Announcement

Collapse
No announcement yet.

Linux ( A good solution to recover Windows )

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • Linux ( A good solution to recover Windows )

    Hello,
    I hope nobody over here gonna kill me...Hehe ! I attend plenty Linux events around my city. I found that Linux freaks just hate Windows. they are packed with guns and they are waiting for a victom..hah ! Yes i mean, if i talk about Windows, they will shut my mouth. Is that the way to represent Linux? I dont think so. But i really avoid talking with Linux developers and fans who are enemy of Microsoft.

    Lets come to the point. I am been Windows user from long time. Its not a thing to say ..hehe !! I started using Linux as a secondary OS 1 and half year back when i bought my first PC. I tried so many Linux distro's. They are good at some level . Its my comment from a aspect of a normal user. Not as a hard core programmer or a linux admin.

    You people might heard of Knoppix linux. It's one of the most famous LIVE linux.
    I found it for free with a linux magazine. I dont have anyintension to market this product over here. Just telling name because its famous in LIVE OS market like
    Microsoft Windows is famous as a the most user friendly OS from long time.

    I found, these LIVE cd's/DVD's of linux are extremely useful to recover Windows.

    Alright, How ? here i tell 1 of the real encounter >>

    My friend is a graphic designer and uses Windows XP professional. Due to some security reasons he made 1 folder encrpted on D drive. Later on because of virus infection he formatted C:/ drive i.e. system drive of his machine. Later on he tried to open thatfolder which was protected and in encrypted form. Whackkkk !!!!
    He was unable to get access to that folder. He called me. I was not sure if Linux can save his life.

    that folder was very important to him. All his valuable designs and flash presentations were inside that folder. I used some LIVE Linux CD, put in to CD rom and booted his machine from LIVE cd. The linux loaded from the respective cd, i saw all Windows drives mounted automatically and most amazing thing > I was able to open that encrypted folder. Wow ! I asked him to bring some pizzas for me...hehe ! yeah...I copied the data to another folder. And again went to Windows
    . And it worked. I dont no technology behind that. How come that encrypted folder opened via LIVE Linux i dont no. But it saved his life to say.

    I always keep 1 LIVE Linux cd in my laptop bag always, in case Windows fails to boot in safe mode. LIVE Linux is pretty useful too, through LIVE CD we can do all normal tasks like internet browsing, making word files, playing games and etc.
    Try it if you think it's interesting.


    Regards,
    Amey.
    [ I was in puzzle where to submit this thread. I think this column might be suitable
    ]
    All in 1
    Solaris,Linux & Windows admin + networking.

  • #2
    Re: Linux ( A good solution to recover Windows )

    [email protected] Cooooool.
    Hi, sco1984.
    In my opinion, there is always room for another opinion, another way to see the things or another tool to do job or to save the day. Thus, Linux should not be overlooked. It has features and tools and capabilities that cannot be beaten by Windows (at least not so far). On the other hand, for the regular user, Linux is a real headache. BTW, a lot of Linux "hardcore" supporters have criticized the move toward the regular user, meaning development of more and more graphical tools and the graphical environment itself. Probably the same Windows-haters, that Linux is going through their veins instead of blood.
    Above all this, is the advantage of the LiveCD. And doesn't matter if it's Knoppix, BartPE, ERD Commander or others. Being able to boot a faulty computer with another OS and debugging it, it's a wet dream coming true. What we used to do in such cases? Recovery console? Poor command line, with few useful tools. Safe Mode? Maybe, if we had the luck to boot into safe mode, or the problem was solvable in Safe Mode (like your friend's encrypted folder). Taking the disk to another computer, to another OS? But wait, why not taking the other OS to this computer?
    We should be better then those people you are talking about. We should know that we cannot dismiss the use of Linux just because is a Microsoft competitor. We should enjoy both worlds' advantages. And at the end of the day, does it matter how you saved someone's day? Will it be important what tool you used, or what method (as long as it's legal ).
    I wonder what results ERD and BartPE would have. I'll give it a try and let you know.
    Do you think there's room for a comparison between the different LiveCD products available? At least those I mentioned here?
    BTW, as far as I saw, Knoppix does not have a tool for Registry editing. I downloaded some time ago version 5, both CD and DVD, but didn't check them thoroughly.

