Some online services the University of Heidelberg offers are only available if you are a part of their VPN. I don't want to use one of these crappy Cisco-tools, but fortunately there is vpnc.

Assuming the installation worked fine, you just have to enter the information in /usr/local/etc/vpnc.conf. It looks like that:

IPSec gateway vpnsrv1.urz.uni-heidelberg.de
IPSec ID tunnel
IPSec secret "group pass"
Xauth username "your login"@uni-heidelberg.de
Xauth password "your pass"

Unfortunately, they don't tell you the group password. But you can decode it once you have downloaded the configuration file from the "URZ" homepage.

I needn't tell you that the decoder mustn't be used for malicious activity...so just have fun.

Posted late Tuesday evening, April 18th, 2006 Tags:

Let's keep the introduction short: A stupid person (loosely related to my circle of friends) crashed his hard drive. Because he was not able to shut the PC down properly. Instead he would just "pull the plug". Yes. However, an interesting scenario for me: A hard disk with faulty sectors, 2 crashed NTFS partitions. Time for...dd_rescue.

This little tool works just like dd, but it won't abort on errors in the input file. In theory, you should be able to read data from defective disks. Yet, this takes very long time, so you should also use dd_rhelp. This bash script tries to read the maximum number of valid data before stopping for bad sectors. And best of all: You can stop at any time, try to read the image and let dd_rhelp continue its work afterwards.

The syntax is self-explaining if you start dd_rhelp --help. So let's assume you have got a working copy of the defective hard disk. In my case, there were two NTFS partitions, so I decided to do the actual rescue under Windows. This statement may seem audacious, but it really worked for me.

First, I obtained a copy of GetDataBack for NTFS. This program is a recommendation of Sven, a friend of mine. If you know any other programs, please mail me. Well, GDB worked flawlessly in this case. However, before I could try the program, I had to mount the image as a Windows drive so that GDB was able to access it. This was done by using filedisk, an excellent driver for Windows that is able to mount images just as you would do it under FreeBSD. These images then appear as normal Windows drives. In my case, direct access was not possible, as the Master File Table (MFT) was corrupted. But GDB was able to recover most of the data anyway - great job.

So, what is the essence of all this? Well, it demonstrates that FreeBSD in combination with Windows might yield good results. Furthermore, it proves that it's possible to do serious work under Windows (as long as you are using the right software, that is...). For some people, the forensic acquisition utilities, on which I accidentally stumbled, might also be helpful in case of data loss.

And don't forget: A backup is for life and not just for Christmas.

Posted late Sunday evening, April 23rd, 2006 Tags:

During my data rescue attempts, I took a backup of the images via network. Netcat and dd must be combined for this purpose, but it works marvellously.

The following command has to be issued on the machine where the images are stored:

dd if=my_image | nc client 1024

And on the client which stores or writes the image to a disk, you have to call:

nc -l -p 1024 | dd of=my_output

Just a little trick for those moments where it is easier to use the network rather than installing new hard disks...

Of couse, the commands have to be executed first on the client, then on the server. I consider my few readers intelligent enough to know this.

Posted late Tuesday evening, April 25th, 2006 Tags:

I happen to own one spare Linksys WP54G wireless card. When inserting it into the Laptop, FreeBSD complains:

cardbus0: Expecting link target, got 0x3
cardbus0: Resource not specified in CIS: id=10, size=2000
cardbus0: Resource not specified in CIS: id=14, size=20000
cardbus0: <network> at device 0.0 (no driver attached)

But behold! There is a solution: It basically consists of compiling your own NDIS driver. This procedure is also known as "Project Evil". It's very straightforward, so I will outline the steps necessary for the installation of an WPC54G, EU version:

  • Get LSTINDS.INF, LSTINDS.cat, FwRad16.bin and tnet1130x.sys from the Linksys CD-ROM. For your convenience, I uploaded these files (a note to Linksys here: please don't sue me for I am helping people using your great wireless cards under more operating systems. This will surely increase your shareholder value - sooner or later.), so you can grab them.
  • Extract all of these files execept FwRad16.bin into a directory of your choice. FwRad16.bin has to be placed in /compat/ndis/.
  • Start ndisgen. This text-interface will guide you through the installation if you choose "Convert Driver". If prompted for the .INF-file, specify the path to LSTINDS.INF. If prompted for the .sys-file, specify the path to tnet1130x.sys. Additional files are not needed.
  • You should now have the file tnet1130x_sys.ko. This file should be placed in /boot/kernel/.

Assuming you want to load the card drivers at startup, place the following in /boot/loader.conf:

ndis_load="YES"
if_ndis_load="YES"
tnet_1130x_sys_load="YES"

I haven't tested the lines in /boot/loader.conf because I use a shell script for loading the device drivers and connecting to my favourite access points.

Posted late Sunday morning, April 30th, 2006 Tags: