Several ways to mount a harddisk/usb disk image

I've got an image of a USB disk that was created with the command dd. How can we mount it and access files? The file is named smosimg

Method 1: fdisk and bash

# fdisk -l smosimg
 
Disk smosimg: 1993 MB, 1993342976 bytes, 3893248 sectors
Units = sectors of 1 * 512 = 512 bytes
Sector size (logical/physical): 512 bytes / 512 bytes
I/O size (minimum/optimal): 512 bytes / 512 bytes
Disk identifier: 0x000336e0
 
  Device Boot      Start         End      Blocks   Id  System
smosimg1   *        2048     1230847      614400   83  Linux
smosimg2         1230848     3893247     1331200   83  Linux

I want to mount the second partition that starts at block 1230848. The block size is 512 bytes, so we multiply 1230848 by 512:

mkdir target
mount -o loop,offset=$((1230848*512)) smosimg target

Method 2: kpartx

mkdir target
kpartx -a smosimg
mount /dev/mapper/loop0p2 target -o loop
kpartx -d smosimg

Method 3: losetup

mkdir target
losetup --partscan --find --show disk.img
mount /dev/loop0p2 target
losetup -d /dev/loop0

I've personally tested all three methods, and on my Fedora 18 machine, they all work.

© GeekLabInfo Several ways to mount a harddisk/usb disk image is a post from GeekLab.info. You are free to copy materials from GeekLab.info, but you are required to link back to http://www.geeklab.info
1 Star2 Stars3 Stars4 Stars5 Stars (No Ratings Yet)
Loading...

Windows Photo Viewer terminating with “COM Surrogate” error

One of the computers I manage had a problemen with Windows Photo Viewer, which crashed with the message "COM Surrogate has stopped working".

Especially when clicking "Next" in the viewer, the application crashed.

It's a 64 bit Dell computer running Windows 7 with all updates applied. It has a Trend Micro virusscanner and a TightVNC 2.x server for remote management.

What is COM Surrogate?

Often, COM objects are defined in DLLSs, a piece of code that is executable, but just not by itself. It is started by another program when needed. But sometimes, you just want to run code from a DLL without writing a complete wrapper program around it. That's where Microsoft has provided a program that can execute parts of a COM DLL without developing a complete program to load the DLL.

This program is called dllhost.exe and has user friendly name "COM Surrogate

What can I do against a crashing COM Surrogate?

I read several solutions, most of which were useless to me, but they may help you.

Replace video card

In my case, the issue was that the drivers of the onboard video card crashed. The computer is an Optiplex 9010 with an Intel® Q77 Express Chipset (Intel® BD82Q77 PCH) chipset that has Integrated Graphics.

I inserted an ATI Radio HD34xx card, which was automatically installed by Windows 7. After a reboot, the problem seems to be completely gone.

Commands

There are a few dlls that can be "re-registered" with Windows. Click on start, type cmd and right-click to choose "Run as Administrator". On the command line, type:

regsvr32 vbscript.dll
regsvr32 jscript.dll

Check Disk for Errors

Bad sectors on the hard drive could be the cause of COM Surrogate crashing. You can check your disk with the chkdsk command.

Disable DEP for dllhost.exe

Another fix that is suggested by numerous websites, is adding dllhost.exe to the exception list of DEP (Data Execution Prevention).

On 32-bit systems, you could whitelist:

C:\Windows\System32\dllhost.exe

And on 64-bit systems, that would be:
C:\Windows\SysWOW64\dllhost.exe

Although this MAY be a fix, I really suggest you don't use this method. The dllhost.exe is an executable that runs a crapload of DLLs, both Microsoft-DLLs and Third-party DLLs. It's like telling your virusscanner to exclude *.exe from scanning.

If it were your financial software, I would not advice against it, but dllhost.exe is used by so many programs, that I don't consider it safe to exclude.

© GeekLabInfo Windows Photo Viewer terminating with "COM Surrogate" error is a post from GeekLab.info. You are free to copy materials from GeekLab.info, but you are required to link back to http://www.geeklab.info
1 Star2 Stars3 Stars4 Stars5 Stars (No Ratings Yet)
Loading...

How to prevent https://r.twimg.com/jot from opening

Recently, I noticed that I had a tab opening in Firefox with the URL https://r.twimg.com/jot in a new tab. Apparently, when visiting RSS feeds in Thunderbird, this tracker is opened in another tab, which is quite annoying.

I've read a lot of solutions to this issue, most of them being changes in the settings of either Thunderbird or Firefox. Probably the best solution was to deny ||r.twimg.com/jot through ad block plus.

My solution was a quick hack: I fixed it by adding a patch to /usr/bin/firefox
if [ "`echo $@|grep r.twimg.com/jot`" != "" ]; then
echo jot stopped | logger
exit 0
fi
if [ "`echo $@|grep twitter.com/i/jot`" != "" ]; then
echo jot stopped | logger
exit 0
fi

© GeekLabInfo How to prevent https://r.twimg.com/jot from opening is a post from GeekLab.info. You are free to copy materials from GeekLab.info, but you are required to link back to http://www.geeklab.info
1 Star2 Stars3 Stars4 Stars5 Stars (No Ratings Yet)
Loading...

IPv6 neighbour proxy

When experimenting with IPv6 this weekend, I thought it would be cool to give my IPv4-only devices such as my webcam an IPv6 address.

Using Tayga to do NAT64, I could route an IPv6 range to a virtual network interface where Tayga translates incoming packets to IPv4. As Tayga's documentation states: "You will need to select an unused /96 from your site's IPv6 address range which will be used as the NAT64 prefix." Unfortunately, I  only have one single /64 available, a range that should not be split.

What I did, was the following:

Diagram1

This is not really best practice, as hosts in the range 2001:400:1234:567:ffff:0:0:0 - 2001:400:1234:567:ffff:ffff:ffff:ffff  could be located on both the LAN and the Tayga virtual router, it's the only working method for the time being.

The Linux router sends packets for 2001:400:1234:567:ffff::/96 to Tayga instead of direcly to the lan. This works for outside hosts, but hosts on the LAN don't know that packets for this range should be sent to the Linux router.  They try to find my webcam on the LAN, but obviously can't find it.

Neighbour discovery

This looking for the webcam on the LAN is called neighbour discovery. The Neighbour Discovery Protocol performs functions similar to IPv4 ARP for finding other nodes on the same LAN. With above setup, the host at 2001:400:1234:567:ffff::1 is actually off the LAN. The Linux router must tell my laptop to send packets for this IP to the router.

proxy_ndp

You can do this using proxy_ndp, the IPv6 variant of proxy_arp. First enable proxy_ndp by running:

sysctl -w net.ipv6.conf.all.proxy_ndp=1

You can enable this permanently by adding the following line to /etc/sysctl.conf:

net.ipv6.conf.all.proxy_ndp = 1

Then run:

ip -6 neigh add proxy 2001:400:1234:567:ffff::1 dev eth0

This means for the Linux router to generate Neighbour Advertisement messages in response to Neighbour Sollicitation messages for 2001:400:1234:567:ffff::1 that enter through eth0. Note that 2001:400:1234:567:ffff::1 itself is not found on eth0, but on another virtual interface.

ndppd - NDP Proxy Daemon

While proxy_arp could be used to proxy a whole subnet, this appears not to be the case with proxy_ndp. To protect the memory of upstream routers, you can only proxy defined addresses. There is a daemon that can proxy a whole subnet, ndppd. It's available at
http://priv.nu/projects/ndppd/.

Links

Another interesting page on this subject is found at:
http://linux-attitude.fr/post/proxy-ndp-ipv6
(French, use google translate) - multiple /64's in a /56

http://wiki.stocksy.co.uk/wiki/IPv6%2BXen_on_a_Hetzner_server_with_routing_to_dummy0_and_proxy_ndp - exactly what I'm doing, but for other purposes. Just found this page after typing my own.

© GeekLabInfo IPv6 neighbour proxy is a post from GeekLab.info. You are free to copy materials from GeekLab.info, but you are required to link back to http://www.geeklab.info
1 Star2 Stars3 Stars4 Stars5 Stars (No Ratings Yet)
Loading...

Bash: download and execute shell scripts

Sometimes, when running 1 bash script repeatedly on several different machines, I found that being able to download and immediately execute a script is very handy.

The following command will download a script and immediately execute it:

bash <(curl -s http://geeklab.info/my-script.sh)

This command uses Bash's Process Substitution to do it's job. command2 <(command) means for bash to put the output of command in a pipe and then run command2 [tempfile]. So above statement does the same as:

TMPFILE=$(mktemp /tmp/my.XXXXX)
curl -s http://geeklab.info/my-script.sh > $TMPFILE
bash $TMPFILE
rm $TMPFILE

Process substitution is also very useful when you want to know the difference between the output of two commands:

diff <( command1 ) <( command2 )

Furthermore, it's possible to pipe the contents of the temporary file into command2. For instance:
bash < <(curl http://geeklab.info/my-script.sh) would do the same as:

TMPFILE=$(mktemp /tmp/my.XXXXX)
curl -s http://geeklab.info/my-script.sh > $TMPFILE
bash < $TMPFILE
rm $TMPFILE

With bash, this difference is small, but with other commands, it may not be.

© GeekLabInfo Bash: download and execute shell scripts is a post from GeekLab.info. You are free to copy materials from GeekLab.info, but you are required to link back to http://www.geeklab.info
1 Star2 Stars3 Stars4 Stars5 Stars (No Ratings Yet)
Loading...

Outlook: Where will sent items be saved?

Some of my colleagues share mailboxes. They have a personal account and a shared account for the group. Their question was: where will sent items be saved?

I found that by default, Outlook 2007 saves sent items in the primary user account. This can be changed in the registry:

[HKEY_CURRENT_USER\Software\Microsoft\Office\12.0\Outlook\Preferences]
"DelegateSentItemsStyle"=dword:00000001

This is described on this microsoft kb article.

If that doesn't work, try the hotfix from microsoft support.

© GeekLabInfo Outlook: Where will sent items be saved? is a post from GeekLab.info. You are free to copy materials from GeekLab.info, but you are required to link back to http://www.geeklab.info
1 Star2 Stars3 Stars4 Stars5 Stars (No Ratings Yet)
Loading...

IPv6 privacy

On most Linux distributions, the right hand part of the IPv6 address is based on the computer's MAC address. As your MAC address is fixed and (in theory) worldwide unique, your computer can be traced anywhere it goes online. While cookies track you all the time, stil having another tracker around is not desired.

The "IPv6 Privacy Extensions" fix this by giving you a regularly changed random IPv6 address.

To enable IPv6 Privacy Extensions, edit the file /etc/sysctl.conf and add these lines:

net.ipv6.conf.wlan0.use_tempaddr = 2
net.ipv6.conf.eth0.use_tempaddr = 2
net.ipv6.conf.all.use_tempaddr = 2
net.ipv6.conf.default.use_tempaddr = 2

Still, whenever you go online on a browser that carries your cookies/flash cookies/zombie cookies/supercookies, you may be identified. But at least, it's a little harder to track you.

© GeekLabInfo IPv6 privacy is a post from GeekLab.info. You are free to copy materials from GeekLab.info, but you are required to link back to http://www.geeklab.info
1 Star2 Stars3 Stars4 Stars5 Stars (1 votes, average: 4,00 out of 5)
Loading...

Review: Belkin KVM Omniview 5216K – part 3

Tonight, it's time for part 3 of my Belkin Omniview IP 5216K KVM Switch

End 2010/begin 2011 I bought a Belkin KVM Omniview 5216K. When I first started to use is a few months later, it crashed so often that the device was useless. And if accidentilly, I could connect, keys got stuck so often that typing my username or password was absolutely impossible.

With one of the required reboots, the device finally died on june 17 of that year. After having to deal with a terrible helpdesk that answered things that resemble "so, your car crashed into a canyon? Have you tried to restart your car to fix this?" and weeks of waiting, it finally got replaced by a 32 port switch, the Belkin Omniview IP 5232K KVM Switch..

Since the new device has a new firmware, the stuck keys got a little better. But another problem came up. I just tried to login to the device. And I definitely used the right password. The device is only accessible over VPN, so it's very unlikely that someone else got access to the device. And last time, I had this problem, the device just needed a restart to recognise my password again.

Probably the internal authentication daemon has died or something.

© GeekLabInfo Review: Belkin KVM Omniview 5216K – part 3 is a post from GeekLab.info. You are free to copy materials from GeekLab.info, but you are required to link back to http://www.geeklab.info
1 Star2 Stars3 Stars4 Stars5 Stars (No Ratings Yet)
Loading...

How to decrypt a PDF file on Linux

Sometimes, I receive digital invoices in PDF format with a password. That way I shouldn't be able to modify them and commit fraud. Unfortunately, this also makes it impossible to perform normal operations on them, such as removing unneeded specifications or merging all invoices into one single file.

Luckily, most Linux distributions come with a tool that can be used to remove these passwords: ghostscript.

In order to remove the password, simply run:

gs -q -dNOPAUSE -dBATCH -sDEVICE=pdfwrite -sOutputFile=unencrypted.pdf -c .setpdfwrite -f encrypted.pdf

While this does remove the password, I'm not sure if it does not degrade the quality of the file a little (I don't notice any quality difference, but if you use highres files, you may lose quality).

© GeekLabInfo How to decrypt a PDF file on Linux is a post from GeekLab.info. You are free to copy materials from GeekLab.info, but you are required to link back to http://www.geeklab.info
1 Star2 Stars3 Stars4 Stars5 Stars (3 votes, average: 4,67 out of 5)
Loading...

Manually undeleting a file from ext2, ext3, ext4 or any other filesystem

Yesterday, I worked on a PHP project all day. At the end of the day, I moved it from development to staging. And finally I deleted it from staging. Oops!

I just discovered an hour ago what I did. What to do, what to do...?

Back in the old days, Midnight Commander supported some undelete function, but this option has been removed in the CentOS 6 version I'm running.

Then there's the option to use extundelete, but that would need compiling and a lot of other disk activity before I could use it. Normally, I would compile such a program on another server, then hook up the disk. But since it's a cloud server that I cannot access in any other way but SSH, that's not an option.

And finally there's the option to use ext3undel+foremost+testdisk from rpmforge to undelete information, but somehow I couldn't get all dependencies to install. So there's no usable software to fix this.

Or is there?

Manual recovery

Most filesystems, except for filesystems that do raid/compression/encryption, just write data to blocks on the disk in a structured manner. If you could save and access the blocks, you may be able to do some manual recovery.
Lees verder

© GeekLabInfo Manually undeleting a file from ext2, ext3, ext4 or any other filesystem is a post from GeekLab.info. You are free to copy materials from GeekLab.info, but you are required to link back to http://www.geeklab.info
1 Star2 Stars3 Stars4 Stars5 Stars (1 votes, average: 4,00 out of 5)
Loading...