, buy knowing they can’t login to your machine, they will probably be quick to reformat it.
I would like to see a solution similar to this, but at the BIOS level.
May 5th, 2007 at 12:39 pm
Because we totally have a full TCP/IP stack at the BIOS level.
May 5th, 2007 at 5:17 pm
DynDNS is cool, but Frosti’s right. This needs to go into BIOS to be effective.
Even then, what’s really necessary is to have the CPU monitor and log any changes in its traceroute to an external entity. With this “push” scheme, you could see the complete history of where the CPU had been (relative to the server) & have much more information to give the police than in the pull scheme.
This functionality does not require Dynamic DNS… it requires SSH and some code to append the traceroute log on the server.
And again, this functionality would have to be hacked into BIOS — possibly via:
http://linuxbios.org
May 5th, 2007 at 7:05 pm
I have on my Dell Inspiron 6400 a bios option to enable Computrace LoJack, but it ain’t free.
I think it does the same thing but it is format proof.
May 5th, 2007 at 8:18 pm
Just FYI, Computrace is anything but foolproof…The Dell bios can be reset, providing you with the choice to disable the Computrace indefinitely…A quick format and reinstall and you have a brand new clean pc…
Just thought you might like to know……
May 5th, 2007 at 10:57 pm
Just a thought (and maybe it is already done and maybe there is a flaw in my idea) but why not use a integrated EVDO Wifi with a Comp trace (Dell Latitude D820 has both) type setup to phone home to unlock the hard drive to boot beyond the BIOS and initialize the hard disk ATA lock. Phone home at the BIOS level might allow you to locate the laptop and use of the phone home ATA hard disk lock to prevent a disk format.
May 6th, 2007 at 7:21 am
This is a pretty good guide to simply get dyndns up and running though. Rather simplistic method, I would bet if a thief stole a laptop with linux on it (esp one that requires a login to open x) then he would just reformat it. This isn’t going to help with that really.
May 8th, 2007 at 12:03 am
this will work somehow, if the person stolen it is not a geek / nerd too.
May 8th, 2007 at 4:23 am
Here’s the flaw as I see it. Ubuntu requires the user to login before it can be used. Without the thief being able to log in there is little chance that Ubuntu will be started up and allow the computer to be pinged. Without the ping it can’t be found.
May 8th, 2007 at 7:48 am
Ubuntu doesn’t require a user login if you set it to automatically log in as a particular user.
Why would you do this? Well, I wouldn’t but I know lots of people who set it up this way for their not-so-computer-savvy friends and relatives.
Then, it’s just like Windows for them. They start open their laptop lid, hit the power button and a minute later they’re surfing.
Also, you can certainly ping an Ubuntu box without logging in to it. I’ve got a bunch of Ubuntu fileservers that have for the most part no one logged into them either graphically or through SSH. I can still ping them though, even after a reboot and before logging in.
AG
November 28th, 2007 at 6:26 pm
So we had a laptop stolen from the office. The first time the thief tried to use it at home I was able to log the source IP (the one the ISP gives to their router).
Now the hard part. What do I do with this information? Can I assume the ISP owning the IP will not give me the name of the account holder? Will the police help to get this person or will they stare blankly at me when I present the information?
I’m just asking… who knows the BEST way to proceed?
September 13th, 2008 at 11:36 am
“Ubuntu doesn’t require a user login if you set it to automatically log in as a particular user.”
Future versions of Ubuntu will have a Guest account, which the thief can log into and check their mail, etc.
September 28th, 2008 at 5:55 am
Nice tutorial. There are more tools similar to LoJack and some free and open source ones.
http://www.instantfundas.com/2007/11/how-to-prevent-laptop-theft-or-track.html
October 6th, 2008 at 2:00 am
if your the thief just use knoppix… now prevent all that…
January 19th, 2010 at 6:20 am
I actually do something like this on my box at home, but it isn’t really like LoJack, and it’s not much of a defense.
It’s sort of a weak defense, because computer thieves aren’t going to waste any time on trying to use a linux box. They’ll just wipe it.
Now, if you flashed the BIOS with CoreBoot and executed some pre-boot “phone home” code hidden in a host protected area, *then* you’d have implemented a home-brewed LoJack.