SteveOH

I will be doing this configuration on my test machine very soon since my previous guide (here) is a bit outdated.  For now you can follow the previous instructions and modify them per the instructions below:

From SuperUser:

I’ve done it but not exactly like in your link, because of some kind of problem (bug?) in Grub2 (tutorial is with grub “1″ but I’ve Grub2), specifically in this

title Windows Vista/Longhorn
rootnoverify (hd0,0) makeactive
chainloader (hd0,1)/truecrypt.mbr
boot

The problem is known and posted on many forums.

My solution was:

1. Encrypt Windows7 system partition using truecrypt, selecting Single boot and overwriting Grub2 loader with truecrypt loader
2. Boot Debian from Rescue CD and install grub2 bootloader NOT on MBR but on /dev/sda3 which is Debian / partition (so truecrypt loader was not overrided)

Now while booting truecrypt bootmenu is shown and if I’d access Win7 I’m entering password, but if I’d enter debian (via Grub2) I hit esc key and then truecrypt loader is searching all other partitions for boot loader and finding Grub2 which resides on /dev/sda3 and load system properly.

I think its the best way to do this for now (until sb find resolution for Grub2 to read /boot/truecrypt.mbr without errors).

These two scripts are very important for the system admin who regularly works with mail servers and somehow forgets to backup his system username and password! Let’s say somehow we lost the usernames and passwords of the mail server. In this case the admin has to manually create all the users and then change the passwords for all the users. Tedious job. Let’s make our life easier.

First create a file which contains all the user name. Something like this:

nurealam
nayeem
mrahman
farid
rubi
sankar

Save the file as userlist.txt. Now create the following bash file:

#!/bin/sh
for i in `more userlist.txt `
do
echo $i
adduser $i
done

Save the file and exit.

chmod 755 userlist.txt

Now run the file:

./userlist.txt

This will add all the users to the system. Now we have to change the passwords. Let’s say we want username123 as password. So for user nayeem the password will benayeem123, rubi123 for user rubi and so on.

Create another bash file as follows:

#!/bin/sh
for i in `more userlist.txt `
do
echo $i
echo $i"123" | passwd –-stdin "$i"
echo; echo "User $username’s password changed!"
done

Run the file. All the passwords are changed.

If you want to force all your users to change password, use the following code:

Force all your users to change their passwords because the temporary password is a security risk

#!/bin/sh
for i in `more userlist.txt `
do
echo $i
echo $i | change -d 0 "$i"
echo; echo "User $i will be forced to change password on next login!"
done

I then log as that user and see this

WARNING: Your password has expired.
You must change your password now and login again!
Changing password for user amcorona.
Changing password for amcorona
(current) UNIX password:

sda1: Windows Vista encrypted with TrueCrypt
sda2: Ubuntu Hardy Heron /boot partition (not encrypted)
sda3: Ubuntu Hardy Heron encrypted volume with LVM inside and / and swap partions within LVM (to save partitions used overall incase it gets over 5 partitions)
sda4: Working on installing OSX Leopard on this partition currently.

The steps I used are as follows, in brief:
1) Installed Vista first (actually pre-installed on laptop)

2) Installed Ubuntu second using encrypted physical volume with LVM inside it and 2 partions / and swap inside the LVM(at this point, grub was in the MBR)

3) Ran full windows system encryption (not full disk encryption) through TrueCrypt and let it write its bootloader to the MBR. (obviously overwriting Grub in the MBR)

4) Booted with a live cd and copied the truecrypt bootloader from the MBR to a file in the /boot partition (sda2)
use these commands to do so:
dd if=/dev/sda of=/mnt/boot/truecrypt.mbr count=1 bs=512
dd if=/dev/sda of=/mnt/boot/truecrypt.backup count=8 bs=32256

5)Reinstalled grub to the MBR using these commands:
sudo grub
install (hd0,1)/grub/stage1 (hd0) (hd0,1)/grub/stage2 0×8000 p

6) Added a chainloader to the menu.lst Vista entry to point to the truecrypt bootloader within the /boot partition like so:

title Windows Vista/Longhorn
rootnoverify (hd0,0)
makeactive
chainloader (hd0,1)/truecrypt.mbr
boot

The only partition not encrypted in the /boot partition so far, which is fine. After grub loads, no matter which OS I choose, I enter a passphrase and that OS starts.

For more detailed instructions which I pulled from but which are for XP instead of Vista, use this link:

http://ubuntuforums.org/showthread.php?t=761530

October 24, 2007
By Charlie Schluting

Many new workstations and servers are coming with integrated gigabit (define) network cards, but quite a few people soon discover that they can’t transfer data much faster than they did with 100 Mb/s network cards. Multiple factors can affect your ability to transfer at higher speeds, and most of them revolve around operating system settings. In this article we will discuss the necessary steps to make your new gigabit-enabled server obtain close to gigabit speeds in Linux, FreeBSD, and Windows.

Hardware considerations
First and foremost we must realize that there are hardware limitations to consider. Just because someone throws a gigabit network card in a server doesn’t mean the hardware can keep up.

Network cards are normally connected to the PCI (define) bus via a free PCI slot. In older workstation and non server-class motherboards the PCI slots are normally 32 bit, 33MHz. This means they can transfer at speeds of 133MB/s. Since the bus is shared between many parts of the computer, it’s realistically limited to around 80MB/s in the best case.

Gigabit network cards provide speeds of 1000Mb/s, or 125MB/s. If the PCI bus is only capable of 80MB/s this is a major limiting factor for gigabit network cards. The math works out to 640Mb/s, which is really quite a bit faster than most gigabit network card installations, but remember this is probably the best-case scenario.

If there are other hungry data-loving PCI cards in the server, you’ll likely see much less throughput. The only solution for overcoming this bottleneck is to purchase a motherboard with a 66MHz PCI slot, which can do 266MB/s. Also, the new 64 bit PCI slots are capable of 532MB/s on a 66MHz bus. These are beginning to come standard on all server-class motherboards.

Assuming we’re using decent hardware that can keep up with the data rates necessary for gigabit, there is now another obstacle — the operating system. For testing, we used two identical servers: Intel Server motherboards, Pentium 4 3.0 GHz, 1GB RAM, integrated 10/100/1000 Intel network card. One was running Gentoo Linux with a 2.6 SMP (define) kernel, and the other is FreeBSD 5.3 with an SMP kernel to take advantage of the Pentium 4′s HyperThreading capabilities. We were lucky to have a gigabit capable switch, but the same results could be accomplished by connecting both servers directly to each other.

Software Considerations
For testing speeds between two servers, we don’t want to use FTP or anything that will fetch data from disk. Memory to memory transfers are a much better test, and many tools exist to do this. For our tests, we used [ttcp](http://www.pcausa.com/Utilities/pcattcp.htm).

The first test between these two servers was not pretty. The maximum rate was around 230 Mb/s: about two times as fast as a 100Mb/s network card. This was an improvement, but far from optimal. In actuality, most people will see even worse performance out of the box. However, with a few minor setting changes, we quickly realized major speed improvements — more than a threefold improvement over the initial test.

Many people recommend setting the MTU of your network interface larger. This basically means telling the network card to send a larger Ethernet frame. While this may be useful when connecting two hosts directly together, it becomes less useful when connecting through a switch that doesn’t support larger MTUs (define). At any rate, this isn’t necessary. 900Mb/s can be attained at the normal 1500 byte MTU setting.

For attaining maximum throughput, the most important options involve TCP window sizes. The TCP window controls the flow of data, and is negotiated during the start of a TCP connection. Using too small of a size will result in slowness, since TCP can only use the smaller of the two end system’s capabilities. It is quite a bit more complex than this, but here’s the information you really need to know:

Configuring Linux and FreeBSD
For both Linux and FreeBSD we’re using the sysctl utility. For all of the following options, entering the command ‘sysctl variable=number’ should do the trick. To view the current settings use: ‘sysctl <variable name>’

• Maximum window size:
  • FreeBSD:
    kern.ipc.maxsockbuf=262144
  • Linux:
    net.core.wmem_max=8388608
• Default window size:
  • FreeBSD, sending and receiving:
    net.inet.tcp.sendspace=65536
    net.inet.tcp.recvspace=65536
  • Linux, sending and receiving:
    net.core.wmem_default = 65536
    net.core.rmem_default = 65536
• RFC 1323:
  This enables the useful window scaling options defined in rfc1323, which allows the windows to dynamically get larger than we specified above.
  • FreeBSD:
    net.inet.tcp.rfc1323=1
  • Linux:
    net.ipv4.tcp_window_scaling=1
• Buffers:
  When sending large amounts of data, we can run the operating system out of buffers. This option should be enabled before attempting to use the above settings. To increase the amount of “mbufs” available:
  • FreeBSD:
    kern.ipc.nmbclusters=32768
  • Linux:
    net.ipv4.tcp_mem= 98304 131072 196608

These quick changes will skyrocket TCP performance. Afterwards we were able to run ttcp and attain around 895 Mb/s every time – quite an impressive data rate. There are other options available for adjusting the UDP datagram sizes as well, but we’re mainly focusing on TCP here.

