RE: Imaging Operating Systems

[<Glenn_Everhart () bankone com>]

BTW, beware setting double boot with a Linux 2.6 kernel and Windows
just now. Apparently there is some bug in the way windows computes
geometry and adding Linux 2.6 has hosed some folks' ability to boot
Windows. Supposedly if you can force the BIOS to use LBN mode this
gets around the problem. This was reported for Fedora, but sounds like
a more generic issue.

I have recovered systems by booting CDs with Linux though. That worked
rather well.

The Fedora release 2 of 2-3 days ago has been reported still to have this
disk geometry problem. Doesn't affect all systems, but apparently even
if you create partitions in Windows (or maybe an old Linux off CD) the
partition table gets written somehow.

-----Original Message-----
From: full-disclosure-admin () lists netsys com
[mailto:full-disclosure-admin () lists netsys com]On Behalf Of Maarten
Sent: Thursday, May 27, 2004 12:59 PM
To: Full-Disclosure
Subject: Re: [Full-disclosure] Imaging Operating Systems


On Thursday 27 May 2004 18:30, Kevin Connolly wrote:
> Maarten wrote:
> > This is an interesting thread...  But out of curiosity, is it also
> > possible to do backup / restores using readily available linux tools?
> > I'd like to be able to do something like running dd over a network
> > connection, or tar, or whatever other tool.  In that case, a bootable CD
> > is all you need. But I'm unsure how to do that...
> >
> > Maarten
>
> one suggestion
> make the PC dual boot: Windows and Linux
> with the Linux partition larger.

Yes, I know.  I did that at the time when I still needed dual-boot.

No, what I want is more generic (and it is slightly offtopic since it is not 
specifically meant to tryout malware).
Suppose I visit a friend who has a botched system, and I carry with me my linux laptop and a knoppix CD.  Now if there 
would be a way to backup his entire HDD with just the tools on the CD (and the laptop as receiving host) 
that would be fantastic. 

I was thinking of something like using {tar | dd | cpio} and netcat but I'm unsure if it can be done, much less how to 
proceed.

> boot Linux and dd the raw Windows partition to a Linux file
> boot Windows and play with malware
> boot Linux and dd the file back out to the Windows partition
> rince and repeat...

This works just fine for one or two drawbacks: You need to plan this in 
advance, and malicious code that randomly overwrites disks will kill linux + 
imagefile then, too.

Maarten

-- 
Yes of course I'm sure it's the red cable. I guarante[^%!/+)F#0c|'NO CARRIER

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html


**********************************************************************
This transmission may contain information that is privileged, confidential and/or exempt from disclosure under 
applicable law. If you are not the intended recipient, you are hereby notified that any disclosure, copying, 
distribution, or use of the information contained herein (including any reliance thereon) is STRICTLY PROHIBITED. If 
you received this transmission in error, please immediately contact the sender and destroy the material in its 
entirety, whether in electronic or hard copy format. Thank you
**********************************************************************

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html