Snoop on Your Laptop's Whereabouts

Apr 3, 2010

I have my laptop set up to request a specific URL on my server every 15 minutes, so I can follow it’s whereabouts if it happens to get stolen. Or just for statistics.

The idea is not mine, I got it from a Daniel Klein keynote at an Open Source Days keynote a few years ago.

To do this you need a laptop running some sort of Unix based operating system with cron running, and a webserver somewhere else. Preferably one that you control completely like a Linode VPS.

Set up a cronjob on your laptop that periodically fetch a URL (lines wrapped, should be one long line):

*/15 * * * * curl --silent --connect-timeout 10 --max-time 20 --user-agent '<host> cron snoop' "http://snoop.example.com/<host>?h=$(hostname);ip=$(ifconfig | egrep -A 5 '^en' | fgrep 'inet ' | awk '{print $2}')" 2>&1 > /dev/null

Adjust the exact URL as per what you have available, and substitute the computer’s hostname with the <host> string. The above is specific for Mac OS X, but most Linux distributions will have curl available as a package if it’s not installed by default; I know all the BSD's have it in ports/pkgsrc.

Use ‘crontab -e’ to edit your crontab, except on Mac OS X, where you must create a file, eg. ~/.crontab, with the line above, and then run crontab < ~/.crontab. Annoying, but it’s been like this forever, so I suppose Apple think it’s a feature. (Yes, I have submitted a bug report).

I’ve set up a virtual host on my server specifically for tracking like this:

<VirtualHost *:80>
    DocumentRoot /var/www/snoop.example.com/
    ServerName snoop.example.com
    ServerAdmin webmaster@example.com
    DirectoryIndex index.html
    ErrorLog /var/log/httpd/snoop_error_log
    CustomLog /var/log/httpd/snoop_log combined
    <Directory "/var/www/snoop.example.com">
        Options None
        AllowOverride None
        Order allow,deny
        Allow from all
    </Directory>
    </VirtualHost>

Then I created an empty /var/www/snoop.example.com/<host> file, just to avoid filling the log with 404's.

Now you can find lines like this in /var/log/httpd/snoop_log (lines wrapped):

1.2.3.4 - - [03/Apr/2010:19:30:00 +0000] "GET /?h=<host>.example.com;ip=192.168.2.23 HTTP/1.1" 200 - "-" "<host> cron snoop"

Quite informative.


Last edited: May 1, 2016


Categories: