Saturday, April 30, 2011

Fixing Windows 7 boot problems

I was inspired to write this after spending an hour trying to get windows to boot. The problem started when i removed an IDE disk from the PC. Turns out that when i install windows on the PC with a pair of IDE and SATA disks, windows configured the IDE disk as the active partition even though i installed windows on the SATA disk. Now that the IDE disk is gone, there is no active partition. In this situation, the repair function windows boot CD will not work until an active partition is manually activated.

- Changing the active partition
Boot to repair mode on your windows CD. Under command prompt, run Diskpart
Look for the disk number with List disk
Select Disk x where x is the disk number from above
List Partition and look for the windows partition number
Select Partition x where x is the windows partition
With the active partition loaded correctly, the repair function now has the correction partition to work on.

- Restoring the boot sector on the active partition
The commandline way to rebuild the boot code.
Under Windows Vista and above, boot to repair mode on your windows CD
bootsect.exe /nt60 SYS /force where SYS refers to the system partition used to boot Windows. Replace SYS with ALL to update the boot code on all volumes that can be used as Windows boot volumes.
Posted by 桔梗 at 8:03 PM 0 comments
Labels:

Sunday, April 24, 2011

Loading IPTables rules on reboot

IPTables rules are flushed after a reboot. I found out when i couldn't connect to a SOCKS5 proxy after the vps provider rebooted my node without notice. Poor system uptime seems to be a problem with some budget VPS. Here's how to make the rules stick after a reboot.

- On  Debian,
Save the rules to a file
#iptables-save > /etc/firewall.conf

Create a startup script so ifupdown loads these rules on boot:
vi /etc/network/if-up.d/iptables
#!/bin/sh
iptables-restore < /etc/firewall.conf

chmod +x /etc/network/if-up.d/iptables
Reboot, and check rules with iptables -L

- On  CentOS,

/sbin/service iptables save
This executes the iptables init script, which runs the /sbin/iptables-save program and writes the current iptables configuration to /etc/sysconfig/iptables. The existing /etc/sysconfig/iptables file is saved as /etc/sysconfig/iptables.save.

The next time the system boots, the iptables init script reapplies the rules saved in /etc/sysconfig/iptables by using the /sbin/iptables-restore command.


You can also save the iptables rules to a separate file for distribution, backup or other purposes. To save your iptables rules, type the following command as root:

[root@myserver ~]# iptables-save > <filename>
where <filename> is a user-defined name for your ruleset.

If distributing the /etc/sysconfig/iptables file to other machines, type /sbin/service iptables restart for the new rules to take effect.

Note the difference between the iptablescommand (/sbin/iptables), which is used to manipulate the tables and chains that constitute the iptables functionality, and the iptablesservice (/sbin/iptables service), which is used to enable and disable the iptables service itself.
Posted by 桔梗 at 6:55 PM 0 comments
Labels: ,

To flush existing iptables rules

# vi stop.fw4

#!/bin/sh
echo "Stopping firewall and allowing everyone..."
# Delete and flush. Default table is "filter". Others like "nat" must be explici# tly stated.
iptables -F
iptables -X
iptables --delete-chain
iptables -t nat -F
iptables -t nat -X
# Delete all chains that are not in default filter and nat table
iptables --table nat --delete-chain
iptables -t mangle -F
iptables -t mangle -X
iptables -P INPUT ACCEPT
iptables -P FORWARD ACCEPT
iptables -P OUTPUT ACCEPT
chmod +x stop.fw4
./stop.fw4
Posted by 桔梗 at 5:54 PM 0 comments
Labels: ,

Configure NAT with iptables

- Initial set of firewall rules for a NAT vps
vi start.fw4
#!/bin/bash
LOGLIMIT="5/m"
LOGLIMITBURST="10"
iptables -I INPUT 1 -i lo -j ACCEPT
iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
#change port 33322 to configured SSH port
iptables -A INPUT -p tcp --dport 33322 -j ACCEPT
#open UDP 123 for NTP
iptables -A INPUT -p udp --sport 123 --dport 123 -j ACCEPT
#for openvpn and pptp access
iptables -A INPUT -p udp --dport 1194 -j ACCEPT
iptables -t nat -A POSTROUTING -o venet0 -j SNAT --to rem.ot.e.ip
iptables -A FORWARD -i venet0 -o tun0 -m state --state RELATED,ESTABLISHED -j ACCEPT
iptables -A FORWARD -i tun0 -o venet0 -j ACCEPT
#block others
iptables -N LOGDROP
iptables -A INPUT -j LOGDROP
iptables -A LOGDROP -p tcp -m limit --limit $LOGLIMIT --limit-burst $LOGLIMITBURST -j LOG --log-level 7 --log-prefix "TCP LOGDROP: "
iptables -A LOGDROP -p udp -m limit --limit $LOGLIMIT --limit-burst $LOGLIMITBURST -j LOG --log-level 7 --log-prefix "UDP LOGDROP: "
iptables -A LOGDROP -p icmp -m limit --limit $LOGLIMIT --limit-burst $LOGLIMITBURST -j LOG --log-level 7 --log-prefix "ICMP LOGDROP: "
iptables -A LOGDROP -f -m limit --limit $LOGLIMIT --limit-burst $LOGLIMITBURST -j LOG --log-level 7 --log-prefix "FRAGMENT LOGDROP: "
iptables -A LOGDROP -j DROP

