Ubuntu Installation :: Inspect And Evaluate The Mbr On A Disk?
Aug 5, 2011
How can i inspect and evaluate the mbr on a disk in a computer?
I'm interested in how to do this in general.
I can use gparted to see the partitions on a disk, but i don't know how to use it, or any other tool, to see just what is in the mbr.
The particular situation i'm in is that i have two disks in my computer. One has ubuntu 10.10 on a single partition, and one has 11.04 on one of 4 partitions.
The 11.04 disk used to be bootable, but somehow i messed up the disk: longer story: i installed another os on another partition, and the other os redid the mbr and installed a different version of grub, and i tried to reinstall grub but ended up with a disk that wouldn't boot. So i put my old 10.10 disk back into the machine so that i could at least boot and look around on the 11.04 disk.
Now, there are probably ways that i could recover the 11.04, but i would like very much to be able to systematically analyze the 11.04 disk to determine its exact current state before modifying it.
Since the disk is not mounted it seems like this should be in reach: i want to be able to (a) capture the mbr from the 11.04 disk [into, say, a file on the 10.10 disk] (b) get an analysis of what the mbr would do (where it points to etc, and what is at where it points to) (c) get any high level information which can easily be determined from (a) and (b).
files. I then downloaded "Fedora-12-x86_64-CHECKSUM" and ran sha1sum.exe on my iso files and compared the results. They were wrong for all 5 iso files. Figuring there was a problem with the way I was trying to evaluate the checksum I burned a CD with the disc1.iso. I received a "INSERT A BOOT DISK" error from my machine. I then tried downloading the disc1.iso again and ran checksum on my newly downloaded file and get the same checksum on both the old and new disc1.iso files.
When I run:
I get the response:
It seems to me the checksum value should be:
What am I doing wrong? I've installed many different distros in the past and am pretty sure I burned the iso file not just copied it to the CD.
I'm trying to inspect network traffic from my iPhone / iPad / Kindle / other wi-fi only consumer electronic device. To do this I man-in-the-middle myself (connect laptop to LAN via wire, create wireless Ad-hoc network, bridge the connections, then connect my device to the ad-hoc wi-fi network) and use Wireshark to watch the traffic.
In the past this has been adequate for my needs (just wanted to watch and see what potentially private info was being leaked about me / see that banking / amazon / etc apps were going over SSL). Now I've noticed that applications are almost all using SSL (which is great) but they are way to active for my taste. I'd like to use these apps but want to know what's happening in the background. I know that corporations dead-end SSL connections at their proxys to inspect the traffic and then re-establish the connection on behalf of the user for the trip across the internet. While I find the corporate use a bit distasteful, I think this is exactly what I'd need to do to myself. Any suggestions for how to do so or other ideas on how to get the packets in the clear?
I am able to compile gstreamer just fine, but when I port it to the platform where I want to use gstreamer gst-inspect comes back with: "can't cd to /home/MY_HOME_FOLDER".
MY_HOME_FOLDER is the folder where gstreamer and all of its tools got compiled in.
So, how do I tell configure script (or whatever decides to remember this path) to use common Linux paths so when I port gst-inspect to /usr/bin it would work OK?
I'm trying to work out a way to inspect/modify dns requests as an advertising filter. Iptables is a good place to do this, but I'm having some problems disassembling the packet. On my dev box, when a DNS reply is returned from a request made on the dev box. I use this rule to route the reply packet through a queue:
Will the rule catch the inbound udp packet with the dns reply in it? I get something in the queue, but it's unintelligible when attempting to disassemble the packet. I don't want to move onto looking at my program until I get some feedback on the rule.
Here's a primitive diagram of what I'm working towards: host ->DNS request->iptables(no outbound rules)-> DNS Server ->DNS Answer ->iptables(queue udp 53 packets) ->inspect packet program-> Allow/Deny -> host processes allowed packets
My server ended up on 1 (just 1) block list and I'm finding it very difficult to convince myself that it was just an error of some kind.Can anyone think of any giveaways at the packet or port level that some program is sending spam from my server without using the normal MTA (nothing suspicious is showing up in the sendmail logs)
Does anybody here know a program (Linux-based or even Windows-based) which permits looking at the files structure of a harddisk in such a way that you can find out what file lies where on the harddisk?To specify further what I mean, back in the DOS days the Norton Utilities would show the distribution of files on a harddisk. It would show the harddisk as row upon row of rectangles, marked as used or not used, and the top left rectangles were the beginning of the harddisk while the lower right were the end of it.Now if a program put some files at the end of the harddisk it was possible to mark the filled rectangles and find out exactly which files were there.
I installed MySQL on my Ubuntu 10.04 desktop. As I need it only once a month I removed it from all runlevels but mysql is still running after boot up. "lsof" shows that it is running and listening for connections.
Are there any tools available in openSUSE for evaluating cpu/processor performance. My processor/cpu is under warranty til end of October, will like to know whether I need to get new one or i am good. I am looking for something that can log an event and report. Have tried stress and crashme but they dont show any results.
Code: #!/bin/bash cmd1=$(cat /var/log/messages | grep -e 'blocked for more than 120 seconds' | cut -c 55-62) if $cmd1 != 0; then echo 'okay'; fi
however i'm messing up somewhere... bash attempts to evaluate the elements in cmd1. when I try to run this script it complains saying:
Quote:
test1.sh: line 5: blocked: command not found
I am open to alternatives. My intent is to replace cat /var/log/messages with dmesg, so I can attempt to determine if a problematic application I use encounters a blocked state (unresponsive for more than 120 seconds).
Should I be using a different test condition? I tried something like:
Code: # this declares cmd1 as an array cmd1=($(cat /var/log/messages | grep -e 'blocked for more than 120 seconds' | cut -c 55-62)) #attempt to determine if number of elements in array is greater than zero if ${#cmd1[@]} > 0; then echo okay; fi
But I get the same error... what am I doing wrong?
I need evaluate the ext3 file system performance; i need define:
- services provided - parameters and - the performance with different parameter values; for example, changin the value of the "data" parameter (journal, ordered, writeback).
I do not know what services ext3 provides. Well, i know intuitively that it provides services to read, write and erase files. But, there are anything more?. Where can i find the API?. Is the ext3 file system POSIX compliant?
It's listening on the default nessus port 9390. I am trying to connect to the nessus server instance using Open-VAS Client. I have generated the client and server certificates, I have pointed the client at the User Certificate File, the User Key File and I have a CA cert. I have created a user account on the nessus server. The problem is that when I try and log in from the Open-VAS client it keeps saying it can't connect. Is there anywhere I can check to see if it's being caught in a firewall, or where I can see if the connection is even making it to the server..
Cis 140 student.how to use the test command to evaluate whether the shell variable I create contains a referance to the bash shell? and use the echo command to determine the result.
This is the third 9.10 install to do this on two different laptops, so wondering what's up...
In both cases, the goal was to leave a large chunk of unpartitioned disk after the Ubuntu partitions, for a second OS install or a filesystem Ubuntu cannot create like NTFS.
When I install with manual partitions, the system can't boot and asks for me to insert a system disk and press any key. When I reinstall telling Ubuntu to "use the entire disk" it then works.
First laptop, first try:
Remainder of the 500GB disk is free space.
Fails to boot, "insert system disk".
First laptop, second try without the /boot partition:
Remainder of the 500GB disk is free space.
Fails to boot, "insert system disk".
"use entire disk" works perfectly.
Second laptop, first try:
Same thing, non-system disk or disk error, insert system disk.
Second try "use entire disk" is currently in progress but I expect the same to happen.
I downloaded the latest version of wubi and when I click to run i get the error "pyrun.exe - No Disk. There is no disk in the drive. insert a disk into drive DeviceHarddisk2DR2".
WinXp sp3 is on disk sdb, then installed Ubuntu 10.04 on sda, can go into diff OS without any problem. I am going to move sda to another machine, when I unplug sda, WinXp can't start to boot on sdb. How to fix it?below is my case output$ sudo fdisk -l
Disk /dev/sda: 160.0 GB ... Device Boot Start End Blocks Id System
I had done a new lucid install to a 1 TB RAID 1 array using the alternate CD a few weeks back. I messed up that system trying to some hardware working that lucid doesn't have drivers for yet, so I gave up on it and reinstalled to a single 80 GB disk that I now want to move over to the RAID array.
I moved all of the existing files on the array to a single folder, then copied all of the folders from the 80 GB disk over to the array with permissions and symlinks (minus the contents of /proc and /sys, which I created empty).
These are the commands I used:
Quote:
p -a -d -R -v -t /media/raid_array /b* cp -a -d -R -v -t /media/raid_array /d* cp -a -d -R -v -t /media/raid_array /e* cp -a -d -R -v -t /media/raid_array /h*
[Code]....
