2010年9月25日星期六
UltraDefrag 4.4.0
UltraDefrag is a powerful disk defragmentation tool for Windows. It is the first open source defragmenter with full support of system locked files defragmentation. Actually all files including registry hives and paging file can be processed by UltraDefrag during the Windows boot process.
Virtual Router – 用无线网卡虚拟出 WiFi 热点
可以将无线网卡虚拟成 WiFi 热点的工具,满足没有无线路由器时移动设备的需要。是的,出门可以不用带无线路由器了,支持 Windows 7 / 2008 R2。
Virtual Router 将一切都简化了,下载安装后,只需要 设置热点名称 > 设置热点密码 > 选择要共享的网络 > 启动虚拟路由器。
密码需要需8位以上,WPA2 加密,如果仅有一个无线网卡设备,是不需要选择共享网络的。很快,就可以在移动设备中找到热点了,当然不止支持移动设备,有无线网卡的设备都可以,比如笔记本电脑。
videocacheview
VideoCacheView - 网络视频暴力下载工具,对于浏览器所播放的视频而言,也是凡走过必留下痕迹,只要网络视频流的提供者所采用的是快取技术,那么当你关闭Firefox或IE时,视频便会保存在浏览器临时文件夹中,而这个小工具可以打开曾经播放过的视频(支持MP4,WMV,FLV等格式),或者另存为文件。
用法:用Firefox或IE打开你的视频网址→等它缓存完毕→关闭浏览器→打开VideoCacheView→右键你要的视频→另存到
用法:用Firefox或IE打开你的视频网址→等它缓存完毕→关闭浏览器→打开VideoCacheView→右键你要的视频→另存到
2010年9月15日星期三
ATA security
The below Princeton “Lest we Remember: Cold Boot Attacks on Encryption Keys” article sparked a debate on the minasi forum (Which most people know I participate actively in)
The user Douggg suggested the use of a to mostly unknown security feature of modern ATA drives, which enables a user to password protect the drive it self.
So I decided to do some research into it.
The Security Mode feature set was initially created for 2½” disks (laptop disks) in about 1996.
——————————————————————————–
The optional Security Mode feature set is a password system that restricts access to user data stored on a
device. The system has two passwords, User and Master and two security levels, High and Maximum. The
security system is enabled by sending a user password to the device with the SECURITY SET PASSWORD
command. When the security system is enabled, access to user data on the device is denied after a power
cycle until the User password is sent to the device with the SECURITY UNLOCK command.
A Master password may be set in a addition to the User password. The purpose of the Master password is to
allow an administrator to establish a password that is kept secret from the user, and which may be used to
unlock the device if the User password is lost. Setting the Master password does not enable the password
system.
The security level is set to High or Maximum with the SECURITY SET PASSWORD command. The security
level determines device behavior when the Master password is used to unlock the device. When the security
level is set to High the device requires the SECURITY UNLOCK command and the Master password to
unlock. When the security level is set to Maximum the device requires a SECURITY ERASE PREPARE
command and a SECURITY ERASE UNIT command with the master password to unlock. Execution of the
SECURITY ERASE UNIT command erases all user data on the device.
The SECURITY FREEZE LOCK command prevents changes to passwords until a following power cycle. The
purpose of the SECURITY FREEZE LOCK command is to prevent password setting attacks on the security
system.
——————————————————————————–
What this seems mean is that you can set two security modes on the drives High & Maximum
In High security mode both the “user” and the “master” password is able to unlock the drive.
In Maximum only the “user” password will unlock the drive, the “master” password needs to be sent with a delete all command, that overwrites the entire disk with 0′s and then allows access to the disk.
IBM started making this widely available in their 3½” disks in 1998 as well, Microsoft later asked Seagate to build the security into their 3½ drives for the Xbox to protect them, later WD followed suit.
This means that practically all disks today have the “security features” available.
As a security precaution the devices have a function called “SECURITY FREEZE LOCK”, when this command is sent to the device it will not accept any changes to the password until next boot. The problem is that most PC manufacturers have not added this feature to the BIOS of PC’s meaning that it is theoretically possible to set the password when the PC is running, rendering the disk unreadable at next boot.
Luckily for us the windows API that sends “ATA” commands does not support the commands:
——————————————————————————–
SECURITY SET PASSWORD
-
SECURITY UNLOCK
-
SECURITY ERASE PREPARE
-
SECURITY ERASE UNIT
-
SECURITY FREEZE LOCK
-
SECURITY DISABLE PASSWORD
——————————————————————————–
So in order for someone to abuse it, that person would have to gain admin access to the PC, install a kernel mode driver that can communicate directly with the disk, and the BIOS should not have sent the “SECURITY FREEZE LOCK” command.
On the security topic Heise.de tested it, and found that it was not enough to remove the circuit board and replace it with a board from an unlocked drive. So password data is stored on the drive platters as well.
They sent the drive to IBAS (Norwegian data recovery company) who were able to recover the key.. (They call it a trade secret)
As with most closed systems it is not known is there is a master master password, though vendors claim there isn’t.
So if you want to add another security hurdle besides encryption, you find a PC with a BIOS that supports the security features, set security the maximum, encrypt the disk with your favorite encryption software. This should scare off most except the mosts adamant hackers or big brother.
There is a tool called WinAAM (German) which is used to manipulate drives acoustics, it will also tell you the current security setting of the drive (You can use it to see if your BIOS sets the SECURITY FREEZE LOCK on the drive) If it doesn’t you might consider to check for a BIOS update, and you might be lucky that the new BIOS sets it.
From what I have read I am convinced that the ATA security standard is not unbreakable, with the right experience/equipment it is still possible to bypass the ATA password, and it does not mitigate the initial problem of the possibility to extract encryption keys from RAM. But it is definitely an extra layer of security.
The user Douggg suggested the use of a to mostly unknown security feature of modern ATA drives, which enables a user to password protect the drive it self.
So I decided to do some research into it.
The Security Mode feature set was initially created for 2½” disks (laptop disks) in about 1996.
——————————————————————————–
The optional Security Mode feature set is a password system that restricts access to user data stored on a
device. The system has two passwords, User and Master and two security levels, High and Maximum. The
security system is enabled by sending a user password to the device with the SECURITY SET PASSWORD
command. When the security system is enabled, access to user data on the device is denied after a power
cycle until the User password is sent to the device with the SECURITY UNLOCK command.
A Master password may be set in a addition to the User password. The purpose of the Master password is to
allow an administrator to establish a password that is kept secret from the user, and which may be used to
unlock the device if the User password is lost. Setting the Master password does not enable the password
system.
The security level is set to High or Maximum with the SECURITY SET PASSWORD command. The security
level determines device behavior when the Master password is used to unlock the device. When the security
level is set to High the device requires the SECURITY UNLOCK command and the Master password to
unlock. When the security level is set to Maximum the device requires a SECURITY ERASE PREPARE
command and a SECURITY ERASE UNIT command with the master password to unlock. Execution of the
SECURITY ERASE UNIT command erases all user data on the device.
The SECURITY FREEZE LOCK command prevents changes to passwords until a following power cycle. The
purpose of the SECURITY FREEZE LOCK command is to prevent password setting attacks on the security
system.
——————————————————————————–
What this seems mean is that you can set two security modes on the drives High & Maximum
In High security mode both the “user” and the “master” password is able to unlock the drive.
In Maximum only the “user” password will unlock the drive, the “master” password needs to be sent with a delete all command, that overwrites the entire disk with 0′s and then allows access to the disk.
IBM started making this widely available in their 3½” disks in 1998 as well, Microsoft later asked Seagate to build the security into their 3½ drives for the Xbox to protect them, later WD followed suit.
This means that practically all disks today have the “security features” available.
As a security precaution the devices have a function called “SECURITY FREEZE LOCK”, when this command is sent to the device it will not accept any changes to the password until next boot. The problem is that most PC manufacturers have not added this feature to the BIOS of PC’s meaning that it is theoretically possible to set the password when the PC is running, rendering the disk unreadable at next boot.
Luckily for us the windows API that sends “ATA” commands does not support the commands:
——————————————————————————–
SECURITY SET PASSWORD
-
SECURITY UNLOCK
-
SECURITY ERASE PREPARE
-
SECURITY ERASE UNIT
-
SECURITY FREEZE LOCK
-
SECURITY DISABLE PASSWORD
——————————————————————————–
So in order for someone to abuse it, that person would have to gain admin access to the PC, install a kernel mode driver that can communicate directly with the disk, and the BIOS should not have sent the “SECURITY FREEZE LOCK” command.
On the security topic Heise.de tested it, and found that it was not enough to remove the circuit board and replace it with a board from an unlocked drive. So password data is stored on the drive platters as well.
They sent the drive to IBAS (Norwegian data recovery company) who were able to recover the key.. (They call it a trade secret)
As with most closed systems it is not known is there is a master master password, though vendors claim there isn’t.
So if you want to add another security hurdle besides encryption, you find a PC with a BIOS that supports the security features, set security the maximum, encrypt the disk with your favorite encryption software. This should scare off most except the mosts adamant hackers or big brother.
There is a tool called WinAAM (German) which is used to manipulate drives acoustics, it will also tell you the current security setting of the drive (You can use it to see if your BIOS sets the SECURITY FREEZE LOCK on the drive) If it doesn’t you might consider to check for a BIOS update, and you might be lucky that the new BIOS sets it.
From what I have read I am convinced that the ATA security standard is not unbreakable, with the right experience/equipment it is still possible to bypass the ATA password, and it does not mitigate the initial problem of the possibility to extract encryption keys from RAM. But it is definitely an extra layer of security.
2010年9月9日星期四
Redhat多引导安装笔记
简述:通过修改GRUB启动菜单实现此功能
需要修改的文件:/root/grub/grub.conf
例:/dev/hda2 /dev/hda5分别是两个Linux的root。
合并两个root中的grub.conf文件到最新安装的系统中,删掉不需要的行。
需要修改的文件:/root/grub/grub.conf
例:/dev/hda2 /dev/hda5分别是两个Linux的root。
合并两个root中的grub.conf文件到最新安装的系统中,删掉不需要的行。
用Windows引导程序加载Linux
多系统共存的方法 很多人在学习Linux,当然是安装多个系统比较好,Windows又 暂时不能抛弃,所以多系统是最好的解决之道,本人一些经验贴上,如有不足,请各位指出,互相学习多个Windows NT (2000,XP) 与 Linux的共存多系统共存的比较好的方法是用Windows NT(2000,XP)自带的 NT Loader。
以下以安装 Win2000+WindowsXP+Magic Linux+Redhat9.0 为例
(1)先将硬盘分区分好, 一般 Linux 用 EXT3 ,每个 Linux用一个Boot分区,一个Root 分区,两个Linux共享一个Swap分区,最好再留一个Fat32以便于 Windows于Linux交换数据。关于 Linux下硬盘的命名方法请参考其他文章
(2)假设分区情况如下:
Hda1:Windows2000,
Hda5:WindowsXP, Hda6:Fat32, Hda7:NTFS
Hda8:Redhat 的Boot分区(EXT3),Hda9 :Redhat的 Root(/)分区,
Hda10:Magic Linux 的Boot分区(EXT3),Hda11 :Magic Linux的 Root(/)分区,
Hda12: Swap分区(公用)
然后安装Windows 2000 ,windwosXP,Redhat,Magic ,顺序随意,但一定要将 Redhat 与 Magic Linux的引导程序(Lilo 或 Grub)安装在自己的引导分区的第一个扇区上(Hda8-Redhat,Hda10-Magic),不要安装再MBR上(理由稍后叙述) Svn中文网
安装完后会发觉Windows启动菜单里只有 Windows2000 与 WindowsXP 没有 Linux,无法进入 Linux!
接下来我们要做的是将 Linux 的启动选项加入到 启动菜单中
(3)将Linux安装光盘中的 dosutils 中的 loadlin.exe 与 vmlinuz 拷贝到一个FAT32 分区中(例如 Hda6),然后启动到DOS,转到该分区,执行 loadlin vmlinuz root=/dev/hda(x) (x) 指的是Linux安装的Root分区(本例中为 Hda9 或是Hda11,分别对应 Redhat 与 Magic),这样就能进入 Linux(magic 或 Redhat)了
(4)进入 Linux后,执行 dd if=/dev/hda(X) of=路径与文件名 bs=512 count=1
说明:a. 这条命令是将 Linux 的 启动扇区存为一个文件
b. (X) 指的是 Linux 安装的 Boot 分区(Hda8 与 Hda10 ,分别对应 Redhat 与 Magic)
c. 路径与文件名是存放文件的位置与文件名
对两个Linux的Boot分区执行命令得到两个文件
例如:dd if=/dev/hda8 of=/redhat.lnx bs=512 count=1
dd if=/dev/hda10 of=/magic.lnx bs=512 count=1
(5) 将刚刚做好的两个文件拷贝到Windows 的 C 盘(Hda1)
修改 C盘下的 boot.ini 文件添加最后两行例如: Www.Svn8.Com
[boot loader]
timeout=15
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows 2000 Professional" /fastdetect
multi(0)disk(0)rdisk(0)partition(2)\WINDOWS="Windows XP Professional" /fastdetect
c:\magic.lnx="Magic Linux1.1 beta"
c:\Redhat.lnx="Redhat 9.0“
(6) 重启动,菜单就会出现了。
(7) 这样安装的好处在于 Linux与 Windows 互不干扰,即使要重装 Windows,也不会影响 Linux,只要备份那两个文件 (redhat.lnx 与 Magic.lnx), 重装完后放回 C盘,再按(5)中的方法修改 boot.ini 即可。
以下以安装 Win2000+WindowsXP+Magic Linux+Redhat9.0 为例
(1)先将硬盘分区分好, 一般 Linux 用 EXT3 ,每个 Linux用一个Boot分区,一个Root 分区,两个Linux共享一个Swap分区,最好再留一个Fat32以便于 Windows于Linux交换数据。关于 Linux下硬盘的命名方法请参考其他文章
(2)假设分区情况如下:
Hda1:Windows2000,
Hda5:WindowsXP, Hda6:Fat32, Hda7:NTFS
Hda8:Redhat 的Boot分区(EXT3),Hda9 :Redhat的 Root(/)分区,
Hda10:Magic Linux 的Boot分区(EXT3),Hda11 :Magic Linux的 Root(/)分区,
Hda12: Swap分区(公用)
然后安装Windows 2000 ,windwosXP,Redhat,Magic ,顺序随意,但一定要将 Redhat 与 Magic Linux的引导程序(Lilo 或 Grub)安装在自己的引导分区的第一个扇区上(Hda8-Redhat,Hda10-Magic),不要安装再MBR上(理由稍后叙述) Svn中文网
安装完后会发觉Windows启动菜单里只有 Windows2000 与 WindowsXP 没有 Linux,无法进入 Linux!
接下来我们要做的是将 Linux 的启动选项加入到 启动菜单中
(3)将Linux安装光盘中的 dosutils 中的 loadlin.exe 与 vmlinuz 拷贝到一个FAT32 分区中(例如 Hda6),然后启动到DOS,转到该分区,执行 loadlin vmlinuz root=/dev/hda(x) (x) 指的是Linux安装的Root分区(本例中为 Hda9 或是Hda11,分别对应 Redhat 与 Magic),这样就能进入 Linux(magic 或 Redhat)了
(4)进入 Linux后,执行 dd if=/dev/hda(X) of=路径与文件名 bs=512 count=1
说明:a. 这条命令是将 Linux 的 启动扇区存为一个文件
b. (X) 指的是 Linux 安装的 Boot 分区(Hda8 与 Hda10 ,分别对应 Redhat 与 Magic)
c. 路径与文件名是存放文件的位置与文件名
对两个Linux的Boot分区执行命令得到两个文件
例如:dd if=/dev/hda8 of=/redhat.lnx bs=512 count=1
dd if=/dev/hda10 of=/magic.lnx bs=512 count=1
(5) 将刚刚做好的两个文件拷贝到Windows 的 C 盘(Hda1)
修改 C盘下的 boot.ini 文件添加最后两行例如: Www.Svn8.Com
[boot loader]
timeout=15
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows 2000 Professional" /fastdetect
multi(0)disk(0)rdisk(0)partition(2)\WINDOWS="Windows XP Professional" /fastdetect
c:\magic.lnx="Magic Linux1.1 beta"
c:\Redhat.lnx="Redhat 9.0“
(6) 重启动,菜单就会出现了。
(7) 这样安装的好处在于 Linux与 Windows 互不干扰,即使要重装 Windows,也不会影响 Linux,只要备份那两个文件 (redhat.lnx 与 Magic.lnx), 重装完后放回 C盘,再按(5)中的方法修改 boot.ini 即可。
订阅:
博文 (Atom)