Blog Hj Mohsin

03:07 PM

This post contains comprehensive documentation with examples for one of the most useful Linux/UNIX/Windows commands: dd. Dd is a bit-stream duplicator. If you have questions, post them. The latest addition, How To Encrypt an 8.0 GB SDHC MicroSD Card was on 06-19-2011.

First Time visitors please reply.

How To Encrypt an 8.0 GB SDHC MicroSD Card
Put the card into an USB adapter. Such devices are not perfect. One might have to push the MicroSD card into the reader as far as it will go, and others might have to pull it back a millimeter or two. If the kernel does not detect a partition on a new card, it's detecting the USB adapter only. Adjust the card slighty, and replace the adapter if necessary. Should show some new device(s):

Code:

ls /dev/sd*
/dev/sdb /dev/sdb1

Write random data to the drive:

Code:

dd if=/dev/urandom of=/dev/sdb bs=4k

/dev/sdb is only an example.

Code:

apt-get install cryptsetup

Learn to use parted, or I quit! Partition the card:

Code:

parted

Encrypt the partition with a good passphrase, one that's easy to remember, but hard to guess. DO NOT use the standard example, because everyone knows it: Deep inside, she knows she cannot attain masculinity, but she can attain masculinity deep inside!

Code:

cryptsetup --verbose --verify-passphrase luksFormat /dev/sdb1

Open the encrypted device:

Code:

cryptsetup luksOpen /dev/sdb1 vol_1

Create a filesystem:

Code:

mkfs.xfs -imaxpct=3 /dev/mapper/vol_1

Mount:

Code:

mkdir /AES_Drive
&& mount /dev/mapper/vol_1 /AES_Drive

Umount:

Code:

umount /AES_Drive && cryptsetup luksClose /dev/mapper/vol_1

Just a footnote, Laptops that went to sleep with the encrypted volume open, may wake up with it open!

Linux DD
The basic command structure is as follows:

Code:

dd if=<source> of=<target> bs=<byte size> ("USUALLY" some power of 2, and usually not less than 512 bytes (ie, 512, 1024, 2048, 4096, 8192, 16384, but can be any reasonable whole integer value.) skip= seek= conv=<conversion>

Source is the data being read. Target is where the data gets written.

Warning!! If you reverse the source and target, you can wipe out a lot of data. This feature has inspired the nickname "dd" Data Destroyer. Warning!! Caution should be observed when using dd to duplicate encrypted partitions.

Examples: duplicate one hard disk partition to another hard disk partition: Sda2 and sdb2 are partitions. You want to duplicate sda2 to sdb2.

Code:

dd if=/dev/sda2 of=/dev/sdb2 bs=4096 conv=notrunc,noerror

If sdb2 doesn't exist, dd will start at the beginning of the disk, and create it. Be careful with order of if and of. You can write a blank disk to a good disk if you get confused. If you duplicate a smaller partition to a larger one, using dd, the larger one will now be formatted the same as the smaller one. And there will be no space left on the drive. The way around this is to use

Code:

rsync

, as described below.

To make an iso image of a CD: This duplicates sector for sector. MyCD.iso will be a hard disk image file of the CD.

Code:

dd if=/dev/hdc of=/home/sam/myCD.iso bs=2048 conv=sync,notrunc

You can mount the image like this:

Code:

mkdir /mnt/myCD
mount -o loop /home/sam/myCD.iso /mnt/myCD

This will make the CD root directory the working directory, and display the CD root directory.

Code:

cd /mnt/myCD

This will duplicate a floppy disk to hard drive image file:

Code:

dd if=/dev/fd0 of=/home/sam/floppy.image

If you're concerned about spies taking the platters out of your hard drive, and scanning them using superconducting quantum-interference detectors, you can always add a "for" loop for US Government DoD approved secure hard disk erasure. Copy and paste the following two lines into a text editor.

Code:

#!/bin/bash 
for n in `seq 7`; do dd if=/dev/urandom of=/dev/sda bs=8b conv=notrunc; done

Save the file as anti_scqid.

Code:

chmod +x anti_swqid

Don't run the program until you want to wipe the drive.

