Open Source

RSS feed

Prevent Online Banking Fraud with a ROBAM

What’s a ROBAM? you ask. Check out this post: Protecting Your Business from Online Banking Fraud. SANS says, “The number one recommended mitigation [to online banking fraud caused by infostealer infections] is to use a read-only bootable alternative media (ROBAM) as an isolated environment for financial transactions.”

You can use a USB thumb drive instead of a CD if you do the following:

1. Download your alternative Linux OS choice (I prefer Ubuntu or Knoppix) in .iso format
2. Download UNetbootin from http://unetbootin.sourceforge.net/
3. Create a bootable USB thumb drive using UNetbootin
4. Set the properties of the drive to “read only”

This should have the same effect as using a Linux live CD.

I haven’t tried this, so comments welcome.

0

Make an Anti Virus Bootable USB Thumb Drive

UPDATE! The BLTDVS Toolkit in its original form as referred to below is now obsolete. The current state of the art has yielded self-contained USB installer tools for most of the popular anti virus rescue CDs.

I have updated this article with the latest information and put two versions of popular rescue CD USB installers in the revised BLTDVS Toolkit which is still available for download from the original location when you sign up for my newsletter list.

With all the various flavors of anti virus rescue CDs around, it’s an easy matter to create a CD bootable anti virus scanner that will operate offline to disinfect even the worst malware infestation. In most cases, all you have to do is download the vendor’s latest rescue CD ISO image, burn it, boot it, and let the program do its thing. Easy. Making a bootable USB thumb drive from the ISO is another matter.

Extracting the files from an ISO image to the thumb drive requires a few tricks to accomplish. You can, of course, just download my BLTDVS toolkit from How to make a bootable thumb drive virus scanner for NTFS: 2009 update,? and follow the included instructions but, that toolkit is specifically optimized to work with the Kaspersky Rescue CD; what if you prefer to use a different vendor’s rescue package?

There’s a cool open source utility called UNetbootin that allows you to create bootable live USB drives for a variety of Linux distributions without requiring you to burn a CD. This is perfect since most, if not all, of the rescue CDs are Linux based. The UNetbootin site has full instructions on how to use the tool complete with screen shots. There are also several utilities and rescue tools listed for use with UNetbootin.

BitDefender

Download the BitDefenderRescueCD_###.iso into the BLTDVS_toolkit folder if you have it, or make a folder of your own.
Download and launch the Universal USB Installer or launch it from the BLTDVS_toolkit folder. Select the option “Try unlisted Linux ISO (Old Syslinux)” then browse to the BitDefender ISO file.

Kaspersky

Download the Kaspersky Rescue CD and save it to the BLTDVS_toolkit folder.
Download the rescue2usb utility and launch it or launch it from the BLTDVS-toolkit folder.

Cheers!
The Geek

2

“14 Golden Rules of Computer Security” Nearing Completion

My new eBook, “14 Golden Rules of Computer Security” is almost complete and will be ready for downloading shortly. Written with the non-technical person in mind, the book is packed with proven, practical advice on how to stay safe on the Wild, Wild Web including bonus articles about creating strong, easy-to-remember passwords and email security tips. I give you tons of links to free and low-cost tools as well as special discounts for software and services by some of the best computer security companies in the business. It’s a must-have for every computer owner.

Based upon my popular “How to Secure Your Computer” series of web articles and fully updated with late-breaking information on safe searching and social networks, “14 Golden Rules of Computer Security” will help you develop your own secure computing practices and save you from the hassle of dealing with unpleasant malware attacks.

The book will cost $9.95 for the general public, but all Ask the Geek subscribers will be sent a download link and password for a free copy, so be sure to sign up. (If you already closed the subscription panel, you can sign up by clicking here or on the Sign Up! link on the Pages sidebar.)

Sign up today and then watch your email for the release announcement and download instructions.

0

How to make a bootable thumb drive virus scanner for NTFS: 2009 update

NOTE! The BLTDVS Toolkit in its original form is now obsolete. The current state of the art has yielded self-contained USB installer tools for most of the popular antivirus rescue CDs.

I have updated this article: Make an Anti Virus Bootable USB Thumb Drive with the latest information and put two versions of popular rescue CD USB installers in the revised BLTDVS Toolkit which is still available for download from the original location when you sign up for my newsletter list.

Once again, in May 2009, I have had to revise this article because Avira’s updates no longer work (thanks, Cindy, for your help in pointing out the problem to me). This new revision supercedes all previous articles I have posted on this subject; specifically, these two:

http://askthegeek.kennyhart.com/2005/12/how-to-make-bootable-thumb-drive-virus.html

http://askthegeek.kennyhart.com/2007/03/update-how-to-make-bootable-thumb-drive_20.html

“How to make a bootable thumb drive virus scanner for NTFS” is the second most popular article on this site, outranked only by “My Computer Won’t Shut Down!” and I thank you for visiting Ask the Geek for advice on these issues. Because of the continuing popularity of the thumb drive virus scanner, I want to make sure you have up to date and relevant information. The two articles listed above are outdated.

The original DOS-based version of the thumb drive virus scanner used F-Prot Antivirus for DOS, one of the best and most popular DOS-based? scanners for nearly 20 years. Unfortunately, F-Secure is no longer updating the virus definitions for that version. In fact, the F-Prot virus signatures are now almost two years old, making them virtually useless. Other vendors are following suit. I’ve had quite a bit of feedback asking me if I could solve this problem and provide an updated method of offline virus scanning.

The good news is that, yes, I’ve solved the problem, thanks to the fact that several vendors offer free bootable rescue CDs for download. Most of these run under some flavor of Linux and after a bit of hacking, I found it’s a simple matter to make a bootable thumb drive from the images.

Note: Avira has changed the ISO image *again* since this article was first posted. I have had comments from some people that the new ISOs just don’t work right on the thumb drive. As of May 2009, the VDF updates cause the old version to fail. I have revised the steps below and updated the BLTDVS toolkit. 

I chose the Kaspersky Rescue CD from Kaspersky Lab for my latest incarnation of the thumb drive virus scanner. Since it runs under Linux, it has native NTFS read/write support making it unnecessary to use any third party tools like NTFS4DOS (which is still available, but no longer supported by Avira).

Here’s how to be up and running with your own copy of my latest tool in just a few minutes. I’ve made it easy by providing everything you need, except the rescue CD image:

  1. I no longer require that you make a donation, but would appreciate it greatly. I’ve worked hard to keep the BLTDVS toolkit up to date and will contintue to do so.
  2. I do require that you sign up on my list. That is the only way to get the download link and password for the BLTDVS toolkit. Once you sign up and confirm your subscription, the welcome email will give you instructions, a link to the new toolkit, and the password.
  3. If you bypassed the fade-in sign-up form when you arrived at this page, you can click here to go to another sign-up page or click on Sign Up! in the toolbar to the right.
  4. Download the BLTDVS toolkit from the link I send you.
  5. Extract the folder to the root of your hard drive.
  6. Download the Kaspersky Rescue CD ISO image
  7. Move the CD ISO image to the BLTDVS_toolkit folder?
  8. Plug in your thumb drive.
  9. Open the BLTDVS_toolkit folder and navigate to the DriveKey folder.
  10. Run HPUSBF.EXE (command line version) or HPUSBW.EXE (windows version) and format your thumb drive using FAT or FAT32. Deselect the “Create a DOS startup disk” option.
  11. Open the BLTDVS_toolkit folder and copy or move its contents to your thumb drive. Don’t move the actual folder.
  12. On your thumb drive, double-click avrescd.bat. This will extract the necessary files from the ISO image to your thumb drive. Be sure you specify the right drive letter for your thumb drive.
  13. Once the files have been extracted, makeboot.bat will be called automatically. See the caution in the next step!
  14. CAUTION! This step is dangerous! Heed the warning message. Please verify the correct flash drive letter is being displayed before proceeding. Do not run this file on your hard drive or your current MBR will be overwritten rendering Windows unbootable. (This isn’t a complete disaster, but it takes some geeky knowledge to fix it.)? NOTE: If you are usingVista, you may see a “failure to update the MBR” error. In this case, right-click the file and specify “Run as administrator.”
  15. Hit any key to exit. You now have bootable Linux thumb drive virus scanner that will handle NTFS drives as well as most other formats.

