These notes are a work in progress and outline linux tools that I use to check and clean hard drives with MS Windows OS installed. My childrens PC's run Windows XP and Vista and friends also ask me to clean their riddled hard drives too. I used to boot into MS Windows XP and then run purchased tools. Now that I run Kubuntu all the time, I just hot-plug their hard drives into either a SATA docking station or for EIDE, a EIDE/SATA adapter.
Note:-
Whilst I mention how to install the following packages from the bash prompt, it is far better to install them via Synaptic Package. Then, it is far easier to update them.
Anti-virus
If you are running a file server, interface frequently with Windows drives, or use virtualization, you will want a virus checker for your Windows files.
ClamAV is the open source virus tool for Linux. To install ClamAV with a KDE frontend:
Code:
sudo apt-get install klamav
Far better to install via Synaptic Package though as you can select clamtk (this is for clamav user interface) at the same time. clamtk allows you to run ClamAV from the GUI (desktop) but also once installed, you can right-click on any file in your file manager and then select, 'Open with...', 'Virus Scanner'.
www.clamav.net
Rootkit checkers
Rootkits are malicious trojan-like programs to allow an intruder to become a root user and therefore have complete administrative control over the system. There aren't many rootkits in the wild for Linux. Still, this is a growing security problem (especially in other operating systems) and it is a matter of time before more rootkits appear in Linux. Checking for rootkits isn't always successful from a system that is already infected. Your rootkit checker should therefore be run from another system, or a USB pendrive with a Ubuntu LiveCD installation. See the rootkit checker manuals for instructions how to do this. If you are infected with a rootkit, you must backup all your files and re-install your system. (Thank goodness this is easy with Ubuntu, unlike with other operating systems).
Chkrootkit checks locally for signs of a rootkit.
Install:
Code:
sudo apt-get install chkrootkit
Run:
Code:
sudo chkrootkit
http://www.chkrootkit.org/
Data Recovery
SystemRescueCd - is a Linux system rescue disk available as a bootable CD-ROM or USB stick for administrating or repairing your system and data after a crash.
http://www.sysresccd.org/Main_Page
SystemRescueCd - Articles about usage
Become A System Rescue Guru With Linux, Part 1
http://www.linuxplanet.com/linuxplanet/tutorials/6484/1/
Become A System Rescue Guru With Linux, Part 2
http://www.linuxplanet.com/linuxplanet/reviews/6486/1/
Partition and Image Your Hard Drive with the System Rescue CD
http://lifehacker.com/software/geek-to-live/partition-and-image-your-hard-drive-with-the-system-rescue-cd-292972.php
GParted - (included in SystemRescueCd above) I prefer to install the latest version of this on my system. It is a hard drive partition editor for creating, reorganizing, and deleting disk partitions.
http://gparted.sourceforge.net/
TestDisk - is a powerful OpenSource (free) data recovery software for Linux, MS Win and Mac O.S.
It was primarily designed to help recover lost partitions and/or make non-booting disks bootable again when these symptoms are caused by faulty software, certain types of viruses or human error (such as accidentally deleting a Partition Table). Partition table recovery using TestDisk is really easy.
http://www.cgsecurity.org/wiki/TestDisk
PhotoRec - is a powerful OpenSource (free) data recovery software for Linux, MS Win and Mac O.S.
Designed to recover lost files including video, documents and archives from hard disks, CD-ROMs, and lost pictures (thus the Photo Recovery name) from digital camera memory. PhotoRec ignores the file system and goes after the underlying data, so it will still work even if your media's file system has been severely damaged or reformatted.
http://www.cgsecurity.org/wiki/PhotoRec
Categories: How-To, Linux, OS
Tags: Ubuntu, Kubuntu, administration, commands, maintenance, disk, anti-virus, rootkits, partitioning, data recovery.
No comments:
Post a Comment