Category Archives: Operating Systems

Overarching category for OS’s

Securing a Linux Server: SSH and Brute-Force Attacks

If you have a web server, then you are the target of many possible attacks. *ANY* port you have open on that server can be exploited, so you if you value your uptime and your data, you need to secure it. This article focuses on locking down your SSH configuration and user permissions.

If you’ve had your server online for a while without locking down your SSH configuration, have a look at this file: /var/log/secure and see if you’ve got a lot of connection attempts.

This is what a brute-force attack looks like:

[prompt]$ sudo less /var/log/secure
May 31 22:42:12 yourdomain sshd[25711]: Failed password for invalid user alberto from 190.2.35.25
port 32976 ssh2
May 31 22:42:12 yourdomain sshd[25712]: Connection closed by 190.2.35.25
May 31 22:46:11 yourdomain sshd[25714]: Connection closed by 190.2.35.25
May 31 22:56:46 yourdomain sshd[25717]: Invalid user neil from 190.2.35.25
May 31 22:57:10 yourdomain sshd[25717]: reverse mapping checking getaddrinfo for customer-static.someisp.com failed - POSSIBLE BREAK-IN ATTEMPT!

Using Geobytes (or a similar IP address locator), I can see that some hacker-bot in Argentina was guessing both usernames (e.g. alberto, neil) and passwords every few seconds. F*#K!!

The Solution

Here’s what the solution to this problem entails:

  1. Add users for each person accessing the server.
  2. Create a password for those users.
  3. Fly to Argentina and show Sancho I got something for his punk-ass. Just kidding… are you still paying attention?
  4. Add the necessary user(s) to the sudoers file. You don’t want anyone to have direct root access, so this file defines who gets sudo privileges.
  5. Create a public/private ssh key to use in logins.
  6. Install the public key(s) on the server. This will enable the server to recognize the owner of the private key (i.e. you).
  7. Turn off Password Authentication
  8. Disable Root Access

Creating an SSH Key on your Desktop Machine

Keys come in pairs: a public key and a private key. You’ll keep your private key on your machine (in a secure place), the public key you upload to the servers you want to connect to.

You can use different algorithms to generate the key; this shows you how to do it using the DSA algorithm, which is considered more secure (as of this writing).

Open your Terminal and type the following, then just press enter for the default file location. (OS X users can just open their Terminal. Windows users will have to use Cygwin or Putty).

* Do a man ssh-keygen on your machine to see if you require different options to create a dsa key.


[prompt]$ ssh-keygen -t dsa
Generating public/private dsa key pair.
Enter file in which to save the key (/Users/youruser/.ssh/id_dsa):

Type a passphrase (twice).


Enter passphrase (empty for no passphrase):
Enter same passphrase again:

And now you get something like this output:


Your identification has been saved in /Users/youruser/.ssh/test.
Your public key has been saved in /Users/youruser/.ssh/test.pub.
The key fingerprint is:
12:34:56:78:01:23:ab:a7:42:2b:46:5a:3f:fc:4c:ca youruser@ComputerName
The key's randomart image is:


+--[ DSA 1024]----+
| o o++o |
| o+ . oo.. |
|++.o .. |
|*o. + . . |
|+. . * S |
| E o . |
| |
| |
| |
+-----------------+

The ASCII art thing is a new feature, allowing folks to visually identify different keys.

For more information about SSH on OS X, please refer to Dave Dribin’s excellent blog:
ssh-agent on Mac OS X 10.5 (Leopard)

Back on your Web Server

Now that you’ve created your public and private key on your desktop machine, you need to head over to your web server and make some changes.

1. Log into your web server and create users

If you are still logging in as the root user, you need to create other users:

Create a user:
adduser your_username
Create a password for the user:
passwd your_username

Test logging in as this user now. From your desktop machine, try
ssh your_username@your_webserver.com

2. Give One User Sudo Privileges

Now that you have a user other than the root user, you should lock down the root user and push root privileges to the sudo command. The goal here will to disable root logins entirely.

You will need to switch to the root account to perform the following. You can either login as the root account from your desktop machine, or switch to the root account by using the Switch User command (su):
[prompt]$su - root

You grant sudo privileges to your users by editing the sudoers file… but you can’t simply edit that file. You must use the visudo command. This is a very special variant of the VI text editor which is designed for a single purpose: to edit the sudoers file. The security of your entire server can be compromised by this single file, so the visudo command ensures that any editing of this file never allows it to be in a state where its permissions could be compromised.

Other than that, the visudo program works like the VI program — it’s a text editor, but you should familiarize yourself with the editor before messing with your sudoers file.

WARNING: You can lockout ALL users from your machine if your fat fingers or VI ignorance corrupt this file!!! If you are at all unsure of your VI abilities, please review our article: VI Overview.

The goal in editing this file is the addition of a single line of text:
your_poweruser_name ALL=(ALL) ALL

There are a lot of other custom modifications you can make to this file to allow certain users access to individual functions, but that’s a more advanced topic.

Save the file, but DO NOT CLOSE THIS WINDOW. If you made a mistake, you need access to this file in order to fix it. I recommend leaving this window open until you’ve got EVERYTHING locked down and you’ve verified that it works.

Again, go back to your desktop machine and test that you can still login using a password. Once you’re in, try using the sudo command and make sure that you an use it to execute commands.

Add Your Public Key to the Web Server

In a new window, login to your web server from your desktop machine. You should still be prompted for your password.