One really cool feature of the Kaspersky program is that it will allow you to update it over the Internet as long as you’re plugged into your network. It doesn’t work well with a wireless connection (which both of my laptops have), but I haven’t had a bit of trouble getting an address and updating when I’m plugged in.

Another great feature of the program is that it has a built in file manager, so you can also use it to recover files from an infected hard drive without having to boot into the native OS.

As always, feedback is welcome. I want to know how this tool is working for you.

(Thanks to PDLA ©2007 http://pendrivelinux.com and Lance ©2008? http://pendrivelinux.com. Syslinux is ©1994-2006 H. Peter Anvin http://syslinux.zytor.com for the files used in this tool.)

Cheers!
The Geek

14

Safe Computing Tips (and Other Changes)

I want to let everyone know of some new features you’ll be seeing here at Ask the Geek. First off, you’ll notice that there are more pages being posted. These are permanent pages that will always show up on the site, unlike the posts that usually wind up in the archives. I’ll be updating these frequently. The latest page is “Safe Computing Tips” and I suggest you check it out.

You’ll also notice a sign-up pop-up on some pages when you go to them. Please sign up so I can keep you up to date on new content and special offers from select vendors. I promise I won’t spam you with a bunch of useless junk; I will pass on any special offers that I become aware of from reputable hardware and software sellers.

For now, check out the “Safe Computing Tips” and sign up for my list. And be on the lookout for a new page that reviews top freeware, Open Source, and commercial software offerings.

As always, I’m glad to be of service and I look forward to keeping you as a loyal reader. If you ever need anything at all, feel free to hit the “Ask a Question” or “Leave Feedback” links over at the right.

Cheers!
The Geek

0

If You Don’t Download Foxmarks Now, You’ll Hate Yourself Later.

Forgive my cliche headline, but it’s true; if you’re using Firefox on more than one computer, you have to have Foxmarks. It will keep all of your PCs’ Firefox bookmarks synchronized.

The Foxmarks Bookmark Synchronizer automatically synchronizes your bookmarks between two or more computers running Firefox. It also lets you access your bookmarks from any computer anytime via my.foxmarks.com. An easy-to-use wizard guides you through the quick startup process. Then Foxmarks works silently in the background to keep your bookmarks up-to-date on all your computers.

It’s very cool and it works just like they say.

Cheers!
The Geek

Technorati tags: , ,

Filed in: Open Source, Software
0

Kool Tool – Datapol Does It Again

Back in December 2005, I wrote about how to make a thumb drive virus scanner using datapol’s NTFS4DOS, a Kool Tekkie Tool that allows you to read and write NTFS volumes from a DOS command line interface. Now, the good folks at datapol have come up with another winner: CIA DRiVE.net, a very cool remote recovery and offline antivirus utility that no IT pro should be without. There’s a free (read-only) demo available as well as Professional and Enterprise editions. I’m testing the Enterprise edition.

CIA DRiVE.net is the fastest and easiest method to access the drives of a remote computer over the network or the internet. Whether you simply want to transfer data from one PC to another (even in the case that the remote computer doesn’t boot Windows any more), backup or restore data over the network without a working Windows installation or whether you want to be able to perform an offline anti-virus check…with CIA DRiVE.net you get a full-blown solution for managing and recovering remote computers that is nearly…a perfect way to exchange data between computers that don’t belong to the same domain or workgroup.