chmod +x start.fw4
./start.fw4
- To list rules,
# iptables -L
To list masquerade and NAT rules,
# iptables -t nat -L
Posted by 桔梗 at 5:07 PM 0 comments
Labels: ,

Updating OS on VPS

Debian

# apt-get update
# apt-get upgrade

Centos

Type the following command to get a list of packages that are going to be updated, enter:
# yum list updates
To upgrade your box, enter:
# yum update

Posted by 桔梗 at 4:54 PM 0 comments
Labels: ,

Initial SSH setup

Create User ID for normal use

  • On Debian, useradd is a low level utility for adding users. Administrators should usually use adduser(8) instead.
  • On Fedora or CentOS systems, adduser is just a symbolic link to useradd
  • adduser <user>

Change SSH port and deny root SSH login

  • vi /etc/ssh/sshd_config
  • Replace default port 22 with <random port>
  • Disable Root login   PermitRootLogin no
Enable new SSH port on ipchains
  • iptables -A INPUT -p tcp --dport <new SSH port> -j ACCEPT

Restart SSH service

  • service ssh reload

Posted by 桔梗 at 4:33 PM 0 comments
Labels: ,

Friday, April 22, 2011

DNS leaking with browsers

Following on this great DNS leakage test with Firefox , I ran my own simple browser privacy tests on browsers i use frequently.

Setup used for the test

- Remote SSH host

- Opera 11.10 Build 2092

- Chrome 10.0.648.205 with Proxy Switchy! 1.6.3

- Firefox 4.0

- IE 9.0.8112.16421

- Plink 0.60.9149.0

- MyEN Tunnel v3.5.2 to build TCP SSH tunnels for SOCKS5 proxy. More stable and better speed(Hulu) than opening a dynamic proxy with Putty (putty shell@xx.xx.xx.xx -fND localhost:7777)

- DNS Randomness test . Great tool for testing DNS leakage.

- Client DNS: OpenDns , ISP DNS

- Remote DNS: Remote host DNS

Results:

Browser Proxy Notes
Firefox Client Uses client DNS out of the box
Firefox with network.proxy.socks_remote_dns TRUE Remote Enable this in about:config. Tells firefox to use DNS SOCKS5
Chrome Remote  
IE Client  
Opera NA Not SOCKS compatible as of tested version.

Conclusion: Chrome has the best result out of the box. It looks up URLs using the remote DNS once you point chrome to a SOCKS5 proxy. There is no need for additional configuration or socks server traversing application.

Firefox requires an additional tweak to force remote DNS lookup.

I could not find a native way of forcing remote DNS lookup in IE. One alternative is to disable client side DNS caching in windows, probably not what you want on a corporate network. Another is to “socksify” IE with sockscap or widecap.

Opera has no socks support. Boo. There is always widecap or sockscap, but why bother when you can use chrome?

Random discovery: Your company domain admin may have a AD group policy that enables corporate proxy on your browser, overriding your SOCKS5 proxy selection. This is annoying and recurring, the browser changing to corporate proxy when you think you are surfing on the SOCKS5 proxy.

To workaround this on Chrome with Proxy Switchy, with Socks proxy selected configure the following in Switchy configuration.

Auto apply last selected proxy profile on startup.
Monitor Proxy Changes
Revert proxy changes done by other apps.

With this, you know your web traffic on Chrome is encrypted.

Posted by 桔梗 at 3:22 PM 0 comments
Labels: ,

Monday, April 11, 2011

NWN2 Essence List


Code
Item
 nx1_cft_ess_air01
 volatile air essence
 nx1_cft_ess_air02
 brilliant air essence
 nx1_cft_ess_air03
 pristine air essence
 nx1_cft_ess_earth01
 volatile earth essence
 nx1_cft_ess_earth02
 brilliant earth essence
 nx1_cft_ess_earth03
 pristine earth essence
 nx1_cft_ess_fire01
 volatile fire essence
 nx1_cft_ess_fire02
 brilliant fire essence
 nx1_cft_ess_fire03
 pristine fire essence
 nx1_cft_ess_water01
 volatile water essence
 nx1_cft_ess_water02
 brilliant water essence
 nx1_cft_ess_water03
 pristine water essence
 nx1_cft_ess_power01
 volatile power essence
 nx1_cft_ess_power02
 brilliant power essence
 nx1_cft_ess_power03
 pristine power essence
 nx1_cft_ess_spirit01
 volatile spirit essence
 nx1_cft_ess_spirit02
 brilliant spirit essence
 nx1_cft_ess_spirit03
 pristine spirit essence
 nx1_cft_ess_coven
 Slumbering Coven Esssence