Best Laptop Backup: Purchase a laptop drive and an USB 2.0 drive enclosure (Total cost $100.00USD). Assemble the lappy drive into the external enclosure. Plug the external drive into the lappy USB port, and boot with The Knoppix live CD. Launch a terminal. This command will backup the existing drive:

Code:

dd if=/dev/hda of=/dev/sda bs=64k conv=notrunc,noerror

This command will restore from the USB drive to the existing drive:

Code:

dd if=/dev/sda of=/dev/hda bs=64k conv=notrunc,noerror

If the existing disk fails, you can boot from the external drive backup and have your system back instantaneously.

This series will make a DVD backup of hard drive partition:

Code:

dd if=/dev/hda3 of=/home/sam/backup_set_1.img bs=1M count=4430 
dd if=/dev/hda3 skip=4430 of=/home/sam/backup_set_2.img bs=1M count=4430  
dd if=/dev/hda3 skip=8860 of=/home/sam/backup_set_3.img bs=1M count=4430

And so on. This series will burn the images to DVD+/-R/RW:

Code:

wodim -dev=/dev/hdc --driveropts=burnfree /home/sam/backup_set_1.img

and so forth. To restore the from the backup, load the DVDs in order, and use commands like these:

Code:

 dd if=/media/dvd/backup_set_1.img of=/dev/hda3 bs=1M conv=sync,noerror

Load another DVD

Code:

dd if=/media/dvd/backup_set_2.img of=/dev/hda3 seek=4430 bs=1M conv=sync,noerror

Load another DVD

Code:

dd if=/media/dvd/backup_set_3.img of=/dev/hda3 seek=8860 bs=1M conv=sync,noerror

and so forth.

If you wrote chat messages and emails to another girl, on your girlfriend's computer, you can't be sure the files you deleted are unrecoverable. But you can make sure if anyone were to recover them, that you wouldn't get busted.

Code:

dd if=/dev/sda | sed 's/Wendy/Janet/g' | dd of=/dev/sda

Where every instance of Wendy is replaced by Janet, over every millimeter of disk. I picked names with the same number of characters, but you can pad a smaller name with blanks.

This command will overwrite the drive with zeroes

Code:

dd if=/dev/zero of=/dev/sda bs=4k conv=notrunc

I just want to make sure my drive is really zeroed out!!

Code:

dd if=/dev/sda | hexdump -C | grep [^00]

... will return output of every nonzero byte on the drive. Play around with it. Sometimes drives don't completely zero out on the first try.

The following method of ouputting statistics applies to any dd command invocation. This is an example dd command so you can try it.

Code:

/bin/dd if=/dev/zero of=/dev/null count=100MB

When you want to know how far dd has gotten throwing 100MB of 512 byte blocks of zeroes into digital hell, open another terminal and do:

Code:

ps aux | awk '/bin\/dd/ && !/awk/ {print $2}' | xargs kill -s USR1 $1

In the terminal running the dd command you will find something like this:

Code:

33706002+0 records in
33706002+0 records out
17257473024 bytes (17 GB) copied, 34.791 s, 496 MB/s

If you enter the command again, you see more statistics:

Code:

58596452+0 records in
58596452+0 records out
30001383424 bytes (30 GB) copied, 60.664 s, 495 MB/s

Again

Code:

74473760+0 records in
74473760+0 records out
38130565120 bytes (38 GB) copied, 77.3053 s, 493 MB/s

and so on ... Until the command completes

Code:

100000000+0 records in
100000000+0 records out
51200000000 bytes (51 GB) copied, 104.193 s, 491 MB/s

How To Scan a dd Bitstream for Viruses and Malware:

Code:

 dd if=/home/sam/file.file | clamscan -

Windows users will find help in the second post, way at the bottom

FYI: duplicating smaller partition or drive to larger partition or drive; or vice versa:

Code:

rsync -avH --exclude=/other_mount_point/ /mount_point/* /other_mount_point/

You want to duplicate the root directory tree to another drive, but the other drive is larger. If you use dd, you will get a file system that is smaller then the larger destination drive. To duplicate files, not the file system: Format and mount the destination drive. Rsync will duplicate the files as files:

Code:

 rsync -avH --exclude=/mnt/destination_drive/  /* /mnt/destination_drive/

You need to run:

Code:

grub-install
update-grub

from a the rescue menu of an installation CD/DVD for the target to become bootable. If target was previously bootable, it remains bootable.

Making a NTFS partition, is not easy without using Windows based tools. I was formatting an external drive for my brother, who uses MS Windows XP. I wasn't going to admit Linux couldn't make a NTFS partition.

Make an ext3 partition on the drive. Open a hex editor and make a file containing

Code:

Save the file as file.bin. Change the ext3 partition to NTFS:

Code:

dd if=/home/sam/file.bin of=/dev/sdb bs=1 seek=450 count=1

Will change the partition type byte at offset

Code:

0x1c2

from Linux type:

Code:

0x83

, to NTFS type:

Code:

0x07

Please use a drive without important data on it. And, If you use a text editor to make the binary 07 file, you will ruin the existing partition table, because ascii 07 is two hexadecimal bytes (0x3037).

The four primary partition type byte offsets are:

Code:

0x1c2=450 
0x1d2=466
0x1e2=482
0x1f2=498

If the dd seek= parameter is changed from 450 to a one of the other values, it will change partition (hd0,1), (hd0,2), or (hd0,3) to NTFS type, rather than partition (hd0,0).

To be revised at a later date:
To make a bootable flash drive: Download 50 MB Debian based distro here:
http://sourceforge.net/projects/insert/

Plug in the thumb drive into a USB port. Do:

Code:

dmesg | tail

Look where the new drive is, sdb1, or something similar. Do:

Code:

dd if=/home/sam/insert.iso of=/dev/sdb ibs=4b obs=1b conv=notrunc,noerror

Set the BIOS to USB boot, and boot.
End to be revised

This command will duplicate the MBR and boot sector of a floppy disk to hard drive image:

Code:

dd if=/dev/fd0 of=/home/sam/MBRboot.image bs=512 count=2

To clone an entire hard disk. /dev/sda is the source. /dev/sdb is the target:

Code:

dd if=/dev/sda of=/dev/sdb bs=4096 conv=notrunc,noerror

Do not reverse the intended source and target. It happens once in a while, especially to the inexperienced user. Notrunc means 'do not truncate the output file'. Noerror means to keep going if there is an error. Dd normally terminates on any I/O error.

Duplicate MBR, but not partition table. This will duplicate the first 446 bytes of the hard drive to a file:

Code:

dd if=/dev/sda of=/home/sam/MBR.image bs=446 count=1

If you haven't already guessed, reversing the objects of if and of, on the dd command line, reverses the direction of the write.

To wipe a hard drive: (Boot from a live CD distro to do this.)

Code:

dd if=/dev/zero of=/dev/sda conv=notrunc

This is useful for making the drive like new. Most drives have 0x00h written to every byte, from the factory.

To overwrite all the free disk space on a partition (deleted files you don't want recovered):

Code:

dd if=/dev/urandom of=/home/sam/bigfile.file

When dd ouputs

Code:

no room left on device

all the free space has been overwritten with random characters. Delete the big file with

Code:

rm bigfile.file

.

Sometimes one wants to look inside a binary file, looking only for clues. The output of the command line:

Code:

less /home/sam/file.bin

is cryptic, because it's binary. For human readable output:

Code:

dd if=/home/sam/file.bin | hexdump -C | less

You may also use:

Code:

 dd if=/home/sam/file.file | strings -n 8 -t d | less

Recover deleted JPEG files. Look at the header bytes of any JPEG.

Code:

dd if=/home/sam/JPEG.jpg bs=1w count=2 | hexdump -C

The last two bytes are the footer.

Code:

dd if=JPEG.jpg | hexdump -C

Using the JPEG header and footer bytes, search the drive. Command returns the offsets of the beginning and end of each deleted JPEG.

Code:

dd if=/dev/sda3 | hexdump -C | "grep 'ff d8 ff e0' | 'ff d9'"

If

Code:

grep

returned JPEG header bytes at offset:

Code:

0xba0002f

and footer bytes at offset:

Code:

0xbaff02a

Convert the hex offsets to decimal offsets, using one of the many logic capable calculators for Linux. Decimal offsets corresponding to the beginning and end of the JPEG are 195 035 183 and 196 079 658. (196 079 658) - (195 035 183) = rough idea of proper bs= and count= parameters. To find the proper count= figure: (<decinal offset of footer bytes> - <decimal offset of header bytes>) / <block size> = <number of blocks in the deleted JPEG file>. (195 035 183 – 196 079 658) = (1 044 475) / (bs=4096) = (254.998). That's really close to 255. If we could land exactly at the header bytes using bs=4096, we could use count=255. But I'm going to use count=257, because random chance dictates the probability of landing dead on the header bytes, using 2^x block size is remote. So we start reading before the header bytes.

We need to use skip= parameter to skip to our start point: 195 035 183 / bs=4096 = 47 616.011. We always round down, so dd will start reading before the beginning of the file. In this case we round down to skip=47615. The following writes a file containing the JPEG with some unwanted bytes before and after.

Code:

dd if=/dev/sda3 skip=47615 of=/home/sam/work_file.bin count=257 bs=4096

This sequence yields the desired JPEG.

Code:

hexdump -C work_file.bin | "grep 'ff d8 ff e0' | 'ff d9'"
dd if=work_file.bin skip=<offset_of_first_header_byte_in_decimal_format> count=<offset_of_last_footer_byte_in_decimal_format +1> - <offset_of_first_header_byte_in_decimal_format> bs=1c of=JPG.jpg

That's the way to get your hands dirty deep in digital data. But this process it automated in the file carving program, foremost.

The principle of file carving negates the need for Linux undelete programs. So if your from a MS Windows world, don't google for linux undelete, but rather, foremost NEXT ...

I put two identical drives in every one of my machines. Before I do anything that most probably spells disaster, like an untested command line in a root shell, that contains

Code:

find / -regex ?*.???* -type f | xargs rm -f "$1"

, I do:

Code:

dcfldd if=/dev/sda of=/dev/sdb bs=4096 conv=notrunc,noerror

and duplicate my present working /dev/sda drive system to the /dev/sdb drive. If I wreck the installation on sda, I boot from a live CD distro, and do:

Code:

dd if=/dev/sdb of=/dev/sda bs=4096 conv=notrunc,noerror

And I get everything back exactly the same it was before whatever daring maneuver I was trying didn't work. You can really, really learn Linux this way, because you can't wreck what you have an exact duplicate of. You also might consider making the root partition separate from /home, and make /home big enough to hold the root partition, plus more. Then, To make a backup of root:

Code:

dd if=/dev/sda2 (root) of=/home/sam/root.img bs=4096 conv=notrunc,noerror

To write the image of root back to the root partition, if you messed up and can't launch the X server, or edited /etc/fstab, and can't figure out what you did wrong. It only takes a few minutes to restore a 15 GB root partition from an image file:

Code:

dd if /home/sam/root.img of=/dev/sda2 (root) bs=4096 conv=notrunc,noerror

How to make a swap file, or another swapfile on a running system:

Code:

dd if=/dev/zero of=/swapspace bs=4k count=250000
mkswap /swapspace
swapon /swapspace

This can solve out of memory issues due to memory leaks on servers that cannot easily be rebooted.

How to pick proper block size:

Code:

dd if=/dev/zero bs=1024 count=1000000 of=/home/sam/1Gb.file
dd if=/dev/zero bs=2048 count=500000 of=/home/sam/1Gb.file
dd if=/dev/zero bs=4096 count=250000 of=/home/sam/1Gb.file
dd if=/dev/zero bs=8192 count=125000 of=/home/sam/1Gb.file

This method can also be used as a drive benchmark, to find strengths and weaknesses in hard drives:
Read:

Code:

dd if=/home/sam/1Gb.file bs=64k | dd of=/dev/null

Write:

Code:

dd if=/dev/zero bs=1024 count=1000000 of=/home/sam/1Gb.file

When dd finishes it outputs (total size)/(total time). You get the idea.
Play with 'bs=' and 'count=', always having them multiply out to the same toal size. You can calculate bytes/second like this: 1Gb/total seconds = Gb/s. You can get more realistic results using a 3Gb file.

Rejuvenate a hard drive
To cure input/output errors experienced when using dd. Over time the data on a drive, especially a drive that hasn't been used for a year or two, grows into larger magnetic flux points than were originally recorded. It becomes more difficult for the drive heads to decipher these magnetic flux points. This results in I/O errors. Sometimes sector 1 goes bad, resulting in a useless drive. Try:

Code:

dd if=/dev/sda of=/dev/sda

to rejuvenate the drive. Rewrites all the data on the drive in nice tight magnetic patterns that can then be read properly. The procedure is safe and economical.

Make a file of 100 random bytes:

Code:

dd if=/dev/urandom of=/home/sam/myrandom bs=100 count=1

/dev/random produces only as many random bits as the entropy pool contains. This yields quality randomness for cryptographic keys. If more random bytes are required, the process stops until the entropy pool is refilled (waggling your mouse helps). /dev/urandom does not have this restriction. If the user demands more bits than are currently in the entropy pool, it produces them using a pseudo random number generator. Here, /dev/urandom is the Linux random byte device. Myrandom is a file.

Randomize data over a file before deleting it:

Code:

ls -l

to find filesize.
In this case it is 3769

Code:

ls -l afile -rw------- ... 3769 Nov 2 13:41 <filename>

Code:

dd if=/dev/urandom of=afile bs=3769 count=1 conv=notrunc

duplicate a disk partition to a file on a different partition.

Warning!! Do not write a partition image file to the same partition.

Code:

dd if=/dev/sdb2 of=/home/sam/partition.image bs=4096 conv=notrunc,noerror

This will make a file that is an exact duplicate of the sdb2 partition. You can substitue hdb, sda, hda, etc ... OR

Code:

dd if=/dev/sdb2 ibs=4096 | gzip > partition.image.gz conv=noerror

Makes a gzipped archive of the entire partition. To restore use:

Code:

 dd if=partition.image.gz | gunzip | dd of=/dev/sdb2

For bzip2 (slower,smaller), substitute bzip2 and bunzip2, and name the file

Code:

< filename >.bz2

.Restore a disk partition from an image file.

Code:

dd if=/home/sam/partition.image of=/dev/sdb2 bs=4096 conv=notrunc,noerror

Convert a file to uppercase:

Code:

dd if=filename of=filename conv=ucase

Make a ramdrive:
The Linux kernel makes a number a ramdisks you can make into ramdrives. You have to populate the drive with zeroes like so:

Code:

dd if=/dev/zero of=/dev/ram7 bs=1k count=16384

Populates a 16 MB ramdisk.

Code:

mke2fs -m0 /dev/ram7 4096

puts a file system on the ramdisk, turning it into a ramdrive. Watch this puppy smoke.

Code:

debian:/home/sam # hdparm -t /dev/ram7
/dev/ram7:
Timing buffered disk reads:   16 MB in  0.02 seconds = 913.92 MB/sec

You only need to do the timing once, because it's cool. Make the drive again, because hdparm is a little hard on ramdrives. You can mount the ramdrive with:

Code:

mkdir /mnt/mem
mount /dev/ram7 /mnt/mem

Now you can use the drive like a hard drive. This is particularly superb for working on large documents or programming. You can duplicate the large file or programming project to the ramdrive, which on my machine is at least 27 times as fast as /dev/sda, and every time you save the huge document, or need to do a compile, it's like your machine is running on nitromethane. The only drawback is data security. The ramdrive is volatile. If you lose power, or lock up, the data on the ramdrive is lost. Use a reliable machine during clear skies if you use a ramdrive.

Duplicate ram memory to a file:

Code:

dd if=/dev/mem of=/home/sam/mem.bin bs=1024

The device

Code:

/dev/mem

is your system memory. You can actually duplicate any block or character device to a file using dd. Memory capture on a fast system, with bs=1024 takes about 60 seconds, a 120 GB HDD about an hour, a CD to hard drive about 10 minutes, a floppy to a hard drive about 2 minutes. With dd, your floppy drive images will not change. If you have a bootable DOS diskette, and you save it to your HDD as an image file, when you restore that image to another floppy it will be bootable.

Dd will print to the terminal window if you omit the

Code:

of=/dev/output

part.

Code:

dd if=/home/sam/myfile

will print the file myfile to the terminal window.

To search the system memory:

Code:

dd if=/dev/mem | strings | grep 'some-string-of-words-in-the-file-you-forgot-to-save-before-the-power-failed'

If you need to cover your tracks quickly, put the following commands in a script to overwrite system ram with zeroes. Don't try this for fun.