This isn’t hype; it does everything they say it does. It works over TCP/IP and there’s no need to worry about domain names and workgroups, nor even which subnet you happen to be on; if you know the IP address of the computer you want to connect to, and it’s booted with the CIA DRiVE.net server, you’re good to go. I’ve tried it three ways: with an ethernet crossover cable (much better than a null modem cable); over the LAN in my office; and — this is really slick — over the Internet (you have to open port 45751 in your firewall). No matter how you hook it up, you can do anything to the remote PC that you can do on a local hard drive.

The other techs in my office thought it was pretty cool when I mapped the hard drive on my home computer to my laptop over the Internet and kicked off a full virus scan. Impressive. But there’s more. For those PCs that support it, you can wake them up with a magic packet or force a shutdown or restart. There’s also a user manager that in the Enterprise edition allows you to reset lost WinNT/Win2k/XP passwords that are stored in the SAM and in the Active Directory of Windows Server 2000/2003. If your network card on the remote PC is PXE-capable, you don’t even have to build boot media; the CIA DRiVE.net client has a built-in PXE server and will automatically upload the software to the remote machine.

The boot media maker allows you to make floppies or CDs and also create bootdisk image files: .img for floppies; .iso for CDs. Using an image, you should be able to make a bootable thumb drive, but I haven’t tried this yet. You can make the images available for download, or you can email them easily because they are quite small (less than 2MB).

The free version of CIA DRiVE.net is read-only, but will allow you to see how it works; the Professional version sells for $179 and allows up to 25 remote connections; the Enterprise edition sells for $299 and allows unlimited connections. Obviously, this isn’t a tool for casual use, but it can pay for itself quickly. For instance, saving just one client from major data loss by recovering data from an unbootable hard drive justifies the cost. It might even work on systems where the hard drive isn’t recognized by the BIOS. I haven’t tried it, but if you use the “direct disk access (bypass the BIOS)” option to make a boot disk, it should work in all but the most desperate circumstances.

If you got the feeling that I’m sold on this Kool Tekkie Tool, you’d be right. Check it out.

0

How to make a bootable thumb drive virus scanner for NTFS

Please note: the information in this post is outdated. This post has been superceded by “How to make a bootable thumb drive virus scanner for NTFS: 2008 update.” Please do not post a comment saying that this post is out of date – I just told you that! Go to the latest post.

My latest Kool Tekkie Tool (KTT, pronounced “kit”) comprises a thumb drive made bootable with :datapol:’s NTFS4DOS; the latest version (3.16b) of FRISK Software International’s F-Prot Antivirus for DOS is run from the command line. Both of these utilities are free for personal use, but require payment if you plan to use them in a commercial setting: NTFS4DOS is only $25; F-prot is $29 for a 20-user license.

NTFS4DOS is, in itself, a KTT. It allows you to make an NTFS-capable floppy disk or thumb drive and comes with chkdsk and defrag utilities to boot. First, make your drive bootable by following the instructions in my LockerGnome article, “Kool Tool to Make Your Thumb Drive Bootable.” CAUTION! This will completely erase your drive; be sure you have your data backed up before you start. Then, download NTFS4DOS and run the setup. From the NTFS4DOS program group, select “Create NTFS-capable boot floppy.” Select the drive letter of your thumb drive and click Next twice. Your thumb drive is now bootable and NTFS capable.

Next, download F-prot, the latest virus signatures and the latest macro virus signatures and extract them to a folder on your thumb drive. You’re ready to go! Plug it in and let’s take it for a spin.

Make sure you set your PC’s BIOS to boot from your thumb drive. On most machines, you do this by making “USB” or “Removable Device” first in the boot order. If all goes well, the PC will boot to a startup menu. Choose NTFS4DOS; you’ll see the drives being mounted and if you are using the freeware version, the screen will scroll to the NTFS4DOS title screen; you will have to answer “yes” to the question “Do you use this version of NTFS4DOS for private usage only? (Yes/No):” You’ll see the mounted drives at the top of the screen and the C:\> prompt at the bottom. Change to the folder where you stored F-prot and run f-prot.exe to do a virus scan.

Pretty Kool, eh?

9
© 2017 Ask the Geek. All rights reserved.