See if you’ve already got a .ssh directory in your user’s home directory:
[prompt]$ ls -Gal

If you don’t have it, create it:
[prompt]$ mkdir .ssh

Now, move into that directory:
[prompt]$ cd .ssh

If you don’t already have a file named authorized_keys, you need to create it (again, you can use the VI text editor)

You need to paste your entire public key from your desktop machine into this file on the web server. IT MUST FIT ON ONE LINE. SSH expects each key to occupy a single line.

*In VI, you can hit ESC then type :set nu to see line numbers.

Once you’ve pasted in your key, save the file and adjust the permissions:

[prompt]$ chmod 644 ~/.ssh/authorized_keys
[prompt]$ chmod 755 ~/.ssh

Remember:
1. Each public key occupies ONE LINE in the authorized_keys file.
2. The authorized_keys file must be read-only for the group and others: 644.
3. The .ssh directory can’t be group writable: 755

Disable Password Logins

The goal here is to disallow random hackers guessing at passwords by disabling password logins entirely. Logins will be verified via keys, and we change how SSH behaves by editing the /etc/ssh/sshd_config file.

Make the following edits to the /etc/ssh/sshd_confg file e.g. by typing sudo vi /etc/ssh/sshd_config

Uncomment the PasswordAuthentication line to
PasswordAuthentication no

And change the line for PermitRootLogin to:
PermitRootLogin no

Then reload the conf:
[prompt]$ sudo /etc/init.d/sshd condrestart

WARNING: KEEP THAT WINDOW OPEN. Open a new window, then try to login as your user once again. You shouldn’t be prompted for your password… you should be prompted for your passphrase — this is the passphrase you created when you created your key.

Try switching to the root account after logging in:
[prompt]$ su - root

And finally, attempt to login as the root user from your desktop. It should fail.

Summary

Congratulations! If you’ve gotten this far, you’ve taken some big steps in securing your server.

Once you’ve verified that all of this stuff works, you can close the login windows. If something did not work, LEAVE THOSE WINDOWS OPEN and call a friend — find someone who knows Linux system administration to help you out. This is even more important if you don’t have physical access to your server.

Links

Here’s an article I referenced while writing this:
http://www.webmasterworld.com/linux/3285421.htm

Create a Bootable Linux USB Flash Drive with UNetbootin

With the rise of the Netbook, optical media (CDs/DVDs) may be marching toward eventual obsolescence. Even if optical media doesn’t disappear anytime soon, certain tasks such as creating a Linux-based boot disc are faster and more convenient when using a USB flash disk rather than a CD.

Let’s work on creating a Linux-based bootable flash disk. To do this, we will use the UNetbootin software.

UNetbootin – Main site

UNetbootin – Download (Windows)

You will also need an empty USB flash drive, preferably 1 GB or larger. I’m using a 1 GB Lexar drive formatted as FAT32.

Boot Disk Creation

UNetbootin is available for Windows and Linux. We’ll use Windows for the purposes of this tutorial. First, you need to download and launch the program (it’s portable – no installation necessary).

UNetbootin - Main

Once it’s launched, you can either provide it with a Linux ISO that you have already downloaded, or pick a distribution from the list and let UNetbootin download the necessary files for you. Most popular distros are supported, including Ubuntu, Fedora, OpenSUSE, and Mandriva. You can also choose various system utilities such as FreeDOS, SystemRescueCD, Parted Magic, and the Dr. Web Antivirus Live CD.

I chose to use an ISO of Ubuntu 9.04 that I had already downloaded. All that’s left to do is make sure your flash disk is plugged in, choose it from the list, and click OK.

UNetbootin - Extracting

Away it goes! UNetbootin will gather the appropriate files, copy them to the flash disk, then automatically install a bootloader. This process may take several minutes to complete depending on the size of the distro. Ubuntu took about 7 minutes or so to complete on my machine, but I’m still using a single-core processor. Hey, it may be slow, but it does everything I need it to do.

When the process finishes, it will prompt you to reboot, which is entirely optional.

UNetbootin - Complete

Hit Reboot Now if you want to go ahead and test your new boot disk on the machine you’re currently using. Otherwise, just exit.

Activate the Partition

Chances are high that your new boot disk will just work, but if you get any strange boot errors, you may need to activate the partition. We can do that with the diskpart utility.

I’m using Server 2008 for this demonstration, but Vista should look and act the same way.

Launch a new Command Prompt (Vista – right-click and choose to Run as Administrator). Type:

diskpart

Now you should have a DISKPART prompt. We need to figure our the drive number for your flash disk. Type:

list disk

If you have several drives, just look at the size to determine which one is the USB flash drive. Mine is obviously Disk 3.

select disk 3

select partition 1

active

That’s it. You’re finished. By typing the active command, you have specified the current disk and partition as active. You can type exit to quit.

Command-Prompt-DISKPART

Booting From the Disk

With the USB flash disk plugged in, go ahead and reboot the computer. This next step is different on many machines, but right as the computer first boots, look for a keystroke to choose a boot device. The key for my motherboard is F8, but it may be F11, F12, or some other key entirely on yours.

Once you find the right key, you should get a menu that allows you to choose a disk or drive from which to boot.

