I use chroot all the time to rescue or build a linux machine. One niggling problem is that /dev/ and /proc are not propagated automatically to the chroot environment. To solve this do the following before running chroot


mount --bind /dev /path/to/chroot/dev
mount --bind /proc /path/to/chroot/proc


Then you can chroot:

chroot /path/to/chroot/ bash


Pretty simple trick but a useful one.

I was giving a presentation on my Acer Aspire One netbook recently, and it occured to me that there must be a better way to enable the external display than to restart X. With my old laptop I had the nVidia control panel to control external devices, but this netbook has an integrated Intel GMA display adaptor. It turns out that xrandr (and the GUI front ends) fit the bill nicely.

Basic stuff:
xrandr -q
This displays the information of the currently connected displays.

xrandr --output LVDS --off --output VGA --mode 1024x768
This turns off the internal display and enables the VGA connected device at a resolution of 1024x768. The option you pass to mode should be listed when you run -q.

I came across this little problem today. I had an image of an entire hard drive, but all I wanted was to extract a single partition.

Most of what I wanted to do was described in this post.

First, I needed to see what was on the disk image, using fdisk:

fdisk -lu /path/to/image.bin
Device Boot Start End Blocks Id System
myimage.bin1 * 63 275225579 137612758+ 83 Linux
myimage.bin2 275225580 17117257+ 7 HPFS/NTFS

and so on.

The "u" option tells fdisk to display the results in units of 512 bytes, which should match the block size. This may not be true of disks imaged that are 3 terabytes or larger.

What I then did was use dd to extract only partition 1

Below is a real world example based on the output of dd above.

I now have a second file myimage-1.bin which I can then mount and copy files off of.

Nmap is a commonly used utility in the security world. The default nmap scan is pretty good but there are a number of options to make your scans more informative and or more efficient.

My current set of command line options varies slightly depending on what I am looking for, but it generally starts with something the looks like this:

This scans two networks, 192.168.0.0/24 and 192.168.1.0. In my case I have two subnets at home with routing between them. This would let me see the whole network at a glance.

• The -PN option does not use ping (ICMP) to test to see if a host is alive before scanning it.
• The sU, sS sV option enables UDP service discovery.
• The sS option scans for TCP services using the SYN TCP Connect method. This is pretty reliable as it mimics a legitimate connection attempt.
• The sV option tells nmap to connect to these services and find out what version they are running. This is useful for finding exploitable services.

Howto securely erase a harddrive .

Simply deleting, formating or zero writing a hard drive is not enough to keep a determined individual from restoring data from a hard drive. To ensure that your data really is deleted use a CD based distribution such as knoppix to boot the computer.

You can either issue the following commands seperated by a semicolon (;) or put them into a script. This is essentially a fire and forget process, but it will take a really long time.

Also, each pattern (writing 0’s, 1s, and random) should be done 4 to 8 times for maximum security.

I am just posting a few of those little usefull commands, links, and utils that make my digital life so much easier:

* What hardware have you got? What version is your BIOS? dmidecode is perfect for this. One that I use regularly is to check the BIOS version without rebooting.

 sudo dmidecode -s bios-version
This command returns something like this:
ASUS M2A-VM HDMI ACPI BIOS Revision 0502

* Check device usage
fuser (device)
eg:
 fuser /dev/dsp

used for finding out what software has control of a given device. Very usefull when tweaking and troubleshooting a linux pro audio set up.

* rsync backups
rsync -avzue ssh (username)@(hostname or ip):/(path to backup)/* (localpath )

This backs up all files and directories on the remote host and copies to the folder you specify.

* Hard Drive Tuning (Linux)
hdparm (options) (hard drive device) For example:
hdparm -c3 -d1 -S36 /dev/hda

This controls the hard drive, specifically I am enabling dma which speeds up the hard drive, setting i/o to mode 3 which also speeds things up.