I tried to change fstab to use the 689a... for root, but when I try to boot, it's still trying to open /dev/disk/by-uuid/412d...
So then I booted from the single disk again and chrooted into the array, then ran update-initramfs -u. I got 3 "grep: /proc/modules: No such file or directory" errors, and "cat: /proc/cmdline: No such file or directory"- so I created directory /proc/modules, created an empty file /proc/cmdline, and ran the initramfs update again. Then I tried to shut down, which hung (probably because I was doing all of this from a terminal window in Gnome), so I killed the power after a couple of minutes.
It's still trying to use /dev/disk/by-uuid/412d... to boot.
What am I missing? I assume I just have to change the UUID to mount as root, but I don't know how.
I have a netbook I'm not using and which I transformed into a server with Apache, Tomcat6, Netatalk, Webmin, BIND9 and Tor.
Problem is, the disks never stop spinning because all of the programs write a few kb at least every few seconds to disk, even when nobody is connected to it.
My question is: Is there a way to have the computer boot from disk like normal (maybe even a squashfs), keep ALL CHANGES to ram and then save to disk when either the ram is full (unlikely because the server is rebooted every few days) or at shutdown?
I thought about a mixture of ramfs and unionfs but I'm not good enough yet...
I installed Debian on my PC with a Acer Stock motherboard (xc600) with amd64 and after the installation finished it told me to remove my installation media and reboot. After reboot I was returned this message ' ERROR: No boot disk has been detected or the disk has failed.'. I have verified with gparted using mint live OS that I have Debian installed on my system.
I got believes that this may have be caused by a broken grub or I need to configure something I don't know how in BIOS.
I will update the topic later..
My installation media was a USB 2.0 flashdrive with a Debian 8.2 Jessie Installer and 9 different Linux distros. I have installed Debian multiple times before on my laptop and never had this problem so I know how to go through the installation process and set the partitions.
I have xp/fc8 on an older ide drive and just installed a new sata 1T and planned to put fc10 on it but in the process I killed my fc8 installation. I told the installer that the other disks were off limits but it was somewhat confusing at the bootloader page. So, I suspect that I told it boot off the fc8 disk. If that is the case is there a way to restore the fc8 install by somehow rescuing the /boot partition on the fc8 disk?
After installation of debian, using the squeeze net-installer, on a HP elitebook 6930P, i get the following error. "non-system disk or disk error"
It is right after boot process, and just when it should load grub. Grub is installed in the MBR. Windows7, is installed as well, and is not an option to remove. (Should not be the problem though).
/ is set with the bootable flag.
The installation went without any issues, and I have actually tried to install twice with the exact same thing.
i have been away from linux for a long while and decided to try it out again. i just received a fedora 10 dvd and went to install it.it wouldn't boot on either my laptop or pc?so i explored the disk and realised its a source disk?
1 = is the dvd disk any good to me? 2 = how can i install fedora from the disk or do i need to get another disk?
I have never had to do this before But I'm giving my laptop to my mother when my new one arrives and I need to remove the ubuntu installation and get the disk space back.
A few months ago the install stopped working. I can't remember what the error said... and tbh I can't be bothered to reboot twice to read it, but it has to be removed now anyways.
Had a look in windows to see if I can do anything in the disk manager, but it appears I can't. Oh wise ones, please, which path should one take?
I have installed Kubuntu on external WD HDD , it does NOT boot on this laptop but works on couple of other laptops , attached is the results txt output of the boot_info...sh.I can boot with USB flash drive that has kubuntu live Cd image when I use the external HDD ,it gives a blinking cursor only
There was an option during installation of 10.10 to encrypt the hard disk (or was it only the home folder?). I thought, hmm, I should probably do this, but I'll decide later, thus, installed 10.10 without encrypting the hard disk.Now, I want to encrypt the hard disk but don't see anywhere in the System Preference or Administration where I can do that. Am I missing it? Or how do I do this now?
I'm a complete noob trying to install Ubuntu Server 10.10 on my first build for use as a file/media server.When I get to the step to partition the drives, the installation freezes. The screen says "Starting disk partitioner" and the progress bar stops at 45%. It has done this three times now, and the longest I waited for it before rebooting was over an hour.I am installing from a flash drive containing the .iso file, and I have the following hardware (in case that matters): asus p7h55-m pro mobo, core i3-540 CPU, 2x4GB ram, WD caviar green 1.5TB, WD caviar green 1TB, and Kingston 8GB SSD.
