A new OS experience


Knoppix Tips

From Knoppix for Dummies (for Knoppix 4). Some syntax has changed with the 5 realease:

No Subject
Knoppix for Dummies

1. Booting Knoppix DVD

At boot prompt hit "Enter"

If it doesn't boot (usually older BIOS) use: knoppix acpi=off noapic pnpbios=off pci=bios

2. Persistent Disk Image

Since Knoppix runs from RAM, all the changes made to the desktop will be gone once the system is rebooted. Knoppix provides a way to save the changes made to the hard drive or other storage media. The storage media has to be formated in FAT, FAT 32, VFAT, ext2, ext3, or ReiserFS:

K-Menu -> KNOPPIX -> Configure -> Create Persistent Disk Image

It will then ask the destination drivefrom there on.

3. Connecting to the Internet

3.1 Firewall Configuration

3.1.a First deny all traffic:

iptables -P INPUT DROP
iptables -P OUTPUT DROP
iptables -P FORWARD DROP

3.1.b Open the loopbak device (lo):

iptables -A OUTPUT -j ACCEPT -o lo
iptables -A INPUT -j ACCEPT -i lo

3.1.c Allow all outgoing communication:

iptables -A OUTPUT -m state --state NEW,RELATED, ESTABLISHED -j ACCEPT
iptables -A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT

3.1.d To allow secure shell (SSH) (not a good idea ) connections:

iptables -A INPUT -p tcp -m state --state NEW,ESTABLISHED -j ACCEPT --dport 22

3.1.e Save changes and set the firewall to turn on boot:

/etc/init.d/iptables save active
update -rc.d iptables defaults

3.1.f Manually starting a saved firewall:

/etc/init.d/iptables start
/etc/init.d/iptables restart

3.1.g Stopping an initiallized firewall:

/etc/init.d/iptables clear

4. Ndiswrapper and WPA_Supplicant

Once ndiswrapper is loaded and the wpa_supplicant.conf file configured you can initialize wpa_supplicant as

wpa_supplicant -D ndiswrapper -i wlan0 -c /etc/wpa_supplicant.conf -dd

where -dd is the debugging daemon mode. Alternatively you can run it in the background with the -B option

5 Cloning hard Drives

Cloning means to copy the files from the target drive bit by bit. Linux provides the dd-rescue program to perform this operation. This operation could take a very long time depending on the size of the disk. On Terminal:

5.1 To see the current disks in use:


5.2 To copy a windows NTFS partition, say to the USB disk use:

sudo dd-rescue if=/dev/hda1 of=/dev/sdb1 bd=512

To replace a new drive with the cloned one, reverse the above (i.e. from USB to HDD)

6. Anit-Virus and Drive Cleanup

6.1 Start Antivirus

sudo /etc/init.d/clamav-freshclam restart

6.1.a Update Antivir Database (must be connected to WWW)

sudo freashclam

6.2 Detecting Viruses

6.2.a Mount the target partition

mount /dev/sda2

6.2.b Scan the mounted partition

sudo clamscan /mnt/sda2

6.2.c Outputting only detected viruses

sudo clamscan /mnt/sda2/ | grep FOUND

6.2.d Send the virus detection results to a file

sudo clamscan /mnt/sda2>my.scan.results

6.3 Searching a single file or multiple ones

sudo clamscan help.doc

sudo clamscan *.doc

sudo myfile*

6.3.a Searching directories

sudo clamscan -r dir

Where -r conducts a recursive search and dir is the directory to be searched

6.4 Extracting the location of any infected files

grep FOUND my.scan.results

You can print the results directly

grep FOUND my.scan.results | lp

6.5 Removing Viruses under Windows

Boot into Windows safe mode with command prompt -> Administrator mode -> Delete each file using Windows del command:

del offending.file

Reboot computer

7 Removing Malware and Rootkits

To fix any intursion and rootkit issues in Linux run chkrootkit. This tool contains a good database of known root kit signatures, and it's often updated.

7.1 Run the current version of chkrootkit

sudo chkrootkit -r /dev/sda2

7.2 Download the latest version of chrootkit

7.2.a Go to www.chkrootkit.org/download -> Latest Source Tarball -> Save -> OK

7.2.b Check MD5 -> Open Terminal -> md5sum chkrootkit.tar.gz -> Number should match the one on the website

7.2.c Unpack the verified tarball

tar xzf chkrootkit.tar.gz

7.2.d Make sense and compile the chkrootkit plugins

make sense

7.3 Final Scanning

7.3.a Retrieve and install the latest version of chkrootkit (see online doc)

sudo chkrootkit-0.45/chkrootkit -r /dev/sda2

7.3.b Delete any files that are found

7.3.c Change all of your system passwords

sudo passwd root

8 Remastering Knoppix

8.1 Requirements

(1) Two CD/DVD Drives (The second one is required to burn the remastered disk). (2) Knoppix CD/DVD. (3) Minimum 15GB disk space (4) Writable Media

8.2 Meta View: The overall process

(1) Boot Knoppix and Create a Swap File - probably best to work from live CD, rather than permanent since there are no worries of deleting configuration files.
(2) Mount a Hard Drive partition - Need at least 16GB of HDD and a swap file for systems with less than 1GB RAM
(3) Create Knoppix source and target directory on HDD
(4) Configure the Knoppix source directory - Coppy the K noppix CD/DVD contents to the source directory
(5) Customize Knoppix
(6) Create an ISO image of the source/KNOPPIX directory in the Target directory
(7) Configure the Knoppix Target Directory
(8) Create ISO image of target directory
(9) Burn ISO image to CD/DVD

8.2 Booting Knoppix and getting strated

You want to boot in non-graphical mode (run level 2)

boot: knoppix 2

8.3 Create and mount a hard drive partition

Create space by repartitioning a drive or simply add another drive, IDE, SCSI, USB or otherwise.