First-Boot-Device

Here I have chosen my Lexar USB flash disk from the boot menu. Provided it boots normally, you should get a UNetbootin bootloader like this:

UNetbootin-Booting

Choose the Default option to start booting, and the rest should function just like a typical live CD. Here’s Ubuntu booting from my USB drive:

Ubuntu-Booting

Once nice part about using flash media as a live environment is that individual programs are far more snappy than when running from a CD. For instance, OpenOffice loads from my flash drive in under 10 seconds. Launching OpenOffice from a live CD might take minutes!

One last thing: remember that the distros that UNetbootin creates are substitutes for CD boot discs, not fully installed Linux operating systems. In other words, they are not persistent – any data that you create or modify will be lost the next time you reboot (just like when working with a normal live CD). Keep that in mind as a limitation. There ARE exceptions, like Puppy Linux, which lets you save your data directly to the USB flash drive.

Happy booting!

Install Warcraft 3 on Ubuntu Linux – A Visual Guide

warcraft3-lichWarcraft 3 may be far from the hottest new game out there, but it’s still one of the most fun games I’ve ever played. And thanks to advancements in the WINE project, it’s also easy to install and run on the Linux operating system. Plus, it doesn’t require massive hardware just to run decently.

I remember trying to get my Warcraft 3 Battle Chest running in Linux a few years ago and ran into several problems. Now, it’s practically a point-and-click experience.

While these directions are specific to Ubuntu, most any other Linux variant should be similar. I tested these instructions on both Ubuntu 8.04 LTS and the current version 9.04. All the screenshots are from Ubuntu 9.04 Jaunty,

The main system specifications I used are quite modest ancient indeed, but Warcraft 3 ran fine anyway.

  • Processor – AMD Athlon XP 2400+ (2.0 GHz)
  • RAM – 1 GB PC2100 (266 MHz)
  • Video Card – Nvidia GeForce 7600 GS (512 MB)

1. Video Drivers

ubuntu-hardware-driversIt goes without saying that in order to play most video games, you need video acceleration. Fortunately, the last few releases of Ubuntu have all offered a convenient way to install proprietary video drivers.

To install most common video drivers, go to System → Administration → Hardware Drivers. You can see if you already have a proprietary video driver in use, or if there is one available to install.

Ubuntu found and installed a driver for my Nvidia card just fine. I don’t own any ATI video cards, so I cannot offer any help there. If you run into any trouble, take a look at the Ubuntu Guide.

To see if you have video acceleration enabled, fire up a Terminal and type:

glxinfo | grep direct

If the direct rendering response is Yes, then you’re in business.

2.  Install WINE

WINE is a translation layer with a somewhat-humorous full name of Wine Is Not (an) Emulator. No matter what you call it, WINE provides an easy way to run a growing number of Windows applications on Linux and other POSIX-compatible operating systems.

Installing WINE on Ubuntu is as simple as launching a Terminal and typing:

sudo apt-get install wine

synaptic-wineAlternatively, you can launch the Synaptic Package Manager (System → Administration) and search for wine. Just add a check next to the wine package, then click the Apply button to download and install.

Following these instructions will install the latest stable release of WINE. On Ubuntu 9.04, the current stable WINE release is version 1.01. To find out which version you have installed, launch a Terminal and type:

wine --version

I found that both version 1.0 and 1.0.1 worked well for running Warcraft 3. If you want to install a more-recent Beta version, follow the instructions on the WineHQ site.

wine-configuration-alsaOnce WINE is installed, go ahead and launch it (Applications → Wine → Configure Wine). The default settings should be fine, but I do suggest that you take a look at the Audio settings and ensure that a suitable sound driver is selected.

I suggest sticking with the ALSA driver by default. If the sound is garbled or doesn’t work well, try switching to the older OSS driver.

Click OK to save your settings. Now it’s time to install Warcraft 3.

3. Game Installation

This may come as a shock, but installing Warcraft 3 on Linux is practically no different from installing it on Windows. You will need a copy of the game and valid serial numbers. If you don’t have it, the Battle Chest is pretty cheap.

warcraft3-discPop in the CD for Reign of Chaos. You should see an icon for the disc load on your desktop. Double-click that disc icon to view the contents. Find the file called install.exe and open it. It should open automatically with WINE and start the installation process.

From there, install the game just as you would on a Windows system, including choosing an installation path of C:\Program File\Warcraft III. Yes, WINE handles that for you automatically.

warcraft3-install-directoryAllow the game to install as usual. If you have The Frozen Throne expansion pack, install it as well. Do not play the game yet!

Update Patch

Recent Warcraft 3 game updates have removed the requirement to run with the original disc in the drive. Therefore, unless you’re just a glutton for punishment, I suggest downloading and installing the latest game patch instead of hunting for a No-CD crack.

Here’s a direct link to the patch page. The current game update (as of this writing) is 1.23a. Once it downloads, just double-click to install. It should open with WINE and install just like on a Windows machine.

blizzard-updater

Note: once the Blizzard Updater finishes patching the game, it will try to launch Warcraft III automatically. If the game crashes or freezes, don’t worry. We’ll fix that in the post-installation below.

4. Post-Installation

On my system, the game froze upon first launch. The reason is that it tries (and fails) to play the opening cinematic video. We can easily work around this issue by renaming the Movies folder.

wine-browse-cGo to Applications → Wine → Browse C:\ Drive. Pretend that you’re on Windows now and continue to Program Files → Warcraft III. Rename the Movies folder to something else, such as _Movies.

As you might suspect, this is only a workaround and not a true fix. It prevents any in-game cinematic videos from playing, but does not affect game-play in any way. You can still watch those videos at any time by opening them in something like Totem or VLC.

Try launching the game now. You’ll find it under Applications → Wine → Warcraft III.

Visual Effects

Here’s another minor issue you might run into. When you launch the game, it runs fine, but you still see the horizontal Ubuntu panels across the top and bottom. Annoying, huh?

ubuntu-visual-effectsIt’s easy enough to fix. On my system, I found that they were caused by having some visual effects enabled in Ubuntu. As nice as the eye candy may be, try disabling it before launching Warcraft III.

Navigate to System → Preferences → Appearance and switch to the Visual Effects tab. Set the level to None. When you launch the game again, the panels should be gone.

Create Launcher

Now that the game is installed and working, let’s create a launcher for it.

Right-click on your desktop and Create Launcher. Here are some parameters:

  • Type – Application
  • Name – Whatever you want
  • Command – “/home/your-username/.wine/drive_c/Program Files/Warcraft III/Frozen Throne.exe”

The command is simply the full path to the Warcraft III executable file (in quotes). You can also add some options at the end of the command, after the quotes. For instance, you may get better performance by adding an opengl option, like this:

"/home/your-username/.wine/drive_c/Program Files/Warcraft III/Frozen Throne.exe" -opengl

You can stack the options. For instance, if you want to require opengl AND make the game run in its own window, try this:

"/home/habibbijan/.wine/drive_c/Program Files/Warcraft III/Frozen Throne.exe" -opengl -window

Icons

If you’re looking for a couple of good icons to use with your launcher, feast your eyes on these.

Warcraft 3 icons.zip

Game Screenshots

For your viewing pleasure, here’s are a few screenshots of Warcraft III running on Ubuntu. I ran the game in window mode instead of full-screen to prove that it does work on Linux. Yeah, I enjoy Skibi’s Castle a lot.

Image 1:

Image 2:

Image 3:

Image 4:

Image 5:

Have fun! If you have any additional tips for running Warcraft III on Linux, let us know in the comments.

Resize and Create Disk Partitions with EASEUS Partition Manager (Windows)

Easeus Partition Manager - Main Disk partitioning is a volatile task, but it doesn’t need to be scary. Resizing a disk or partition in Windows is generally safe and easy, but you should still back up your critical files before messing with partitions. You never know what might happen.

EASEUS Partition Manager is a free alternative to popular hard disk management tools such as Partition Magic. EASEUS can easily shrink, enlarge, and move partitions without losing any data. It can also copy disks and partitions, change disk labels, format, explore, convert FAT to NTFS, and hide partitions. The Home edition is completely free for personal use, but it has a few limitations.

Limitations of the free edition:

  • Does not work with server operating systems, such as Windows Server 2008.
  • Only works with 32-bit operating systems. The Professional version supports 64-bit OSes.
  • Bootable CD/DVD not available.

EASEUS Partition Manager is painlessly simple to use. I like that you can preview all tasks before applying any changes. The main interface is simple and uncluttered (and surprisingly similar to Partition Magic!). One of the most common questions users new to partitioning ask is how to shrink an existing single-partition layout and create a new disk partition with the remaining space. The demonstration below will do just that.

Shrink An Existing Partition

Easeus Partition Manager - Resize Before we can create a second partition on our disk, we must first shrink the existing one. EASEUS Partition Manager is designed to resize partitions without causing any data loss, but I suggest first backing up any critical data just to be safe.

Launch the program and select the disk or partition that you wish to resize. Clicking the Resize/Move button at the top will launch a new window that lets you visually drag the edges to resize the partition. You can also click anywhere in the middle of the existing partition and drag it left or right to determine its placement on the disk.

Click OK when you are done. Notice that the visual reference of the partition layout has changes but nothing has actually happened yet. You can see the pending operations on the left side of the program. Clicking Undo will dismiss the operation, and clicking Apply will commit the changes to disk.

Create a New Partition

Easeus Partition Manager - Create Before we apply the changes, let’s create a new partition with the free space that we just allocated by shrinking the existing partition. First, select the Unallocated space and then click the Create button at the top. Just like before, a new window will spawn that allows you to set any additional parameters that you like for the new partition.

The default file system is NTFS, but you can also choose FAT32, plain old FAT, or you can opt to leave it unformatted.

Once you’ve reviewed the Operations Pending on the left, take a deep breath and click the Apply button to start the process.

Easeus Partition Manager - Partitioning EASEUS Partition Manager needs exclusive access to the drive for most operations, so don’t be alarmed when the program asks if it can automatically reboot your computer. Once the computer restarts, the partitioning process will begin.

Your computer will boot into a limited startup state called the EASEUS Partition Master Boot Mode. In this limited state, all the scheduled operations will process. Depending on the size of your hard disk and the number of operations, this process may take a long time, so go grab a cup of coffee and let it work.

When it finishes, your computer will automatically reboot again, and hopefully come back to life with its new partition scheme in place.

For a free program, EASEUS Partition Manager packs quite a punch. Perhaps its greatest strength is its simplicity – even a person completely new to disk partitioning should be up and running in a matter of minutes.

EASEUS Partition Manager works with Windows 2000 SP4 through Vista 32-bit and supports hard disks up to 1.5 terabytes. For an open-source alternative, take a look at GParted.

Another Easy Way to Try Linux (Portable Ubuntu)

Want to give Ubuntu Linux a shot, but worry that you will somehow mess up your Windows installation? Fear not! I’ve written before about Three Easy Ways to Try Ubuntu Without Breaking Anything. Now here is another option to try:

Portable Ubuntu – via Sourceforge.net

Portable_Ubuntu_-_Dock_1 With Portable Ubuntu, you can run an entire Linux distribution within Windows. As the name implies, there’s nothing to install – you can run it directly from your hard disk or from a large USB flash drive.

Portable Ubuntu is built from the same base as andLinux, a system that allows you to run Linux seamlessly within Windows. Unlike running Linux from within a virtual machine, there’s no unique desktop – all you get is a taskbar, and any applications that you run hook into the native Windows title bars and other, um… windows.

To get started, first go grab the download package. Big file warning – the download archive is over 430 MB as of this writing. It’s even larger once unpacked, so if you plan to run Portable Ubuntu from a USB flash drive, make sure it’s a big one!

Next, double-click the EXE file to unpack it, or just use your favorite un-archiving utility. You should end up with a folder called Portable_Ubuntu.

Portable_Ubuntu_-_BAT_file

Inside that folder you will find a file called run_portable_ubuntu.bat. Yes, that’s the file to open to get Portable Ubuntu running. On Windows XP, just double-click that file. On Vista, try right-clicking it and choosing Run as Administrator.

Windows_Security_Alert_-_UnblockOnce you’ve launched the batch file, your software firewall will prompt you to unblock a few things, such as coLinux and Xming X Server. Go ahead and unblock them.

Depending on the speed of your computer, it may take a minute or two to get Portable Ubuntu running. Eventually a new menu-bar will appear, likely at the top-center of your screen. Feel free to grab it and drag it anywhere on the screen that you like, though I found that dragging too fast will “lose” the grip on the menu-bar. Tip: yes, it works great in a multiple monitor setup.

The menu bar looks something like this:

Portable_Ubuntu_Bar

Usage

At this point, you can use Ubuntu pretty much like you normally would, with the exception that it is now fused into your Windows installation. Any programs that you launch will look and act more like typical Windows applications. For instance, here’s the Transmission Bittorrent Client running on Windows:

Portable_Ubuntu_-_Transmission

Portable_Ubuntu_-_mnt_CBecause Portable Ubuntu is running within Windows, you should have no trouble creating, editing, and saving files anywhere on your computer. Speaking of which, if you choose Home folder from the Ubuntu Places menu, you will end up by default in /home/pubuntu. To quickly jump to your Windows files, just browse to /mnt/C/ (or whatever your hard disk letter is called).

Everything that you do within Portable Ubuntu is persistent and self-contained. So, feel free to add/remove applications or run a system update. Important: The default root password is 123456.

Any changes will still be there the next time you boot the system, even if you’re running from a USB flash drive on another computer. In fact, this is a great way to carry a familiar working environment around with you if you tend to hop around on different computers a lot.

How is the performance, though? Not terrible, but not native, naturally. Most activities feel just like they’re running in a virtual machine. In my case, I’m still running a single-core processor, and Portable Ubuntu is pretty snappy overall. My main area of complaint about sluggishness is during screen refreshes. For instance, anything that causes the administrative access password prompt to appear may take several seconds to redraw the darkened overlay across the screen. Scrolling in Firefox is definitely slower than when it’s running natively, also. Actually, anything involving video will take a big performance hit, but you wouldn’t try to watch videos or play a game on a virtual system, would you?

Otherwise, Portable Ubuntu is quite usable for most people in most cases. Certainly users who simply wish to gain more Linux experience should be happy with the performance.

If you ever feel like ridding your system of Ubuntu, all you have to do is shut it down (System menu), exit the TrayRun utility, then delete the Portable_Ubuntu folder. Poof, the whole thing is gone!

Summary

Portable Ubuntu is definitely cool, and will appeal mostly to people in one of three categories:

  1. People who have little Linux experience and want to gain more familiarity.
  2. People who want to carry a persistent Linux workstation between multiple computers.
  3. People who enjoy Linux AND Windows, who don’t want to deal with the inconvenience of dual-booting all the time.

I find myself mostly in the third category. How about you?

There we have it – yet another way to try Ubuntu Linux without the risk of breaking your Windows install. Whether or not it becomes your new favorite OS, at least you should have no more fear about giving it a shot. Enjoy.

Ghost Windows for Free with Paragon Drive Backup Express (A Visual Guide)

Paragon - Disk icon Sometimes the healthiest thing you can do with your Windows installation is to just nuke it and start over from scratch. If you’ve ever done that before, you know just how long it takes to get all your files transferred, drivers and programs reloaded, and updates patched. The process can take hours, even days. While a true geek might actually enjoy the process a tiny bit, it’s much more satisfying to create a disk image of your pristine Windows install that you can revert to if it gets screwed up later.

I’ve written about this process a few times before, but today I would like to introduce Paragon Drive Backup Express. Essentially, Drive Backup Express (DBE) is the free version of Paragon’s commercial software. As expected, it lacks features compared to its commercial siblings, but is still quite usable. Hey, it’s hard to complain about free software.

Features

Let’s look at some features of Express (free) versus Personal Edition (commercial) as of 31 March 2009:

Paragon Drive Backup Express Features

Don’t expect too much here – you won’t find any fancy features like scheduling, encryption, incremental backups, or image browsing. The Express version basically gives you the ability to make a backup of your disk/partition, plus the ability to restore it later. No more, no less.