Read more »
Posted by 桔梗 at 9:51 PM 0 comments
Labels:

Sunday, April 10, 2011

NWN2 Feat List

Code Feat
0 FEAT_ALERTNESS
1 DEL_FEAT_AMBIDEXTERITY
2 FEAT_ARMOR_PROFICIENCY_HEAVY
3 FEAT_ARMOR_PROFICIENCY_LIGHT
4 FEAT_ARMOR_PROFICIENCY_MEDIUM
5 FEAT_CALLED_SHOT
6 FEAT_CLEAVE
7 FEAT_COMBAT_CASTING
8 FEAT_DEFLECT_ARROWS
9 FEAT_DISARM
10 FEAT_DODGE
11 FEAT_EMPOWER_SPELL
12 FEAT_EXTEND_SPELL
13 FEAT_EXTRA_TURNING
14 FEAT_GREAT_FORTITUDE
15 FEAT_IMPROVED_CRITICAL_CLUB
16 FEAT_IMPROVED_DISARM
17 FEAT_IMPROVED_KNOCKDOWN
18 FEAT_IMPROVED_PARRY
19 FEAT_IMPROVED_POWER_ATTACK
20 FEAT_IMPROVED_TWO_WEAPON_FIGHTING
21 FEAT_IMPROVED_UNARMED_STRIKE
22 FEAT_IRON_WILL
23 FEAT_KNOCKDOWN
24 FEAT_LIGHTNING_REFLEXES
25 FEAT_MAXIMIZE_SPELL
26 FEAT_MOBILITY
27 FEAT_POINT_BLANK_SHOT
28 FEAT_POWER_ATTACK
29 FEAT_QUICKEN_SPELL
30 FEAT_RAPID_SHOT
31 FEAT_SAP
32 FEAT_SHIELD_PROFICIENCY
33 FEAT_SILENCE_SPELL
34 DEL_FEAT_SKILL_FOCUS_ANIMAL_EMPATHY
35 FEAT_SPELL_FOCUS_ABJURATION
36 FEAT_SPELL_PENETRATION
37 FEAT_STILL_SPELL
38 ****
39 FEAT_STUNNING_FIST
40 FEAT_TOUGHNESS
41 FEAT_TWO_WEAPON_FIGHTING
42 FEAT_WEAPON_FINESSE
43 FEAT_WEAPON_FOCUS_CLUB
44 FEAT_WEAPON_PROFICIENCY_EXOTIC
45 FEAT_WEAPON_PROFICIENCY_MARTIAL
46 FEAT_WEAPON_PROFICIENCY_SIMPLE
47 FEAT_WEAPON_SPECIALIZATION_CLUB
48 FEAT_WEAPON_PROFICIENCY_DRUID
49 FEAT_WEAPON_PROFICIENCY_MONK
50 FEAT_WEAPON_PROFICIENCY_ROGUE


Read more »
Posted by 桔梗 at 7:18 PM 0 comments
Labels:

NWN2 Spell List

Code Spell
0 Acid_Fog
1 Aid
2 Animate_Dead
3 Barkskin
4 Bestow_Curse
5 Blade_Barrier
6 Bless
7 Summon_Djinni
8 Blindness_and_Deafness
9 Bulls_Strength
10 Burning_Hands
11 Call_Lightning
12 Summon_Clockroach
13 Cats_Grace
14 Chain_Lightning
15 Charm_Monster
16 Charm_Person
17 Charm_Person_or_Animal
18 Circle_of_Death
19 Mass_Inflict_Light_Wounds
20 Clairaudience_and_Clairvoyance
21 Summon_Ivory_Handmaiden
22 DEL_Cloak_of_Chaos
23 Cloudkill
24 Color_Spray
25 Cone_of_Cold
26 Confusion
27 Contagion
28 Control_Undead
29 Create_Greater_Undead
30 Create_Undead
31 Cure_Critical_Wounds
32 Cure_Light_Wounds
33 Cure_Minor_Wounds
34 Cure_Moderate_Wounds
35 Cure_Serious_Wounds
36 Darkness
37 Daze
38 Death_Ward
39 Delayed_Blast_Fireball
40 Dismissal
41 Dispel_Magic
42 Divine_Power
43 Dominate_Animal
44 Dominate_Monster
45 Dominate_Person
46 Doom
47 Elemental_Shield
48 Elemental_Swarm
49 Bears_Endurance
50 Endure_Elements


Read more »
Posted by 桔梗 at 7:11 PM 0 comments
Labels:
Subscribe to: Posts (Atom)