Moun the partiotion

mount -o suid,dev /dev/sda2/ /mnt/sda2

8.4 Create directories

mkdir -p /mnt/sda2/knx/source/KNOPPIX
mkdir -p /mnt/sda2/knx/target/KNOPPIX

Configure the Knoppix Source Directories. This coppies the default Knoppix source file tree to the source directory

cp -Rp /KNOPPIX/ mnt/sda2/knx/source

8.5 Customize Knoppix

Here you modify the source directory you created previously. The following creates a simpler version of Knoppix, the basis of a server

(1) Change Linux's root directory to the Source directory

chroot /mnt/sda2/knx/source/KNOPPIX

(2) Create and mount the proc file systme

mount -t proc proc /proc

proc is a logical file system that interacts with the internal kernel structures. In our example we have to mount it to activate networking.

(3) Type the appropriate command to use a DNS for your network

If you use DHCP (automatically generated IP):

echo "nameserver" >> /etc/resolv.conf

If you don't use DHCP use:

echo "nameserver ip_address" >> /etc/resolv.conf

and substitute ip_address for whatever ip address you are provided

Since Knoppix is based on Debian you need to use Debian packages. To view the 20 latest packages:

dkpg-query -W --showformat='${Installed-Size} \ ${Package}\n' |sort -n |tail -20

You can use and select the packages you want

(4) Update your packages

apt-get update
apt-get upgrade

(5) Press enter when prompted on how to upgrade certain packages

(5.1) To remove any packages you don't want use

apt-get -y remove -purge package-name*

such as

apt-get -y remove -purge package-name \
apache* autofs* blue* cvs* emacs* gimp* hpijs* \
isdn* openoffice* samba* squid*

(5.2) To remove most of X windows system

apt-get remove --purge xfree86-common kde-base*

and all KDE dependencies

(5.3) Clean up after removing packages

apt-get remove 'deborphan'
deborphan | xargs apt-get remove

(6) Make it obvious you are running a customized version of KNOPPIX

echo "Welcome to My Knoppix Configuration" > /etc/issue

(7) Unmount the /proc file system

umount /proc

(8) Exit the chroot environment by entering exit

8.5 Configuring the Knoppix Target directory

The following shows hoe to create a cloop file which allows to include software on CD/DVD that normally requires much more space

(1) Copy the base Web page which automatically loads after booting Knoppix from the /cdrom file system to the Target directory

cp /cdrom/index.html /mnt/sda2/knx/target

(2) Copy all the files except the original KNOPPIX file from the /cdrom file system to the Target directory

cd /cdrom
find . -size -10000k -type f -exec cp -p --parents '{}' \ /mnt/sda2/knx/target/ \;

-The first (\) is a continuation mark
-The second (\) tells Bash to ignore the semicolon
-The find command's -size -10000k locates all the files smaller than 10MB
-The -type -f tells find to operate only on files, excluding directories, and soft links
-The -exec tells find to execute the subsequent text as a separate command.
-p preserves original file attributes
--parents tells cp to prepend the source directory path to the destination path
'{}' option is replaced by every file that find locates
/mnt/sda2/knx/target is the destination to copy the files to
\; tells find the cp command has stopped

(3) Make all the files on the target directory writable

chmod -R u+w /mnt/sda2/knx/target

(4) Remove the file containing the original Knoppix checksums

rm -f /mnt/sda2/knx/target/KNOPPIX/md5sums

(5) Create a new compressed KNOPPIX File

mkisofs -R -U -V "Knoppix remastered" \
-publisher "Knoppix Heavy Industries" \
-hide-rr-moved -cache-inodes -no-bak -pad \
/mnt/sda2/knx/source/KNOPPIX | \
nice -5 /usr/bin/create_compressed_fs - 65536 > \

Explanation: Here we are creating an ISO file from the source Knoppix directory, which isn't written but is streamed (piped) to the nice and create_compressed_fs utility. The last option creates a compressed file system, which in this case is the KNOPPIX file containing the compressed file system.

(6) Re-create the md5sums file

find /mnt/sda2/knx/target -type f \
-not -name md5sums \
-not -name boot.cat \
-not -name isolinux.bin \
-exec md5sums '{}' \; \
> /mnt/sda2/knx/target/KNOPPIX/md5sums

9 Create and ISO image

Create an ISO image of your customized Knoppix

(1) Change to the target directory

cd /mnt/sda2/knx/target

(2) Create the mastered ISO file

mkisofs -pad -l -r -v -V "KNOPPIX" \
-no-emul-boot -boot-load-size 4 \
-hide-rr-moved -boot-info-table \
-b boot/isolinux/isolinux.bin \
-c boot/isolinux/boot.cat \
-o /mnt/sda2/knx/myknoppix.iso \

10 Create a Bootable CD-ROM

(1) Insert CD-R/W into burner

(2) Show which device is the cd burner

cdrecord dev=ATAPI -scanbus

(3) Burn the remastered Knoppix ISO

cdrecord -v dev=0,0,0 myknoppix.iso

where 0,0,0 is the device number

10.1 Create a Bootable DVD-ROM

(1) Insert DVD

(2) Find DVD writer and write DVD

growisofs -dvd-compat -Z /dev/sdc=/mnt/sda2/knx/myknoppix.iso

No comments: