A new OS experience

2007-10-27

Knoppix Tips

From Knoppix for Dummies (for Knoppix 4). Some syntax has changed with the 5 realease:

No Subject
From:
Knoppix for Dummies
To:
Date:

1. Booting Knoppix DVD

At boot prompt hit "Enter"

If it doesn't boot (usually older BIOS) use: knoppix acpi=off noapic pnpbios=off pci=bios

2. Persistent Disk Image

Since Knoppix runs from RAM, all the changes made to the desktop will be gone once the system is rebooted. Knoppix provides a way to save the changes made to the hard drive or other storage media. The storage media has to be formated in FAT, FAT 32, VFAT, ext2, ext3, or ReiserFS:

K-Menu -> KNOPPIX -> Configure -> Create Persistent Disk Image

It will then ask the destination drivefrom there on.

3. Connecting to the Internet

3.1 Firewall Configuration

3.1.a First deny all traffic:

iptables -P INPUT DROP
iptables -P OUTPUT DROP
iptables -P FORWARD DROP

3.1.b Open the loopbak device (lo):

iptables -A OUTPUT -j ACCEPT -o lo
iptables -A INPUT -j ACCEPT -i lo

3.1.c Allow all outgoing communication:

iptables -A OUTPUT -m state --state NEW,RELATED, ESTABLISHED -j ACCEPT
iptables -A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT

3.1.d To allow secure shell (SSH) (not a good idea ) connections:

iptables -A INPUT -p tcp -m state --state NEW,ESTABLISHED -j ACCEPT --dport 22

3.1.e Save changes and set the firewall to turn on boot:

/etc/init.d/iptables save active
update -rc.d iptables defaults

3.1.f Manually starting a saved firewall:

/etc/init.d/iptables start
/etc/init.d/iptables restart

3.1.g Stopping an initiallized firewall:

/etc/init.d/iptables clear

4. Ndiswrapper and WPA_Supplicant

Once ndiswrapper is loaded and the wpa_supplicant.conf file configured you can initialize wpa_supplicant as

wpa_supplicant -D ndiswrapper -i wlan0 -c /etc/wpa_supplicant.conf -dd

where -dd is the debugging daemon mode. Alternatively you can run it in the background with the -B option

5 Cloning hard Drives

Cloning means to copy the files from the target drive bit by bit. Linux provides the dd-rescue program to perform this operation. This operation could take a very long time depending on the size of the disk. On Terminal:

5.1 To see the current disks in use:

df

5.2 To copy a windows NTFS partition, say to the USB disk use:

sudo dd-rescue if=/dev/hda1 of=/dev/sdb1 bd=512

To replace a new drive with the cloned one, reverse the above (i.e. from USB to HDD)

6. Anit-Virus and Drive Cleanup

6.1 Start Antivirus

sudo /etc/init.d/clamav-freshclam restart

6.1.a Update Antivir Database (must be connected to WWW)

sudo freashclam

6.2 Detecting Viruses

6.2.a Mount the target partition

mount /dev/sda2

6.2.b Scan the mounted partition

sudo clamscan /mnt/sda2

6.2.c Outputting only detected viruses

sudo clamscan /mnt/sda2/ | grep FOUND

6.2.d Send the virus detection results to a file

sudo clamscan /mnt/sda2>my.scan.results

6.3 Searching a single file or multiple ones

sudo clamscan help.doc

sudo clamscan *.doc

sudo myfile*

6.3.a Searching directories

sudo clamscan -r dir

Where -r conducts a recursive search and dir is the directory to be searched

6.4 Extracting the location of any infected files

grep FOUND my.scan.results

You can print the results directly

grep FOUND my.scan.results | lp

6.5 Removing Viruses under Windows

Boot into Windows safe mode with command prompt -> Administrator mode -> Delete each file using Windows del command:

del offending.file

Reboot computer

7 Removing Malware and Rootkits

To fix any intursion and rootkit issues in Linux run chkrootkit. This tool contains a good database of known root kit signatures, and it's often updated.

7.1 Run the current version of chkrootkit

sudo chkrootkit -r /dev/sda2

7.2 Download the latest version of chrootkit

7.2.a Go to www.chkrootkit.org/download -> Latest Source Tarball -> Save -> OK

7.2.b Check MD5 -> Open Terminal -> md5sum chkrootkit.tar.gz -> Number should match the one on the website

7.2.c Unpack the verified tarball

tar xzf chkrootkit.tar.gz

7.2.d Make sense and compile the chkrootkit plugins

make sense

7.3 Final Scanning

7.3.a Retrieve and install the latest version of chkrootkit (see online doc)

sudo chkrootkit-0.45/chkrootkit -r /dev/sda2

7.3.b Delete any files that are found

7.3.c Change all of your system passwords

sudo passwd root

8 Remastering Knoppix

8.1 Requirements

(1) Two CD/DVD Drives (The second one is required to burn the remastered disk). (2) Knoppix CD/DVD. (3) Minimum 15GB disk space (4) Writable Media

8.2 Meta View: The overall process

(1) Boot Knoppix and Create a Swap File - probably best to work from live CD, rather than permanent since there are no worries of deleting configuration files.
(2) Mount a Hard Drive partition - Need at least 16GB of HDD and a swap file for systems with less than 1GB RAM
(3) Create Knoppix source and target directory on HDD
(4) Configure the Knoppix source directory - Coppy the K noppix CD/DVD contents to the source directory
(5) Customize Knoppix
(6) Create an ISO image of the source/KNOPPIX directory in the Target directory
(7) Configure the Knoppix Target Directory
(8) Create ISO image of target directory
(9) Burn ISO image to CD/DVD

8.2 Booting Knoppix and getting strated

You want to boot in non-graphical mode (run level 2)

boot: knoppix 2

8.3 Create and mount a hard drive partition

Create space by repartitioning a drive or simply add another drive, IDE, SCSI, USB or otherwise.

Moun the partiotion

mount -o suid,dev /dev/sda2/ /mnt/sda2

8.4 Create directories

mkdir -p /mnt/sda2/knx/source/KNOPPIX
mkdir -p /mnt/sda2/knx/target/KNOPPIX

Configure the Knoppix Source Directories. This coppies the default Knoppix source file tree to the source directory

cp -Rp /KNOPPIX/ mnt/sda2/knx/source

8.5 Customize Knoppix

Here you modify the source directory you created previously. The following creates a simpler version of Knoppix, the basis of a server

(1) Change Linux's root directory to the Source directory

chroot /mnt/sda2/knx/source/KNOPPIX

(2) Create and mount the proc file systme

mount -t proc proc /proc

proc is a logical file system that interacts with the internal kernel structures. In our example we have to mount it to activate networking.

(3) Type the appropriate command to use a DNS for your network

If you use DHCP (automatically generated IP):

echo "nameserver 192.168.1.1" >> /etc/resolv.conf

If you don't use DHCP use:

echo "nameserver ip_address" >> /etc/resolv.conf

and substitute ip_address for whatever ip address you are provided

Since Knoppix is based on Debian you need to use Debian packages. To view the 20 latest packages:

dkpg-query -W --showformat='${Installed-Size} \ ${Package}\n' |sort -n |tail -20

You can use and select the packages you want

(4) Update your packages

apt-get update
apt-get upgrade

(5) Press enter when prompted on how to upgrade certain packages

(5.1) To remove any packages you don't want use

apt-get -y remove -purge package-name*

such as

apt-get -y remove -purge package-name \
apache* autofs* blue* cvs* emacs* gimp* hpijs* \
isdn* openoffice* samba* squid*

(5.2) To remove most of X windows system

apt-get remove --purge xfree86-common kde-base*

and all KDE dependencies

(5.3) Clean up after removing packages

apt-get remove 'deborphan'
deborphan | xargs apt-get remove

(6) Make it obvious you are running a customized version of KNOPPIX

touch /REMASTERED
echo "Welcome to My Knoppix Configuration" > /etc/issue

(7) Unmount the /proc file system

umount /proc

(8) Exit the chroot environment by entering exit

8.5 Configuring the Knoppix Target directory

The following shows hoe to create a cloop file which allows to include software on CD/DVD that normally requires much more space

(1) Copy the base Web page which automatically loads after booting Knoppix from the /cdrom file system to the Target directory

cp /cdrom/index.html /mnt/sda2/knx/target

(2) Copy all the files except the original KNOPPIX file from the /cdrom file system to the Target directory

cd /cdrom
find . -size -10000k -type f -exec cp -p --parents '{}' \ /mnt/sda2/knx/target/ \;

Explanation:
-The first (\) is a continuation mark
-The second (\) tells Bash to ignore the semicolon
-The find command's -size -10000k locates all the files smaller than 10MB
-The -type -f tells find to operate only on files, excluding directories, and soft links
-The -exec tells find to execute the subsequent text as a separate command.
-p preserves original file attributes
--parents tells cp to prepend the source directory path to the destination path
'{}' option is replaced by every file that find locates
/mnt/sda2/knx/target is the destination to copy the files to
\; tells find the cp command has stopped

(3) Make all the files on the target directory writable

chmod -R u+w /mnt/sda2/knx/target

(4) Remove the file containing the original Knoppix checksums

rm -f /mnt/sda2/knx/target/KNOPPIX/md5sums

(5) Create a new compressed KNOPPIX File

mkisofs -R -U -V "Knoppix remastered" \
-publisher "Knoppix Heavy Industries" \
-hide-rr-moved -cache-inodes -no-bak -pad \
/mnt/sda2/knx/source/KNOPPIX | \
nice -5 /usr/bin/create_compressed_fs - 65536 > \
/mnt/sda2/knx/target/KNOPPIX/KNOPPIX

Explanation: Here we are creating an ISO file from the source Knoppix directory, which isn't written but is streamed (piped) to the nice and create_compressed_fs utility. The last option creates a compressed file system, which in this case is the KNOPPIX file containing the compressed file system.

(6) Re-create the md5sums file

find /mnt/sda2/knx/target -type f \
-not -name md5sums \
-not -name boot.cat \
-not -name isolinux.bin \
-exec md5sums '{}' \; \
> /mnt/sda2/knx/target/KNOPPIX/md5sums

9 Create and ISO image

Create an ISO image of your customized Knoppix

(1) Change to the target directory

cd /mnt/sda2/knx/target

(2) Create the mastered ISO file

mkisofs -pad -l -r -v -V "KNOPPIX" \
-no-emul-boot -boot-load-size 4 \
-hide-rr-moved -boot-info-table \
-b boot/isolinux/isolinux.bin \
-c boot/isolinux/boot.cat \
-o /mnt/sda2/knx/myknoppix.iso \
/mnt/sda2/knx/target

10 Create a Bootable CD-ROM

(1) Insert CD-R/W into burner

(2) Show which device is the cd burner

cdrecord dev=ATAPI -scanbus

(3) Burn the remastered Knoppix ISO

cdrecord -v dev=0,0,0 myknoppix.iso

where 0,0,0 is the device number

10.1 Create a Bootable DVD-ROM

(1) Insert DVD

(2) Find DVD writer and write DVD

growisofs -dvd-compat -Z /dev/sdc=/mnt/sda2/knx/myknoppix.iso

2007-10-25

Student Expenses

It's bad enough we have to shell out vast quantities of money for our education, but imagine how much we, students, could save by using open source software. Below is an abbreviated table of the minimum software requirements just to provide some functionality:








































Windows XP Home 199.99
Office Home and Student 2007 149.98
MS Money 49.98
Microsoft Encarta 39.98
Adobe Photoshop CS3 299.98
Systat 12 279.98
McAfee Internet Security 59.98
Norton Student Backup 39.98
Total $1,119.85


Although the total reflects the total sum less student discount, one has to wonder why is it that colleges expect us to incur extra costs when we don't have to? I know, I know, people expect things to just work, but we attend college to learn something right? I've since migrated to Linux, and as an example, I am required to use MS Office and Systat 12. Of course, any office documents I produce are a result of Open Office, and I produce statistical models and graphs with R. All this costs me nothing, and since I am a nice guy I donate when I can. With an open mind and some elbow grease a student can take advantage of open source software to complement his/her education. After all, isn't computer literacy, above data entry, important in the job market?

Building from Source

My old desktop has an unsupported wireless pci card, and after some searching I found a windows driver that I can use via ndiswrapper. But Kubuntu 7.10 doesn't install ndiswrapper so I have to install from source. Hm, I never had to do that before, and after searching google I came across www.justlinux.com, an excellent site for newbies to Linux. They have some pretty good primers, as in the case of my current interest compiling software. The reason I have to do this is that my desktop is located in a room where I can't run CAT-5 cable easily, so wireless networking is the only answer. But the example they give at justlinux.com follows:


A Real Life Example

Now for a real life example. I downloaded a tarball called bar.tar.gz and saved it in /tmp.

Okay, so the tarball name is not real. But the procedure is. First I decide I want to install the files in /usr/local/programs/bar. So obviously, I will have to create the appropriate directories. Now I should mention that you do not need to be root to configure and build the software. However, you must be root when you are installing the software.

cd /tmp
tar xvzf bar.tar.gz
cd bar
./configure --prefix=/usr/local/programs/bar
make
make install

Now that my software is installed, I then edit my /etc/profile and append the following:

PATH=$PATH:/usr/local/programs/bar/bin
export PATH

Finally, I source my /etc/profile file and then I am ready to use my program. When I want to uninstall it, I can just run make uninstall, and if that does not work, I can just delete the subdirectory bar under /usr/local/programs.

2007-10-24

Ugh, boredom to no end

As I was listening to my professor drone on and on the Rules for Determining Whether Certain Obligations and Interests are Securities or Financial Assets (UCC 8-103) I decided I had enough. Thankfully, today I was late for class so I had to sit in the back row, so I fired up my laptop and began browsing the web, while my Olympus digital recorder kept a record of the professor's lecture. I was checking out reddit.com and digg.com but a lot of the articles and comments were making me laugh so much that I was worried I would disturb the class. There is something to be said about paranoia and the simply ridiculous reasons that motivate people to write the way they people who comment on those two sites do. Occasionally, I do come across some decent and well written articles or comments, which stand out rather clearly because of the prevalence of so much bad writing. But this is getting me off track.

Soon enough I got bored with reddit and digg, so I decided to play with Backtrack 2. Why not, the lecture was pretty boring too? The first step was to bring up my wireless card. As usual this is a point of some consternation for me, not induced by Linux, as my frustration is directed at the reasons behind manufacturer decisions not to support Linux and open source. Yeah, this is rather ironic seeing how I am sitting in Business Law I (see: § 1-103. Construction of [Uniform Commercial Code] to Promote its Purposes and Policies: Applicability of Supplemental Principles of Law. and Patent Law).

Anyways, since I have a Dell Inspiron E1505 (6400) laptop, I know that when the kernel loads it defaults the to the bcm43xx wireless driver. A quick check with lsmod | grep bcm43xx outputs the driver info. Before I do anything I need to find out if ndiswrapper installed so ndiswrapper -v returns the module and version number. Time to remove it so modprobe -r bcm43xx takes care of that, and a check with lsmod | grep bcm43xx returns no values. I already know that my wireless card uses a Broadcom driver and I already have saved the bcmwl5.inf and bcmwl5.sys in a folder called wireless. ls /mnt checks the mount points and cd /mnt/sda2/wireless changes location to the wireless folder so I can copy the files to root directory(~ i.e. tilde) as cp *.* ~. After changing back to root I installed the proprietary driver ndiswrapper -i ~/bcmwl5.inf and then I check to see if the driver is installed ndiswrapper -l. So I initiate the module modprobe ndiswrapper and then check to see if it is installed lsmod | grep ndiswrapper. iwconfig checks to see if my card is present and ifconfig wlan0 up brings up the card.