    Added: Steve Balmer attended the opening ceremony in 2006 TechEd held in Israel. He's a funny guy. We had some time for question at the end. Unfortunately, he was in a hurry, so he answered only two questions, I wasn't among them. I wanted to ask him if, given the fact that Novell is based on SUSE and MacOSX on another Linux (FreeBSD, if I remember right - apologies if not), we have to expect in the future a Windows version based on a Linux kernel too. It could have been interesting...
    Last edited by sorinso; 19th January 2007, 07:14. Reason: Steve Balmer story...

    Sorin Solomon


    In order to succeed, your desire for success should be greater than your fear of failure.
    -

    Comment


    • #3
      Re: Linux ( A good solution to recover Windows )

      Now that is a VERY scary thought if Windows file encryption can be broken straight from a Linux setup. Some more investigation is definitely needed!
      Tom Jones
      MCT, MCSE (2000:Security & 2003), MCSA:Security & Messaging, MCDBA, MCDST, MCITP(EA, EMA, SA, EDA, ES, CS), MCTS, MCP, Sec+
      PhD, MSc, FIAP, MIITT
      IT Trainer / Consultant
      Ossian Ltd
      Scotland

      ** Remember to give credit where credit is due and leave reputation points where appropriate **

      Comment


      • #4
        Re: Linux ( A good solution to recover Windows )

        I was trying to save time. I could have done that R & D too by installing other OS, but it would definitely take at least not less than 20 minutes ? Sure. So have a look from all the angle's. Not just installation of another OS or not just to attach that perticular disk as a slave to another comp etc...What if there is no other comp where i can attach that disk ? Dont consider that in all places there are at least 2 computer's.. Nope! Time,Efforts and money. These are the most important things sometimes. And it's fun discovering those things.

        I remember, once i modified "ntoskrnl" to change default XP boot splash screen. And third party boot splash did not work...And windows failed to load. I had Mandriva at other hand as a dual boot OS. But i was unable to replace the original ntoskrnl file which i copied to another drive through linux because in that version of Mandriva i found no NTFS read-write feature. But now it's available with several linux distro's and thats fascinating.

        ================================================== =======





        Originally posted by sorinso View Post
        [email protected] Cooooool.
        it's a wet dream coming true. What we used to do in such cases? Recovery console? Poor command line, with few useful tools. Safe Mode? Maybe, if we had the luck to boot into safe mode, or the problem was solvable in Safe Mode (like your friend's encrypted folder). Taking the disk to another computer, to another OS? But wait, why not taking the other OS to this computer?
        .
        All in 1
        Solaris,Linux & Windows admin + networking.

        Comment


        • #5
          Re: Linux ( A good solution to recover Windows )

          Originally posted by Ossian View Post
          Now that is a VERY scary thought if Windows file encryption can be broken straight from a Linux setup.

          That's why many hackers born i think ...They dig holes in to Windows through powerful Unix systems and finished there work !! Hehe !!

          Surely it's serious thing. And now desktop linux systems can read write NTFS file system . Thats even more dangerous. One can edit or delete "sam" file and he can take control of that Windows machine.

          Ofcourse it's not that simple. Hacker's are getting more advanced, and i read somewhere a article where hands raised to a question "128 bit encrypted" thing could be 100% an unbreakable treasure of confidential information?" ...There was Yes and No too.
          All in 1
          Solaris,Linux & Windows admin + networking.

          Comment


          • #6
            Re: Linux ( A good solution to recover Windows )

            Now all OS'es have there holes. It just so happens that MS as the market leader get the biggest attacks to there systems.

            I've used Knoppix to recover complete HDD's as well and it is a graat tool for what i used it as.

            Comment


            • #7
              Re: Linux ( A good solution to recover Windows )

              Originally posted by Ossian View Post
              Now that is a VERY scary thought if Windows file encryption can be broken straight from a Linux setup. Some more investigation is definitely needed!
              I totally agree. If this is true, imo this makes the windows file encryption totally useless. However, i'll need to be sure about this.

              So, you just used windows XP sp2 and knoppix. That's it?
              Marcel
              Technical Consultant
              Netherlands
              http://www.phetios.com
              http://blog.nessus.nl

              MCITP(EA, SA), MCSA/E 2003:Security, CCNA, SNAF, DCUCI, CCSA/E/E+ (R60), VCP4/5, NCDA, NCIE - SAN, NCIE - BR, EMCPE
              "No matter how secure, there is always the human factor."

              "Enjoy life today, tomorrow may never come."
              "If you're going through hell, keep going. ~Winston Churchill"

              Comment


              • #8
                Re: Linux ( A good solution to recover Windows )

                Surely all that's happened is that Knoppix has allowed the user to log in as "Administrator" to the host machine and therefore use the default recovery agent to read the EFS encrypted files? If so this is only a security breach in that the user needs to be able to log in as administrator...?