Windows XP/2000 Server/Server 2003
The magical location for TCP settings in the registry editor is HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters

We need to add a registry DWORD named TcpWindowSize, and enter a sufficiently large size. 131400 (make sure you click on ‘decimal’) should be enough. Tcp1323Opts should be set to 3. This enables both rfc1323 scaling and timestamps.

And, similarly to Unix, we want to increase the TCP buffer sizes:

ForwardBufferMemory 80000
NumForwardPackets 60000

One last important note for Windows XP users: If you’ve installed Service Pack 2, then there is another likely culprit for poor network performance. Explained in [knowledge base article 842264(http://support.microsoft.com/?kbid=842264), Microsoft says that disabling Internet Connection Sharing after an SP2 install should fix performance issues.

The above tweaks should enable your sufficiently fast server to attain much faster data rates over TCP. If your specific application makes significant use of UDP, then it will be worth looking into similar options relating to UDP datagram sizes. Remember, we obtained close to 900Mb/s with a very fast Pentium 4 machine, server-class motherboard, and quality Intel network card. Results may vary wildly, but adjusting the above settings are a necessary step toward realizing your server’s capabilities.

So I recently got bombarded with 2 infections of this pesky beast. Some variants are easy to remove (SpyBot can simply pull them out) but the variant I came across was resilient. It loaded a DLL into the Winlogon.exe (injection) executable file (the Windows process responsible for authentication to the Operating System – Windows cannot run without it) and ran from there. So you can’t kill the process, because the OS will reboot. You can’t delete the DLL file, because the OS has it locked. Basically, it’s like a tumor in the center of your brain… there’s really no winning.

There are a few solutions out there (very few) such as Bayles’ solution and this one from a poster on TechRepublic , but unfortunately, neither was any good for me. Bayles’ solution works for variants that inject into Explorer.exe, which is loaded once the OS is loaded and you log in. However, winlogon is loaded as one of the first steps in loading the registry, so it’s loaded even before you press control-alt-delete (it’s actually the process that shows you the login screen). The other solution could have worked had I had administrative privileges on my machine, but I did not (this is my work machine). Therefore, I had to find another solution to bypass the OS from reinfecting itself, but still have access to the underlying file system.

I could have removed the hard drive, but I did not have another laptop to install the HDD into. I couldn’t boot to the Recovery Console using an XP CD, because I did not know the Administrative password. So my solution? I booted the laptop using an Ubuntu Linux CD I had in my laptop bag. Here’s what I did.

1. Boot normally in Windows XP and get the names of the infected DLLs using Bayles’ method (again, pendmove won’t work because winlogon is placed in memory (with the infected DLL) before pendmove is loaded).
2. Reboot using Ubuntu CD – hit enter at the first screen (Run or Install Ubuntu)
3. Unmount the NTFS file system (on a typical installation, it will be the entire drive) – We do this because the standard driver file is a read-only NTFS driver.
4. Open a terminal and install the ntfs-3g packages
   1. sudo apt-get install ntfs-3g
5. Create mount point
   1. sudo mkdir /mnt/test
6. Mount the hard drive
   1. sudo mount -t ntfs-3g /dev/sda1 /mnt/test
      1. /dev/sda1 – is the partition we want to mount, yours may be different
      1. /mnt/test – is the directory in which to mount the partition
7. You can then browse to the windows/system32 directory and delete the infected DLLs (in my case the path was /mnt/test/windows/system32/sbbqikklll.dll)
8. Reboot and then you must run some scanners. I suggest running SpyBot to clean up the rest of the garbage, and then maybe an anti-virus scanner (I used Symantec Corporate). Finally, run the Windows Malware Removal Tool.
   1. This step is extremely important. This trojan downloads other infections to your systems (ads, other programs, etc). Who knows if these other files contain other viruses, trojans, keyloggers, etc.

I hope this helps. Contact me if you need any special assistance.

EXT2IFSHere’s a neat little driver that allows you to mount your EXT2 partition under a wndows OS. I’ve tested this and it does indeed work.

EXT2IFS is an Installable File System Driver (IFS) for Microsoft Windows NT 4.0, Microsoft Windows 2000 (NT 5.0) and Microsoft Windows XP (NT 5.1).The driver can read the Second Extended File System (EXT2) and Third Extended
File System (EXT3)

Update:

Found this recently…

Ext2Fsd

Ext2Fsd is an open source Ext2 file system driver for Windows (NT/2K/XP). “Explorer” your linux ext2 volumes with ease under windows systems.

Update:

Another one!
Ext2 Installable File System For Windows

It provides Windows NT4.0/2000/XP with full access to Linux Ext2 volumes (read access and write access). This may be useful if you have installed both Windows and Linux as a dual boot environment on your computer.The “Ext2 Installable File System for Windows” software is freeware.