My college uses WEP encryption so I need to use WPA supplicant; checking to see if installed wpa_supplicant -v I get the module and version number. I already have a wpa_supplicant.conf file available with the network information in a folder on my drive, so I copy it to my /etc folder cp /mnt/sda2/Docs/wpa_supplicant.conf /etc/wpa_supplicant.conf. After that I invoked wpa_supplicant wpa_supplicant -c /etc/wpa_supplicant.conf -i wlan0 -D wext -dd and wait for authentication.

Since my school uses DHCP I force the network to assign an IP to my card through dhcpcd wlan0. Now, I tried pump -i wlan0 and dhclient wlan0 since I used them in Knoppix and Ubuntu respectively which didn't work, but I remembered SLAX, hence dhcpcd. As dhcpcd didn't hang I pinged google.com and packets started streaming. Wifi is up and running.

But here's the stupid thing I did: I closed the terminal window, where I had wpa_supplicant running, so I had to kill all the processes associated with wifi using killall . Yeah, that was fun, and still I am unsure why I had to remove the drivers and start from scratch, but I have to google this.

All in all, this took me about 20 minutes and I am writing this while on Backtrack 2. Yet another thing got me thinking! How do I secure my computer and manage traffic in or out? In come Iptables after some goolging and running into a tutorial for iptables. Alas, time has run out. One thing that I needed to check was how to automatically reinitialize my wifi setup, but will have to check that out later, probably before reading on iptables. Then, using the aircrack tools it might be a good idea in auditing my home network and that WPA encryption I have on. Class is dismissed - gotta go.

The Economics of Linux and Free Software

Today, in a conversation with my Microeconomics professor on profit maximization I raised the question of Linux as a free alternative to Microsoft or Apple OS-es. Assuming a few things constant, such as demand for the products to be equal, it became clear that individual preferences are key as Linux, Windows, and Apple OS-es accomplish the same thing, albeit a few shortcomings. That is, in encouraging a consumer to move up or down the utility curve the OS has to cost less not only in monetary terms, but also in substitution value. Linux lacks the "plug-and-play" of many hardware specifically designed for Windows, but it allows greater flexibility in modifying the OS to your needs and perform various administrative actions with great modularity. In the case of Windows the OS costs quite a bit of money, it is not modular, and it is restrictive, yet for the consumer it is a familiar platform and requires a low learning curve to operate. The Apple OS on the other hand has a familiarity of use but upgrading the hardware is beyond the average consumer's abilities. Once could probably see the merits of predicting the consumer's preferences, say between Linux and Windows, in using game theory and the Nash Equilibrium. It might be interesting to revisit this topic at a later date.

2007-10-23

Kubuntu 7.10 Gutsy Gibbon

Alright, after trying Knoppix for a while, I decided I liked Linux enough to install the Kubuntu 7.10 Gutsy Gibbon distro on my old Windows 2000 machine. I must say, the installation was a pain, but that's because I messed up. First, during the installation I lost power, so I had to start all over again. But when I tried a reinstall (after manually formatting the drive via fdisk) my installation would fault at about 43%. I searched high and low, and after some time and a lot of frustration I found out that I had to fix the Master Boot Record (MBR) or simply delete it. This would fix my problems. Unfortunately, one option was to use fdisk /mbr which didn't help. Yet, the second option was to overwrite the MBR with a new one via dd if=/dev/zero of=/dev/hda bs=512 count=2. After, that everything went smoothly. My wireless card was recognized by the OS and the only thing I had to do was to set up wpa_supplicant. I used the package manager to download the software I use even under Windows as open source.

Another snag I hit was forcing dhcp to assign an IP to my card automatically. Under Knoppix I used pump -i wlan0, but for Kubuntu I needed dhclient wlan0 (coincidentally when I was using Backtrack 2.0 to asses my network encryption it required dhcpcd wlan0).

Using Backtrack though, dhcpcd kept hanging so I used killall and restart the module. Then, I closed the shell in which wpa_supplicant was running and away goes my network. Since I am no Linux whiz, I decided to start from scratch. I removed ndiswrapper and uninstalled the driver:
modprobe -r ndiswrapper
ndiswrapper -r bcmwl5

This way I could install the driver again. Phew!