Friday, July 15, 2011

SMBMOUNT

* boot machine with sleuthkit, smbfs, clamav (w/updated definitions), etc.

* mkdir -p /data/<casenum>/<dir/code name as listed on file server>/ /work/<casenum>/<partnums(s)>/

* smbmount //192.168.8.103/<dir/code name from file sever /data/<casenum/<dir/code name>/ -o username=user,password=pass,ro

* run mmls on image file: mmls /data/<casenum/<dir/code name>/image.dd

* find offset of partitions to mount - start sector (63) * default block size (512) = 32256 (for first partition)

* mount -o loop,ro,noexec,nodev,offset=32256 /data/<casenum>/<dir/code name>/image.dd /work/<casenum>/<partnum>/

Thursday, July 14, 2011

Local Ubuntu package repository

So I am trying to figure out the best way to create a local repository for Ubuntu (yes I am ashamed it is not for Debian) - Natty. So far I have come across this command for pulling down the packages - debmirror -v --host=archive.ubuntu.com --method=http --root=ubuntu --arch=i386 --dist=natty,natty-updates,natty-security --section=main,multiverse,restricted,universe --nosource --passive natty --ignore-release-gpg

Still working/researching if this is the best way and then how to point all the non-internet accessible machines to the one machine that debmirror was run on. Suggestions welcome!

Merging/Splitting PDF's

http://www.pdfsam.org/

Performing bulk whois/ASN lookups

http://www.team-cymru.org/Services/ip-to-asn.html

Wind0ze Commands of possible relevance.

~Uptime:
========
systeminfo | find "Time"

Merge split files (like Unix cat):
==================================
copy /B file1+file2+file3 entirefile.out