• SubInACL is a command-line tool that enables administrators to obtain security information about files, registry keys, and services, and transfer this information from user to user, from local or global group to group, and from domain to domain. For example, if a user has moved from one domain (DomainA) to another (DomainB), the administrator can replace DomainA User with DomainB User in the security information for the user's files. This gives the user access to the same files from the new domain. SubInACL enables administrators to do the following: • Display security information associated with files, registry keys, or services.

I need to create a system restore/repair disk on a differnet computer so i can fix one that isn't working, I need to make a system restore/repair disk for Windows XP home edition. Use a new CD and this free and easy program to burn your ISO file and create your bootable CD: http://www.imgburn.com/.

This information includes owner, group, permission access control list (ACL), discretionary ACL (DACL), and system ACL (SACL). • Change the owner of an object.

• Replace the security information for one identifier (account, group, well-known security identifier (SID)) with that of another identifier. • Migrate security information about objects. This is useful if you have reorganized a network's domains and need to migrate the security information for files from one domain to another.

This update addresses the following issues: • Fixed bug where subinacl.exe failed to process command line arguments • Fixed bug where subinacl.exe failed to function correctly with cluster file shares. • • Click the Download button (above) to start the download. • In the File Download dialog box, select Save this program to disk. • Select a location on your computer to save the file, and then click Save. • In Windows Explorer, go to the location where you saved the downloaded file, double-click the file to start the installation process, and then follow the instructions.

The downloaded file is a Microsoft Software Installer (.msi) file. By running the file, you install the tool and documentation on your computer. When you install a tool, you are prompted to choose an install directory. If the Windows Server 2003 Resource Kit is installed, install the tool in the Resource Kit directory to avoid an overly large system path and to ensure more reliable upgrades. When you install the Resource Kit, the recommended directory is C: Program Files Windows Resource Kits Tools.

W2 Program Dodge County Wi. Welcome to LinuxQuestions.org, a friendly and active Linux Community. You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Note that registered members see fewer ads, and ContentLink is completely disabled once you log in. Are you new to LinuxQuestions.org? Visit the following links: If you have any problems with the registration process or your account login, please.

If you need to reset your password,. Having a problem logging in? Please visit to clear all LQ-related cookies.

Introduction to Linux - A Hands on Guide This guide was created as an overview of the Linux Operating System, geared toward new users as an exploration tour and getting started guide, with exercises at the end of each chapter. For more advanced trainees it can be a desktop reference, and a collection of the base knowledge needed to proceed with system and network administration. This book contains many real life examples derived from the author's experience as a Linux system and network administrator, trainer and consultant.

They hope these examples will help you to get a better understanding of the Linux system and that you feel encouraged to try out things on your own. To receive this Complete Guide absolutely free. This post contains comprehensive documentation with examples for one of the most useful Linux/UNIX/Windows commands: dd. Dd is a bit-stream duplicator. If you have questions, post them. The latest addition, How To Encrypt an 8.0 GB SDHC MicroSD Card was on. First Time visitors please reply.

How To Encrypt an 8.0 GB SDHC MicroSD Card Put the card into an USB adapter. Such devices are not perfect.

One might have to push the MicroSD card into the reader as far as it will go, and others might have to pull it back a millimeter or two. If the kernel does not detect a partition on a new card, it's detecting the USB adapter only. Adjust the card slighty, and replace the adapter if necessary. Should show some new device(s). Code: dd if= of= bs= ('USUALLY' some power of 2, and usually not less than 512 bytes (ie, 512, 1024, 2048, 4096, 8192, 16384, but can be any reasonable whole integer value.) skip= seek= conv= Source is the data being read. Target is where the data gets written. If you reverse the source and target, you can wipe out a lot of data.

This feature has inspired the nickname 'dd' Data Destroyer. Caution should be observed when using dd to duplicate encrypted partitions.

Examples: duplicate one hard disk partition to another hard disk partition: Sda2 and sdb2 are partitions. You want to duplicate sda2 to sdb2. Code: 0xbaff02a Convert the hex offsets to decimal offsets, using one of the many logic capable calculators for Linux. Decimal offsets corresponding to the beginning and end of the JPEG are 195 035 183 and 196 079 658. (196 079 658) - (195 035 183) = rough idea of proper bs= and count= parameters. To find the proper count= figure: ( - ) / =.

(195 035 183 – 196 079 658) = (1 044 475) / (bs=4096) = (254.998). That's really close to 255. If we could land exactly at the header bytes using bs=4096, we could use count=255. But I'm going to use count=257, because random chance dictates the probability of landing dead on the header bytes, using 2^x block size is remote. So we start reading before the header bytes.

We need to use skip= parameter to skip to our start point: 195 035 183 / bs=4096 = 47 616.011. We always round down, so dd will start reading before the beginning of the file. In this case we round down to skip=47615. The following writes a file containing the JPEG with some unwanted bytes before and after. Code: hexdump -C work_file.bin 'grep 'ff d8 ff e0' 'ff d9' dd if=work_file.bin skip= count= - bs=1c of=JPG.jpgThat's the way to get your hands dirty deep in digital data. But this process it automated in the file carving program, foremost. The principle of file carving negates the need for Linux undelete programs.

So if your from a MS Windows world, don't google for linux undelete, but rather, foremost NEXT. I put two identical drives in every one of my machines. Before I do anything that most probably spells disaster, like an untested command line in a root shell, that contains. Code: dd if=/dev/zero bs=1024 count=1000000 of=/home/sam/1Gb.fileWhen dd finishes it outputs (total size)/(total time). You get the idea. Play with 'bs=' and 'count=', always having them multiply out to the same toal size.

You can calculate bytes/second like this: 1Gb/total seconds = Gb/s. You can get more realistic results using a 3Gb file.

Rejuvenate a hard drive To cure input/output errors experienced when using dd. Over time the data on a drive, especially a drive that hasn't been used for a year or two, grows into larger magnetic flux points than were originally recorded.

It becomes more difficult for the drive heads to decipher these magnetic flux points. This results in I/O errors. Sometimes sector 1 goes bad, resulting in a useless drive. Code: dd if=/dev/urandom of=/home/sam/myrandom bs=100 count=1 /dev/random produces only as many random bits as the entropy pool contains.

This yields quality randomness for cryptographic keys. If more random bytes are required, the process stops until the entropy pool is refilled (waggling your mouse helps). /dev/urandom does not have this restriction. If the user demands more bits than are currently in the entropy pool, it produces them using a pseudo random number generator.

Here, /dev/urandom is the Linux random byte device. Myrandom is a file. Randomize data over a file before deleting it. Code: mkdir /mnt/mem mount /dev/ram7 /mnt/memNow you can use the drive like a hard drive. This is particularly superb for working on large documents or programming. You can duplicate the large file or programming project to the ramdrive, which on my machine is at least 27 times as fast as /dev/sda, and every time you save the huge document, or need to do a compile, it's like your machine is running on nitromethane. The only drawback is data security.

The ramdrive is volatile. If you lose power, or lock up, the data on the ramdrive is lost.

Use a reliable machine during clear skies if you use a ramdrive. Duplicate ram memory to a file. Code: /dev/mem is your system memory. You can actually duplicate any block or character device to a file using dd. Memory capture on a fast system, with bs=1024 takes about 60 seconds, a 120 GB HDD about an hour, a CD to hard drive about 10 minutes, a floppy to a hard drive about 2 minutes.

With dd, your floppy drive images will not change. If you have a bootable DOS diskette, and you save it to your HDD as an image file, when you restore that image to another floppy it will be bootable. Dd will print to the terminal window if you omit the. Code: umount /aes losetup -d /dev/loop1 rmmod aes rmmod cryptoloop rmmod loopto make 'aes-drv' look like a 400 MB file of random bytes. Every time the lo interface is configured using losetup, according to the above, and the file 'aes-drv' is mounted, as above, the porno stash will be accessible in /aes/porno.

You don't need to repeat the dd command, OR, the format with reiserfs, OR, the mv command. You only do those steps once. If you forget the password, there is no way to recover it besides guessing. Once the password is set, it can't be changed. To change the password, make a new file with the desired password, and move everything from the old file to the new file.

