Jon Isbell

‘dd’ Progress July 30, 2012

dd is an excellent tool for low-level copying. It is often used to create disk images, wipe disks and transfer files when used in combination with netcat.

One frustrating “feature” of dd is that by default it provides no output until it exits. I recently discovered that it is possible to get the progress of a dd process by sending it the USR1 signal.

To receive regular progress updates you can use watch to repeatedly send the USR1 signal. As watch normally runs in the foreground you can use nohup to run it in the background. Run the following before starting dd:

# nohup watch pkill -USR1 dd >/dev/null &

Then run dd as usual:

# dd if=/dev/zero of=file bs=1M
239+0 records in
239+0 records out
250609664 bytes (251 MB) copied, 0.466951 s, 537 MB/s
326+0 records in
326+0 records out
341835776 bytes (342 MB) copied, 2.54462 s, 134 MB/s
354+0 records in
354+0 records out
371195904 bytes (371 MB) copied, 4.93833 s, 75.2 MB/s

Don’t forget to terminate watch once your dd process has completed!

Securing MySQL February 21, 2012

Did you know that a default installation of MySQL comes with anonymous, test and remote root user accounts? An attacker with knowledge of MySQL can use these accounts as stepping stones for other attacks. Its definitely worth spending a couple of minutes removing these accounts and make your MySQL installation a little more secure.

# Delete anonymous users
DELETE FROM mysql.user WHERE User='';

# Delete remote root users
DELETE FROM mysql.user WHERE User='root' AND Host!='localhost';

# Delete test database
DROP DATABASE test;

# Delete test users
DELETE FROM mysql.db WHERE Db='test' OR Db='test\\_%';

# Refresh privileges
FLUSH PRIVILEGES;

Creating a tiny PXE rescue environment using Slitaz February 19, 2012

Slitaz is a very small (base is 8mb) and highly configurable “live cd” distribution this makes it perfect for use in a rescue environment. The following steps were used to create a ‘rescue mode’ version of Slitaz which can be rapidly booted via PXE and includes RAID kernel modules, networking + SSH.

All of these steps were completed on a virtual machine booted using Slitaz 3.0 base (available from http://mirror.slitaz.org/iso/3.0/flavors/slitaz-3.0-base.iso). When the machine first boots you should login as root (password root) and start ssh (dropbear) then you can complete the instructions via an SSH client.

sed -i 's/DROPBEAR_OPTIONS.*/DROPBEAR_OPTIONS=""/' /etc/daemons.conf
/etc/init.d/dropbear start

Now SSH into the VM and copy/adjust/paste the rest of the instructions.

Get base flavor to work from

tazlito extract-flavor base
cp -a /home/slitaz/flavors/base /home/slitaz/flavors/rescue
cd /home/slitaz/flavors/rescue

Update metadata

sed -i s/base/rescue/ receipt
sed -i 's/Minimal set of packages to boot/base + rescue customisations/' receipt

Add useful packages

echo lvm2 >> packages.list
echo nano >> packages.list

Create directory for custom config

mkdir -p rootfs/etc

Allow root logins

cat /etc/daemons.conf | sed 's/DROPBEAR_OPTIONS.*/DROPBEAR_OPTIONS=""/' > rootfs/etc/daemons.conf

Run ssh on boot

cat /etc/rcS.conf | sed 's/RUN_DAEMONS="/RUN_DAEMONS="dropbear /' > rootfs/etc/rcS.conf

Use interface on private network

cat /etc/network.conf | sed s/eth0/eth1/ > rootfs/etc/network.conf

Set root passwd

passwd
deluser tux
cp /etc/shadow rootfs/etc

Install toolchain and kernel source

for i in slitaz-toolchain ncurses-dev perl linux-source; do tazpkg get-install $i; done

Enable storage kernel modules

cd /usr/src/linux
echo CONFIG_MEGARAID_SAS=m >> .config
echo CONFIG_SCSI_3W_9XXX=m >> .config

Build Slitaz package with the new kernel image and modules

make tazpkg

Copy newly built package into local repo (Note: The filename change is important s/slitaz-/)

mkdir /home/slitaz/packages
cp /usr/src/linux/linux-slitaz-2.6.30.6.tazpkg /home/slitaz/packages/linux-2.6.30.6.tazpkg

Create ISO

tazlito pack-flavor rescue
tazlito get-flavor rescue.flavor
tazlito gen-distro

Copy the kernel and filesystem

scp /home/slitaz/distro/rootcd/boot/rootfs.gz  server:/var/www/html/ipxe/rescue
scp /home/slitaz/distro/rootcd/boot/vmlinuz-2.6.30.6-slitaz  server:/var/www/html/ipxe/rescue