Difference between revisions of "Kiosk"
From Hack Sphere Labs Wiki
(→Process) |
(→Process) |
||
| Line 12: | Line 12: | ||
After a quick search it seems that Ubuntu has been used alot for the Kiosk OS. Their are numerous lockdown guides to securing the OS for a Kiosk. It looks like Chrome, Firefox, and Opera can all be used for the browsing. | After a quick search it seems that Ubuntu has been used alot for the Kiosk OS. Their are numerous lockdown guides to securing the OS for a Kiosk. It looks like Chrome, Firefox, and Opera can all be used for the browsing. | ||
| − | =Process= | + | =Manual Process= |
*Install a LTS version of Ubuntu | *Install a LTS version of Ubuntu | ||
*Update System | *Update System | ||
| Line 23: | Line 23: | ||
**Disable Plug-in | **Disable Plug-in | ||
*Install dansguardian | *Install dansguardian | ||
| + | *Install tinyproxy | ||
| + | *Install firehol | ||
| + | |||
| + | =Automated Process= | ||
Meh. Do this instead of all that: | Meh. Do this instead of all that: | ||
http://jacob.steelsmith.org/content/ubuntu-kiosk-based-10041 | http://jacob.steelsmith.org/content/ubuntu-kiosk-based-10041 | ||
| + | |||
| + | Default itadmin password is 'changeme' | ||
| + | |||
| + | Individual has the scripts available but not the configuration files for download on his website. | ||
| + | |||
| + | To edit Firefox settings edit /home/kiosk/.xsession | ||
| + | |||
| + | Other things I did: | ||
| + | *Disabled tabbed browsing in FF: http://www22.verizon.com/residentialhelp/fiosinternet/general+support/top+questions/questionsone/121582.htm | ||
| + | *After turning on dansguardian I could not ssh into the box. I allowed ping and ssh by editing the firehol config. | ||
| + | |||
| + | {{File|name=firehol.conf|content=<nowiki> | ||
| + | iptables -t filter -I OUTPUT -d 127.0.0.1 -p tcp --dport 3128 -m owner ! --uid-owner dansguardian -j DROP | ||
| + | |||
| + | transparent_squid 8080 "root root" | ||
| + | |||
| + | server_ssh_ports="tcp/22022" | ||
| + | |||
| + | interface any world | ||
| + | policy drop | ||
| + | protection strong | ||
| + | client all accept | ||
| + | server cups accept | ||
| + | server ssh accept | ||
| + | server ping accept | ||
| + | </nowiki> | ||
| + | }} | ||
Revision as of 09:33, 20 February 2012
The concept is to build a Kiosk that will only allow a user to browse one website. The goal is to get the user to sign up for the newsletter.
Requirements
- Can be fixed by an admin over the internet
- User can only browse one website
- User cannot change the settings or edit other parts of the computer
Hardware
- ASUS Eee Box EB1021-B028E Desktop PC AMD Dual-Core Processor E-450(1.65GHz) 2GB DDR3 320GB HDD Capacity AMD Radeon HD 6320 Window 7 Home Premium 64-Bit
Software
After a quick search it seems that Ubuntu has been used alot for the Kiosk OS. Their are numerous lockdown guides to securing the OS for a Kiosk. It looks like Chrome, Firefox, and Opera can all be used for the browsing.
Manual Process
- Install a LTS version of Ubuntu
- Update System
- Install ubuntu-restricted-extras
- Create kiosk user account via gui
- Remove all user privileges via gui tool
- Install Firefox
- Install Reset Kiosk 0.4
- Install R-kiosk
- Disable Plug-in
- Install dansguardian
- Install tinyproxy
- Install firehol
Automated Process
Meh. Do this instead of all that:
http://jacob.steelsmith.org/content/ubuntu-kiosk-based-10041
Default itadmin password is 'changeme'
Individual has the scripts available but not the configuration files for download on his website.
To edit Firefox settings edit /home/kiosk/.xsession
Other things I did:
- Disabled tabbed browsing in FF: http://www22.verizon.com/residentialhelp/fiosinternet/general+support/top+questions/questionsone/121582.htm
- After turning on dansguardian I could not ssh into the box. I allowed ping and ssh by editing the firehol config.