Acl is a good mount option, because it allows use of acls. Otherwise your stuck with u,g,o and rwx. If you are curious about what might be on you disk drive, or what an MBR looks like, or maybe what is at the very end of your disk. Code: dd if=/dev/sda of=home/sam/myfile skip=234441646 bs=512, So this reads sector for sector, and writes the last sector to myfile. Even with LBA addressing, disks still secretly are read in sectors, cylinders, and heads. There are 63 sectors per track, and 255 heads per cylinder.

There is a total cylinder count. With 234441647 total sectors, and 16065 sectors per cylinder, you get some trailing sectors which do not make up an entire cylinder: 84812_cylinders/drive. This leaves 5102 sectors which cannot be partitioned, because to be in a partition you have to be a whole cylinder. It's like having part of a person. That doesn't really count as a person.

These become surplus sectors after the last partition. You can't ordinarily read past the last partition. It's a good idea to check for anything writing to surplus sectors. For our Seagate 120 GB drive, 234,441,647_sectors/drive - 5102_surplus_sectors = 234,436,545 partitionable sectors. Code: dd if=/dev/urandom of=/dev/sda bs=512 seek=234436545Will overwrite the 5102 surplus sectors on our 120 GB Seagate drive.

Block size: One cylinder in LBA mode = 255_heads*63_sectors/track=16065_sectors=16065*512_bytes=8,225,280_bytes. The b means '* 512'. 32130b represents a two cylinder block size. Cylinder block size always works to cover every sector in a partition, because partitions are made of a whole number of cylinders. One cylinder is 8,225,280 bytes.

If you want to check out some random area of the disk. Code: netcat -l -p 1234 gzip >partition.img makes a compressed image file using gzip compression. I back up a 100 GB lappy disk on a desktop drive, over a lan connection, and the 100 GB compresses to about 4.0 GB.

Most of the drive is empty, so it's mostly zeroes. Repetitive zeroes compress well. Don't hit enter yet. Hit enter on the target machine. THEN hit enter on the source machine. Netcat is a program, available by default, on most linux installations. It's a networking swiss army knife.

In the preceding example, netcat and dd are piped to one another. One of the functions of the linux kernel is to make pipes.

The pipe character looks like two little lines on top of one another, both vertical. Here is how this command behaves: This byte size is a cylinder. Bs=16065b equals one cylinder on an LBA drive.

The dd command is piped to netcat, which takes as its arguments the IP address of the target(like 192.168.0.1, or any IP address with an open port) and what port you want to use (1234). You can also use ssh. Code: dd if=/dev/sdb2 ssh sam@192.168.0.121 'sudo dd of=/home/sam/sdb2.img' CONTINUED.

SEE NEXT POST Dd is like Symantec Norton Ghost, Acronis True Image, Symantec Drive Image. You can perform disk drive backup, restore, imaging, disk image, cloning, clone, drive cloning, transfer image, transfer data, clone to another drive or clone to another machine, move Windows XP to a new hard drive, clone Windows XP, clone Windows, transfer Windows, hard drive upgrade, duplicate a boot drive, duplicate a bootable drive, upgrade your operating system hard drive, Tired of reinstalling WinXP Windows XP? Copyright 2008, 2010 by AwesomeMachine. All Rights Reserved. Code: foremost -t all -k 256 -v -b 2048 -i ~/dvd.iso -o ~/dvd/ Your files will be in directory: /home/sam/dvd.

MS Windows Section Use dd for drive cloning, backup, drive upgrading, and restore tasks. Boot a Windows XP machine with a Knoppix Linux live CD.

Download Knoppix, burn the iso image file to a CD, boot with it, and clone drives. Drives are described to the dd command using device files. Boot into Knoppix, and open a root shell. It's in the penguin menu.

(80 conductor grey ribbon cable) = /dev/hda for master; /dev/hdb for slave. SATA are /dev/sda and /dev/sdb. The partitions on the first drive. Gmail Offline Installer Download. Code: man parted If one has trouble, leave a reply. Knoppix is slow, because it runs on a CD drive (1/1000 the speed of a HDD).

Many games written for Windows are virtually impossible back-up. This leaves only the original media. If it gets damaged, the user SOL. But there is a way to make back-ups using Linux. Download Adrienne Knoppix, and choose the option to copy it to a flash drive. Boot the flash-drive. If there are two optical drives available, load the CD/DVD source disk in one drive, and the blank disk in the other.

Open a terminal from the menu, and get the root account by typing. Code: wodim dev=/dev/hdc -sao driveropts=burnfree -dummy /home/sam/floppy.img.iso This is a dummy burn, with the drive laser off. After you check the dummy run for errors, by looking at the program output, hit the up arrow, delete '-dummy', Enter.

If you need a DOS boot floppy image file: /symantec-system-recovery-2011-disk-iso-reader.htmlYou want to find out if your girlfriend is cheating on you, having cyber whoopie, or your a control freak. Even if the computer is secured with a password, you can boot with the: Knoppix Live CD and search the entire drive partition for text strings. Code: dd if=/dev/sda2 bs=16065 strings -n 10 -t d grep -i -B 20 -A 20 'luv U' will search the drive partition specified in the dd command, for the text string specified between the single quotes in the grep command. Searching an entire disk partition several times can be time consuming.

You might gift her a day at the spa. Females love that.

That would keep her occupied while you invade her privacy. I highly recommend googling: 'How can I tell if he's married?' This will produce a list of hits for sites females use to check whether or not their dates are married. You must click the link, go to the site, get the name of the organization running the site, google ', until you find the correct mailing address. Send a letter by certified mail instructing the organization to hereafter refrain from using a certain name for profit, because it doesn't belong to them, and they aren't entitled to profit by using it in a query or search result. State the specific name without a middle initial, and send a copy to any judge, with a cover letter, of course, and the enclosure marked COPY.

This particular command string prints the search results, preceded by the decimal offset of its location on the drive, to the screen. If the offfset is: 34,409,872, we want manageable numbers, custom designed for speed and ease of use. The decimal disk offset is roughly 34 million, so the data we want to view is 34 MB into the partition. We divide 34,409,872 by some power of 2.

Experience says 2^13 is about what we want, to get a quotient in the thousands. The data we want is 8,192 4,200 byte blocks, OR, 4,200 8,192 byte blocks, into the partition. We check: 4200*810; 34,409,80=3472. This means the following command line will start reading 3,472 bytes before the string location. Code: dd if=/dev/sda2 bs=4200 skip=8192 count=2 strings >file.txt. And finish reading approximately 4,200 bytes after the string. This will net you 3.4k of disk contents before the search string, and 4.2k after.

That's a 7.6k chunk of disk, plenty for what we're doing. With this method you search all the deleted files, any chat activity, Internet temporary files, and emails. It works regardless of what security has been deployed on the machine. It works with NTFS, ext2, ext3, reiserfs, swap, UFS, iso9660, and FAT partitions. But, it is illegal to use this method on a computer you aren't authorized to search.

People can be sued, or imprisoned for performing unauthorized searches. [color='red']This next thing does not work anymore, because the Linux kernel wised up a bit. I'm working on an alternate method.[color] You can search system memory with this method, by substituting.

Code: dd if=/dev/mem bs=1k skip=768 count=256 2>/dev/null strings -n 8 dd will not duplicate or erase an HPA, OR, host protected area. Code: ascii (or asciib), ebcdic (or ebcdicb), and ibm (or ibmb) values are mutually exclusive. Block Treats the input as a sequence of NEWLINE-terminated or EOF-terminated variable-length records independent of the input block boundaries.

Each record is converted to a record with a fixed length specified by the conversion block size. Any NEWLINE character is removed from the input line. SPACE characters are appended to lines that are shorter than their conversion block size to fill the block. Lines that are longer than the conversion block size are truncated to the largest number of characters that will fit into that size. The number of truncated lines is reported. Unblock Converts fixed-length records to variable length. Reads a number of bytes equal to the conversion block size (or the number of bytes remaining in the input, if less than the conversion block size), delete all trailing SPACE characters, and append a NEWLINE character.

The block and unblock values are mutually exclusive.