Eraser is an advanced security tool (for Windows), which allows you to completely remove sensitive data from your hard drive by overwriting it several times with carefully selected patterns. Works with Windows 95, 98, ME, NT, 2000, XP and DOS. Eraser is Free software and its source code is released under GNU General Public License.

When a file is deleted off of a Windows system (I’m not sure about Linux) the file isn’t really deleted, but the pointer (File Table entry) is deleted so there’s no way the OS can get to it (in essence, the file no longer exists in the OS’s eyes).  So instead of using a large amount of disk I/O operations to delete a 2.78 GB file, a simple deletion of 8k (just a number, has no significanse other than showing the size difference) at a static point on the disk platters accomplishes the same thing (to the OS).  Eventually those sectors on the disk will be overwritten with new data that we actually want, and the OS (and the user) are none-the-wiser.  That’s not good enough for me.  From the documentation, Eraser overwrites those sectors repeatedly (the ensure all sectors in the clusters are overwritten) so that the data is lost, not just ‘deleted’.

An excellent tool for keeping your data really safe.  If you’ve deleted it, make sure it’s really gone.  These types of things have a tendency of biting you in the rear.

You can download Eraser here.

http://www.linuxhomenetworking.com/cisco-hn/dsl-pix.htm

So registered users on one of my Joomla controlled sites simply could not log in if they were using Internet Explorer (6 or 7).  Firefox and Opera work like a charm (of course :-p), but logging in using IE would just result in them being thrown back to the main page, with the error “Unauthorized to see this content”.  So this is what I did to fix it on my site.  I have a shared hosting account on a FreeBSD Unix Server hosting it’s own mySQL database.

I changed the configuration.php as follows:

$mosConfig_live_site = ‘http://www.mydomain.com/joomla’; 

to:

$mosConfig_live_site = ‘http://mydomain.com/joomla’; 

And then I changed the htaccess file (htaccess.txt in the root of the joomla installation) by adding the following lines:

Options +FollowSymlinks
RewriteEngine on
rewritecond %{http_host} http://www.mydomain.com/$1 [nc]
rewriterule ^(.*)$ http://mydomain.com [r=301,nc]

Now this alteration may not be 100% correct, but it’s what I got after searching the net for awhile.

Now all requests coming to the server with www in front are changed to the domain name without
it and internet explorer is working lovely.  I’m not sure if it’ll work the other way around, but I wouldn’t think so. Additionally, this of course only works on Linux/Unix systems running Apache with the modwrite option on, and wouldn’t work on a Windows server (I think, don’t quote me though).

Good luck.

The following is a forum posting on ubuntuforum.com (here) which helped me out a lot.
I had nothing to do with writing it and have not checked it for correctness.  I have followed
the instructions and it worked for me, so I thought I’d share.  Thanks jouka!

*****

Guide: Opera 9.20 + Flash working in Feisty!

Hi, I like Opera a bit more than firefox (better mouse gestures IMO and takes a bit less memory when being open for a while with a lots of tabs opened) and thought that I could try to write clear instructions how I struggled to get Opera + flash (yeah to get those youtubes rolling) working in 64bit Feisty. It might be that some of these steps are not required but hey, so is not a marriage but still ppl do it. Wonder why.. Feisty is out! Enough of bs, so here we go:

1. Download Opera 9.20 static from http://www.opera.com/download/get.pl…++++&x=66&y=23 and do

sudo dpkg –force-architecture -i opera-static_9.20-20070409.1-qt_en_i386.deb

2. Then download http://packages.ubuntu.com/cgi-bin/d…i386&type=main and do

sudo dpkg -i –force-architecture lesstif2_0.93.94-11.4ubuntu3_i386.deb

3. Then Download http://www.opera.com/download/linux/….30-5_i386.deb and do

sudo dpkg -i –force-all openmotif_2.1.30-5_i386.deb

4. Get Flash 9 from http://fpdownload.macromedia.com/get…9_linux.tar.gz
extract it somewhere.. like aint no place like $home so there u go. Then go there and do

cd install_flash_player_9_linux/
sudo cp libflashplayer.so /usr/lib/opera/plugins
sudo cp flashplayer.xpt /usr/lib/opera/plugins

5. Some of these following packages are, and some are not required but what the hell, install them all.  So do

sudo aptitude install ia32-libs ia32-libs-sdl ia32-sun-java5-bin ia32-libs-gtk flashplugin-nonfree sun-java6-plugin sun-java6-jre

6. Get qt3 libs from: http://mirrors.kernel.org/ubuntu/poo…untu5_i386.deb and do

sudo dpkg -i –force-architecture libqt3-mt_3.3.8really3.3.7-0ubuntu5_i386.deb

Now launch your awesome browser and go check out some por… news and stuff!