Compared to the free version of Macrium, Reflect, the most glaring omission of DBE is the inability to back up straight to CD/DVD. If you can live with these restrictions (and most people can), DBE is a capable tool. Perhaps because it lacks all the fancy features, it’s also VERY easy to use.

Requirements

Drive Backup Express officially supports all versions of Windows from 2000 SP4 to Vista (32/64-bit). Sorry, no server operating systems are supported by the free edition. Supported file systems include:

  • NTFS
  • FAT16 and FAT32
  • Linux EXT2, EXT3, and swap
  • HPFS

Because DBE supports some Linux file systems, you should be able to back up and restore Linux partitions. I have not tested this capability… yet.

Other requirements are minimal. At the least, you will need:

  • A place to store the image after it is created – yes, DBE can store the disk image directly onto the C:\ drive as it is created, but you need another place to host the image if you plan to erase and restore the C:\ drive. Make sense? A few options include:
    • a large USB flash drive might work (4 or 8+ GB)
    • a blank DVD
    • an external hard drive
    • a spare internal disk or partition

Before we begin, PLEASE BACK UP YOUR CRITICAL DATA! It should be common sense that whenever you are working with disk imaging, you need to have backups of important data. Get a spare hard drive, burn everything to DVD, or look at some online storage (I highly recommend Dropbox).

The Process

Here’s an outline of the entire process:

  1. Install Drive Backup Express
  2. Configure Your System
  3. Create the Disk Image
  4. Verify the Disk Image
  5. Create the Rescue CD
  6. Restore the Disk Image
  7. Final Thoughts

1. Install Drive Backup Express

Here’s the DBE download page. There are separate downloads available for 32-bit versus 64-bit operating systems. Not sure whether your system is 32-bit or 64-bit? If it’s Windows 2000, it’s 32-bit. If it’s XP or Vista, hold down the Windows key and press Pause/Break. Look for the System information.

System - 32-bit

2. Configure Your System

This one is up to you – configure your system in a way that you would like to preserve. A freshly installed state is perfect, but if don’t feel like doing a complete re-install, here are a few suggestions:

  • Get the latest security patches from Windows Update.
  • Defragment your disk.
  • Scan your system for malware.
  • Clean out any unused or unnecessary applications.

I tend to create two disk images:

  1. A freshly installed system with only the latest drivers and security updates.
  2. A full image that also contains all my typical applications.

3. Create the Disk Image

Now it’s time to create our image. When you launch DBE, you will see a Welcome screen featuring a happy guy with an unbranded Macbook. Are we to assume that he just restored his BootCamp partition? Or maybe he’s happy that the Dow Jones Industrial Average actually went UP for a change? Anyway, I digress.

Paragon Drive Backup Express - Main

Click the Back up Disk or Partition option. The Simple Backup Wizard will appear.

Paragon Drive Backup Express - Simple Backup Wizard

Follow the prompts to begin creating the image. First things first, select which disk or partition you would like to image. You may choose either a single partition or the entire hard disk, complete with the Master Boot Record (MBR). Unless you absolutely know what you are doing, go ahead and back up the partition table (called the Hard Disk Track) as well as the MBR. You will need them if you have to do a restore from bare metal.

Paragon Drive Backup Express - Simple Backup Wizard 2

Next, choose a place to store the image. As mentioned before, you cannot burn the disk image directly to a CD or DVD, but you can store it directly on the currently running partition. In other words, if you are running from drive C:\, you can choose to store the image directly on the same drive. Drive Backup Express is smart enough to exclude the chosen storage directory and not create an infinite loop. However, you must move the image to a different location (DVD, flash drive, etc) BEFORE you can restore it since it is not possible to restore a disk from itself.

Store the image wherever you like, such as on the C:\ drive, a spare partition, or on an external disk. Note: you CAN also map a network drive and store the image directly on a networked computer. To do so, click the Network Drive button on the Backup Destination page.

Paragon Drive Backup Express - Backup Destination

Browse to find your networked computer and map a network drive to a shared folder. Enter the login information for the remote user. Note: that user must have read AND write privileges for the shared folder or DBE will not be able to store the image there. Also, though DBE can create your image over the network, I have not yet found an easy way to restore it over the network. Before you can restore it, you must transfer it to a DVD or some other external media.

Paragon Drive Backup Express - Map Network Drive

Once you’ve chosen your destination, hit Next. DBE will immediately begin creating and storing your image. This process may take a while, so go have a coffee break.

Paragon Drive Backup Express - Backup in Progress

And it’s done! Hooray!

Paragon Drive Backup Express - Backup Complete

Now that your backup is complete, let’s talk about how to verify and restore it.

4. Verify the Disk Image

This step is optional, but I encourage you to do it anyway. You don’t want to find out the hard way that something is wrong with the image that you created.

Back on the DBE Welcome screen, click the Check Archive Integrity button to launch a new wizard.

Paragon Drive Backup Express - Archive Integrity Wizard

Browse to find the disk image that you created. DBE also keeps a list of archives that you have made, so you can just select it from the list.

Paragon Drive Backup Express - Archive Integrity Wizard 2

Depending on the size of the archive, it may take several minutes to verify its integrity. Go refill that coffee or maybe play an online flash game.

If all goes well, the verification should complete without errors.

Paragon Drive Backup Express - Archive Integrity Wizard Complete

5. Create the Rescue CD

Before we can restore the image, we must create the Rescue environment. After all, if we’re going to erase and restore the current operating system, we can’t have that system running, can we?

Back on the DBE Welcome screen, click the Build Recovery Media option. The Recovery Media Builder will launch.

Paragon Drive Backup Express - Recovery Media Builder

You have a choice: you can build the Rescue environment on either a CD/DVD or Flash Memory. If you know that your computer supports booting from a USB flash drive, this is a great choice. Otherwise, stick to the standard CD approach, which I will use for this tutorial.

Paragon Drive Backup Express - Recovery Media Type

Before you can build the recovery ISO, you have another choice: Typical settings, Advanced, or User-specified ISO.

Paragon Drive Backup Express - DVD Creation Options

Typical – use this option if you just want to accept the default recovery package and start burning the disk. It will build a Linux-based boot disk with a minimal set of tools for restoring your image(s). If you’re unsure, go with this option.

Advanced – similar to the typical settings, but also gives you an option to add your own files or folders to the standard recovery image. For instance, if you have room on your DVD, you could add the folder where you stored the image itself. That way your recovery media also conveniently contains the disk image. Nice.

User-specified ISO – only choose this option if you already have another recovery ISO in mind to burn. Most users won’t have this.

Once you’ve made your choice, create your media. DBE can burn the disc for you directly, or you can choose the Emulator device option to build an ISO that you can burn later with a tool like InfraRecorder.

Now that your recovery media is ready, let’s move on to the restoration process. Please continue to the next page.

Share and Sync Your Music Library With MediaMonkey

MediaMonkey logo Here’s the situation: my wife owns an iPod Nano. I own a Sandisk Fuze. We BOTH would like to access and share the SAME music library. Furthermore, we use different computers but don’t want to waste storage space by duplicating all the songs. In other words, I want to be able to rip a CD on MY computer and have it show up in HER music library (and vice versa). Is this possible?

YES.

Before we get started, here are a few issues to consider:

  • This article focuses on MediaMonkey installed on Microsoft Windows. An iTunes-based article is forthcoming.
  • In this setup, one PC acts as a server and one PC (or more) acts as a client. All the music files are stored on the host, naturally.
  • Following this tutorial works best if you are setting up a new music library from scratch. Yes, you can share an existing music library, but I strongly suggest backing up your music files and database before you begin. I am not responsible for lost data.
  • If you’re planning to share the same library with differing brands of portable music players, I suggest sticking to the MP3 format. Then again, you probably already knew that.

Why MediaMonkey?

It’s free. It’s easy to use. It plays most any file type. Best of all, it supports multiple types of MP3 players, including my wife’s iPod and my Sandisk Fuze.

Set Up The Host PC (Server)

Shared Music folderAs mentioned above, one computer should serve as the host for the music library files. The first thing we need to do is choose a place to store all the files. In my case, I’m using D:\Shared Music on the host computer. Adjust your path accordingly.

Network Shares

No matter what folder you choose, you need to set it as a network share with READ and WRITE privileges. Instructions will vary slightly depending on the specific operating system, but start by right-clicking the folder and looking for a Share option.

A quick note about User Accounts: unless you want to open up read/write permissions for everyone on the network (a bad idea), you should have a User Account for each client that will log into the shared folder over the network. For instance, I’m setting up my wife’s computer as the host, so I need to make sure that I’ve set up a username and password for myself on her computer. Make sense?

On XP Pro, click Share this folder, then hit the Permissions button. If you don’t feel like giving Everyone full control, click Add –> Advanced –> Find Now to bring up a list of potential Users. Find the User Account for the desired client and click OK twice. For that selected User, click the Full Control option.

Vista - Share Folder On Vista/Server 2008, when the File Sharing window pops up, simply choose the desired client user from the drop-down list. Set the permissions to Co-owner to make sure they have full read/write privileges.

After you’ve set permissions accordingly, make sure you can connect to that network share from the client computer! Try adding and deleting a test file. If everything works, continue to the next section.

Hidden Folders and MediaMonkey Configuration

You can download the free version of MediaMonkey here. Once it’s installed, we need to make a few configuration changes. The files that we need to edit are hidden from the default operating system view, so before you continue, you must enable hidden files and folders.

XP - Folder Options On Windows XP, open any Explorer folder (such as My Documents), go to the Tools menu –> Folder Options. Switch to the View tab, and click the button next to Show hidden files and folders.

On Vista/Server 2008, open any Explorer folder. Go to Organize –> Folder and Search Options. Switch to the View tab, and turn on Show hidden files and folders.

Here comes the fun part. In this next section, we’re going to move the MediaMonkey database and edit the main configuration file. Let’s go.

The MediaMonkey library database is contained in a file called MM.DB. That database, along with the *ini file containing the configuration settings, is in a hidden folder.

Depending on your OS, you can find the required files here:

  • Windows XP – C:\Documents and Settings\USERNAME\Local Settings\Application Data\MediaMonkey
  • Vista/Server 2008 – C:\Users\USERNAME\AppData\Local\MediaMonkey

Here’s what we need to do: we need to move the database to the shared folder that you created earlier. Then, we need to edit the configuration file to point MediaMonkey to the new database location.

BE SURE MEDIAMONKEY IS CLOSED BEFORE CONTINUING. Once MediaMonkey is fully shut down, move the database file (MM.DB) to the shared folder. Be sure to MOVE it, not just copy it. MediaMonkey will look in the default location first, so you do not want an existing database in the default location.

Next, open the MediaMonkey.ini configuration file in Notepad or another text editor. Find the section that starts with [System].

Somewhere in the section below [System], add a line with a parameter for the database name like this:

  • DBName=\\host-computer-name\shared-folder-path\MM.DB

In the above example, host-computer-name stands for the computer name of the host PC. If you are unsure what your computer name is, just right-click on My Computer and look for Computer Name. Provided your shared folder is shared properly, you should be able to access it by entering \\host-computer-name in the Address Bar of any Explorer window.

For example, my host computer’s name is sparkasse. and my shared folder is called Shared Music. My DBName line would look like this:

  • DBName=\\sparkasse\Shared Music\MM.DB

Make sense? For the record, I placed the DBName line just above the PlayerType parameter.

Note: I strongly suggest sticking to the UNC network name (\\computer-name or \\ip-address) instead of a drive letter since it avoids problems down the road and helps with unification of the path display within MediaMonkey. This is especially important when setting up the client PCs.

Dealing With Multiple Local Users

If several people have user accounts on the local computer, you can grant them all access to the shared music library by moving the location of the MediaMonkey.ini configuration file to the C:\Program Files\MediaMonkey\ folder. All local users will then share the same settings within MediaMonkey.

Otherwise, you should log into each user’s account and edit the configuration file in the default location as described above if you want them to share the same library.

Once you’ve added the DBName line, save the configuration file and re-launch MediaMonkey. If everything works normally, let’s move on to setting up a client.

Set Up The Client PC

Configuring a client to connect to the host PC is simpler. Here’s the process:

  • Enable hidden folders
  • Remove the local database
  • Edit the MediaMonkey configuration file to point to the shared database

UNC Network Name - sparkasse First things first, make sure you can access the host PC by typing its UNC network path into any Explorer window.

My Host PC name is sparkasse, so entering \\sparkasse works for me. Definitely check any Remember Password option that’s available.

Install MediaMoney on the client PC. Run it once to generate the hidden folder, but you don’t need to choose any folders to Add/Scan. Once it’s installed, enable hidden folders (as described above in Setting Up The Host PC). BE SURE TO SHUT DOWN MEDIAMONKEY.

Browse to the location of the hidden MediaMonkey folder:

  • Windows XP – C:\Documents and Settings\USERNAME\Local Settings\Application Data\MediaMonkey
  • Vista/Server 2008 – C:\Users\USERNAME\AppData\Local\MediaMonkey

Since this is a new install, you have no need for the MM.DB file (it’s empty anyway). Feel free to delete it. At the least, rename it. We don’t want MediaMonkey defaulting to the empty database.

Configuration File

Next, open up the MediaMonkey.ini configuration file. As with the host PC, add a line somewhere in the [System] section that reads:

  • DBName=\\host-computer-name\shared-folder-path\MM.DB

Once again, host-computer-name is the UNC path to the host PC. My example looks like this:

  • DBName=\\sparkasse\Shared Music\MM.DB

Save the configuration file and re-launch MediaMonkey. If you configured everything correctly, you should be able to browse and play songs stored on the host PC.

Other Issues

If everything went well up to this point, congratulations! You now have a shared music library that people can access simultaneously. This process worked fine for me. If it didn’t work for you, re-read the instructions and check for typos in your path and configuration file. The biggest potential problem that I’ve found is that the tracks in the shared library could be grayed out. If that’s the case, see here.

If you have an existing library with a mapped drive that you want to convert to UNC, see this thread.

CD Ripping

MediaMonkey - Set Destination Wizard When ripping a CD (either on the Host or the Client), make sure that the Main Directory destination is set to the shared library via the UNC path (\\host-computer-name\shared-folder-path\).

See the screenshot for an example.

Yes, you can rip a CD while both computers are accessing the library. If the new files don’t show up immediately in the other user’s library, try collapsing and expanding the desired part of the Library tree, such as the Album or Location view.

At worst, close and re-launch MediaMonkey.

Access and Sharing

In the method that I’ve described, one computer (the host) stores all the music files, whereas the client(s) connect to the host over the network. Naturally, the host computer must be ON for this to work. If you have some kind of Network Attached Storage that you can access via a UNC name, this is not a problem.

Another issue is mobility. What if your host PC is an always-on desktop at home, but your client is a laptop or netbook? If that’s the case, accessing the host PC from outside your home network becomes a problem. However, this problem is solved by creating a VPN, or a way to access your LAN over the Internet. Look into LogMeIn Hamachi (free).

One caveat here is that I have not tried running more than three users simultaneously accessing the shared MediaMonkey library (one host, two clients). Everything that I’ve tried works without flaw, including ripping CDs on the host and client simultaneously. I’ve been running this setup for over a month now without a single problem, but I still suggest occasionally backing up your MM.DB file for safekeeping. Here’s a screenshot of MediaMonkey running (as a client) on Virtual PC on top of Server 2008. Notice the file path:

Overall, my wife and I are very happy with our new music setup. From different computers, we can both rip CDs, rate songs, and load our MP3 players from the same library.

If you have any suggestions to make or questions to ask, please comment below. I will do my best to answer them. Another great resource is the official MediaMonkey forum.

Good luck!

One last thing: this article took a long time to research and write. If you found it helpful, please help share it by giving it a Digg, a Stumble, Mixx, or whatever. 🙂