                Tom
                For my own and your protection, I do not provide support by private message under any circumstances. All such messages will be deleted and ignored.

                Anything you say will be misquoted and used against you

                Comment


                • #9
                  Re: Linux ( A good solution to recover Windows )

                  Originally posted by Stonelaughter View Post
                  Surely all that's happened is that Knoppix has allowed the user to log in as "Administrator" to the host machine and therefore use the default recovery agent to read the EFS encrypted files? If so this is only a security breach in that the user needs to be able to log in as administrator...?

                  Sco1984 said the c: partition had been reformatted so should be a new Administrator SID
                  Tom
                  Tom Jones
                  MCT, MCSE (2000:Security & 2003), MCSA:Security & Messaging, MCDBA, MCDST, MCITP(EA, EMA, SA, EDA, ES, CS), MCTS, MCP, Sec+
                  PhD, MSc, FIAP, MIITT
                  IT Trainer / Consultant
                  Ossian Ltd
                  Scotland

                  ** Remember to give credit where credit is due and leave reputation points where appropriate **

                  Comment


                  • #10
                    Re: Linux ( A good solution to recover Windows )

                    while reading and see that its going to encription i use this software to secure my data...

                    http://www.truecrypt.org/
                    open-source disk encryption software for Windows XP/2000/2003 and Linux

                    i am very sure that no linux can open this encytion without some bruteforce.. etc

                    Main Features:

                    * Creates a virtual encrypted disk within a file and mounts it as a real disk.

                    * Encrypts an entire hard disk partition or a storage device such as USB flash drive.

                    * Encryption is automatic, real-time (on-the-fly) and transparent.

                    * Provides two levels of plausible deniability, in case an adversary forces you to reveal the password:

                    1) Hidden volume (steganography – more information may be found here).

                    2) No TrueCrypt volume can be identified (volumes cannot be distinguished from random data).

                    * Encryption algorithms: AES-256, Blowfish (448-bit key), CAST5, Serpent, Triple DES, and Twofish.
                    Mode of operation: LRW (CBC supported as legacy).


                    you can install progy's (finance stuff etc)in encypted folders and you can only run them if you mount the drive


                    Yaniv F
                    MCSE 2000 Done
                    RHCE Done

                    Comment


                    • #11
                      Re: Linux ( A good solution to recover Windows )

                      Was the folder really encrypted or were the files just zipped with a password?
                      1 1 was a racehorse.
                      2 2 was 1 2.
                      1 1 1 1 race 1 day,
                      2 2 1 1 2

                      Comment


                      • #12
                        Re: Linux ( A good solution to recover Windows )

                        Originally posted by Ossian View Post
                        Sco1984 said the c: partition had been reformatted so should be a new Administrator SID
                        Tom
                        Ahhh - NO. Local Administrator account always has the same SID...
                        Last edited by Stonelaughter; 19th January 2007, 17:44.


                        Tom
                        For my own and your protection, I do not provide support by private message under any circumstances. All such messages will be deleted and ignored.

                        Anything you say will be misquoted and used against you

                        Comment


                        • #13
                          Re: Linux ( A good solution to recover Windows )

                          I don't think that the files were encrypted by use of EFS. No way. And if they were, I want to see some screenshots.

                          You know what? I can try on my own. I've got a couple of VMs here, a Linux Live CD. I can try.

                          BTW, I don't know if you know this, but you CANNOT encrypt a folder in EFS. Only files. If you encrypt the folder only the files get encrypted, and new files that are copied or moved there also get encrypted because they inherit the folder's encryption state. But the folder itself is NOT encrypted in any way.
                          Cheers,

                          Daniel Petri
                          Microsoft Most Valuable Professional - Active Directory Directory Services
                          MCSA/E, MCTS, MCITP, MCT

                          Comment


                          • #14
                            Re: Linux ( A good solution to recover Windows )

                            Originally posted by danielp View Post
                            You know what? I can try on my own. I've got a couple of VMs here, a Linux Live CD. I can try.
                            if you do, can you do a few screenshots for us?
                            changed

                            Comment


                            • #15
                              Re: Linux ( A good solution to recover Windows )

                              I will. Sure. Still waiting for a response from sco1984.
                              Cheers,

                              Daniel Petri
                              Microsoft Most Valuable Professional - Active Directory Directory Services
                              MCSA/E, MCTS, MCITP, MCT

                              Comment

                              Working...
                              X