You can use dd to extract the partition of interest manually and then mount it via loopback. Again, the assumption of 512 bytes per sector is assumed here. As explained in Brian Carrier’s March 15th Sleuth Kit Informer column, Splitting The Disk, we can pass dd the starting sector of the partition in question and calculate the size and allow it to extract it for us. For example, let’s extract my ext3 partition, then mount it on loopback.

We pass dd bytes at a time size (bs option) of 512. Next, we pass it the starting sector of my ext3 partition from the fdisk output above, 7695198, as the number of blocks to skip ahead in the image. Last, we calculate the size as explained in the Sleuth Kit Informer above by taking the starting and ending sectors of the partition, subtracting them, then adding one (9510479 – 7695198 + 1 = 1815282).

Ronald Woelfel raised an interesting question about a missing sector on partitions with an odd number of sectors, which was explained thusly by Brian Carrier of Sleuth Kit fame: ”The reason that you noticing the difference is likely because your linux system has the 2.4 kernel, which has a bug when accessing disk or partition devices. If a partition or disk has an odd number of sectors, the last sector is not read.”

faith:/home/jasonb#  dd if=/nebula/hda_dd.image of=/nebula/test.image
bs=512 skip=7695198 count=1815282
1815282+0 records in
1815282+0 records out

Once dd completes, you can mount the image as you normally would:

faith:/home/jasonb#  mount -o loop -t ext3 /nebula/test.image /mnt
faith:/home/jasonb#  ls /mnt
bin    dev     home    lib opt   sbin  var
boot   etc     import  lost+found  proc  tmp   vmlinuz
cdrom  floppy  initrd  mnt root  usr   vmlinuz.old
faith:/home/jasonb#  umount /mnt

By jasonb

When dealing with partition mounting within an image file it is always best to examine the partition table of the original disk.
To do this type:

fdisk -l /dev/sda (/dev/sda is the standard first hard drive device location.  Modify this accordingly to meet your drive situation)

Disk /dev/sda: 1024 MB, 1024966656 bytes
255 heads, 63 sectors/track, 124 cylinders
Units = cylinders of 16065 * 512 = 8225280 bytes

Device Boot      Start         End      Blocks   Id  System
/dev/sda1               1          20      160618+  83  Linux
/dev/sda2              21         124      835380   83  Linux

Create an image of the disk

dd if=/dev/sda of=test.dd

Verify your image integrity (sanity)

fdisk -C 124 test.dd

WARNING: DOS-compatible mode is deprecated. It’s strongly recommended to
switch off the mode (command ‘c’) and change display units to
sectors (command ‘u’).

Command (m for help):

Press “p” and “enter”

Command (m for help): p

Disk test.dd: 0 MB, 0 bytes
255 heads, 63 sectors/track, 124 cylinders
Units = cylinders of 16065 * 512 = 8225280 bytes
Sector size (logical/physical): 512 bytes / 512 bytes
I/O size (minimum/optimal): 512 bytes / 512 bytes
Disk identifier: 0x73e7e9f6

Device Boot      Start         End      Blocks   Id  System
test.dd1               1          18      144553+  83  Linux
test.dd2              19         124      851445   83  Linux

These typically should be identicle.  If not you may still be able to mount the partition

Let’s say that we want to mount the second partition.  We can do this by calculating the offset.

First do the following:

fdisk -l -u -C 124 test.dd

Disk test.dd: 0 MB, 0 bytes
255 heads, 63 sectors/track, 1 cylinders, total 0 sectors
Units = sectors of 1 * 512 = 512 bytes
Sector size (logical/physical): 512 bytes / 512 bytes
I/O size (minimum/optimal): 512 bytes / 512 bytes
Disk identifier: 0x73e7e9f6

Device Boot      Start         End      Blocks   Id  System
test.dd1              63      289169      144553+  83  Linux
test.dd2          289170     1992059      851445   83  Linux

The starting sector is at 289170.  Since we can see from the above partition structure that our Sector size it 512 bytes.  To calculate the “byte” offset that we will need to use multiply the following:
289170 x 512 = 148055040
So 148055040 is our offset

sudo mount -t ext2 -o loop,offset=148055040 test.dd /mnt/
[sudo] password for user:
user@pc:~/home/example$ cd /mnt
user@pc:/mnt$ ls
boot  etc  lib  lost+found  mnt  root  usr  var

We now have full access to the second partition within this disk image.

To look at your DHCP settings in linux do the following:

cat /var/lib/dhcp3/dhclient.leases

If you are using multiple NICs then it is best to cd to /var/lib/dhcp3/
and ls what .leases are there.

For Windows users this is similar to ipconfig /all.
The .leases file actually show more information though.


How do I copy MBR from one hard disk to another hard disk under Debian Linux?

To copy MBR simply use the dd command. dd command works under all Linux distros and other UNIX like operating systems too. A master boot record (MBR) is the 512-byte boot sector that is the first sector of a partitioned data storage device of a hard disk.

MBR Total Size

446 + 64 + 2 = 512

Where,

• 446 bytes – Bootstrap.
• 64 bytes – Partition table.
• 2 bytes – Signature.

512 vs 446 Bytes

• Use 446 bytes to overwrite or restore your /dev/XYZ MBR boot code only with the contents of $mbr.backup.file.
• Use 512 bytes to overwrite or restore your /dev/XYZ the full MBR (which contains both boot code and the drive’s partition table) with the contents of $mbr.backup.file.

dd command to copy MBR (identically sized partitions only)

Type dd command as follows:
dd if=/dev/sda of=/dev/sdb bs=512 count=1
Above command will copy 512 bytes (MBR) from sda to sdb disk. This will only work if both discs have identically sized partitions.

dd command for two discs with different size partitions

# dd if=/dev/sda of=/tmp/mbrsda.bak bs=512 count=1
Now to restore the image to any sdb:
# dd if=/tmp/mbrsda.bak of=/dev/sdb bs=446 count=1
The above commands will preserve the partitioning schema.

Linux sfdisk Command Example

Linux sfdisk command can make a backup of the primary and extended partition table as follows. It creates a file that can be read in a text editor, or this file can be used by sfdisk to restore the primary/extended partition table. To back up the partition table /dev/sda, enter:
# sfdisk -d /dev/sda > /tmp/sda.bak
To restore, enter:
# sfdisk /dev/sda < /tmp/sda.bak
The above command will restore extended partitions.

Task: Backup MBR and Extended Partitions Schema

Backup /dev/sda MBR, enter:
# dd if=/dev/sda of=/tmp/backup-sda.mbr bs=512 count=1
Next, backup entries of the extended partitions:
# sfdisk -d /dev/sda > /tmp/backup-sda.sfdisk
Copy /tmp/backup-sda.sfdisk and /tmp/backup-sda.mbr to USB pen or somewhere else safe over the network based nas server.

Task: Restore MBR and Extended Partitions Schema

To restore the MBR and the extended partitions copy backup files from backup media and enter:
# dd if=backup-sda.mbr of=/dev/sda
# sfdisk /dev/sda < backup-sda.sfdisk

By Vivek Gite

Installing the Citrix Presentation Server Client
on Ubuntu

Even though I use Ubuntu exclusively there are times when I need to use
Windows based applications to get tasks done. Fortunately for me I work in a
University environment that is tolerant towards users who use operating
systems other than Windows. For the few applications of this type that I have
to use I have access to a Citrix MetaFrame Presentation Server, a product that
I now believe is called XenApp.
To use this server I need to use the Citrix Presentation Server Client for Linux.
Installing the software is relatively easy. This is the procedure that I’ve used:
Install the required libmotif3 package from the 1. Ubuntu repositories
2. Download the en.linuxx86.tar.gz file from Citrix website
3. Extract the contents of the archive
4. Open a command terminal
5. Navigate to the directory that contains the extracted file
6. Execute the setupwfc script as root
7. Follow the online instructions
Access to the Citrix server at MPOW is secured using SSL. Unfortunately it
uses a certificate that the Citrix software is unable to recognise and when I try
to connect I get an error message similar to the following (The name of the
certificate issuer has been deliberately changed):
You have not chosen to trust “XXX SSL Certificates”, the issuer of the
server’s security certificate (SSL error 61).
To resolve this issue follow these steps, assuming you have installed the client
into the default location:
Navigate to the following directory
/usr/lib/ICAClient/keystore/cacerts
1. Copy the certificates that Firefox uses into the directory above
sudo cp /usr/share/ca-certificates/mozilla/* ./
2. The certificate that the Citrix server uses will now validate successfully.

By: Techxplorer