Code:

mkdir /mnt/mem
mount -t ramfs /dev/mem /mnt/mem
dd if=/dev/zero > /mnt/mem/bigfile.file

This will overwrite all unprotected memory structures with zeroes, and freeze the machine so you have to reboot (Caution, this also prevents committment of the file system journal, and could trash the file system).

You can get arrested in 17 states for doing this next thing. Make an AES encrypted loop device:

Code:

dd if=/dev/urandom of=/home/sam/aes-drv bs=16065b count=100
modprobe loop
modprobe cryptoloop
modprobe aes
losetup -e aes /dev/loop1 ./aes-drv
password:
mkreiserfs /dev/loop1
mkdir /aes
mount -o loop,encryption=aes,acl ./aes-drv /aes
password:
mv /home/sam/porno /aes

to get the porno on the aes drive image.

Code:

umount /aes
losetup -d /dev/loop1
rmmod aes 
rmmod cryptoloop
rmmod loop

to make 'aes-drv' look like a 400 MB file of random bytes. Every time the lo interface is configured using losetup, according to the above, and the file 'aes-drv' is mounted, as above, the porno stash will be accessible in /aes/porno. You don't need to repeat the dd command, OR, the format with reiserfs, OR, the mv command. You only do those steps once. If you forget the password, there is no way to recover it besides guessing. Once the password is set, it can't be changed. To change the password, make a new file with the desired password, and move everything from the old file to the new file. Acl is a good mount option, because it allows use of acls. Otherwise your stuck with u,g,o and rwx.

If you are curious about what might be on you disk drive, or what an MBR looks like, or maybe what is at the very end of your disk:

Code:

dd if=/dev/sda count=1 | hexdump -C

Will show you sector 1, or the MBR. The bootstrap code and partition table are in the MBR.
To see the end of the disk you have to know the total number of sectors, and the MAS must be set equal to the MNA. The helix CD has a utility to set this correctly. In the dd command, your skip value will be one less than MNA of the disk. For a 120 GB Seagate SATA drives

Code:

dd if=/dev/sda of=home/sam/myfile skip=234441646 bs=512

,
So this reads sector for sector, and writes the last sector to myfile. Even with LBA addressing, disks still secretly are read in sectors, cylinders, and heads.
There are 63 sectors per track, and 255 heads per cylinder. There is a total cylinder count. 512_bytes/sector*63_sectors/track*255heads=16065*512bytes/cylinder=8,225,280_bytes/cylinder. 63_sectors/track*255_heads=sectors/cylinder. With 234441647 total sectors, and 16065 sectors per cylinder, you get some trailing sectors which do not make up an entire cylinder: 14593.317584812_cylinders/drive. This leaves 5102 sectors which cannot be partitioned, because to be in a partition you have to be a whole cylinder. It's like having part of a person. That doesn't really count as a person. These become surplus sectors after the last partition. You can't ordinarily read past the last partition. But dd can. It's a good idea to check for anything writing to surplus sectors. For our Seagate 120 GB drive, 234,441,647_sectors/drive - 5102_surplus_sectors = 234,436,545 partitionable sectors.

Code:

dd if=/dev/sda of=/home/sam/myfile skip=234436545

writes the last 5102 sectors to myfile. Launch midnight commander (mc) to view the file. If there is something in there, you do not need it for anything. In this case you would write over it with random characters:

Code:

dd if=/dev/urandom of=/dev/sda bs=512 seek=234436545

Will overwrite the 5102 surplus sectors on our 120 GB Seagate drive.

Block size:
One cylinder in LBA mode = 255_heads*63_sectors/track=16065_sectors=16065*512_bytes=8,225,280_bytes. The b means '* 512'. 32130b represents a two cylinder block size. Cylinder block size always works to cover every sector in a partition, because partitions are made of a whole number of cylinders. One cylinder is 8,225,280 bytes. If you want to check out some random area of the disk:

Code:

dd if=/dev/sda of=/home/sam/myfile bs=4096 skip=2000 count=1000

Will give you 8,000 sectors in myfile, after the first 16,000 sectors. You can open that file with a hex editor, edit some of it, and write the edited part back to disk:

Code:

dd if=/home/sam/myfile of=/dev/sda bs=4096 seek=2000 count=1000

Image a partition to another machine:
On source machine:

Code:

dd if=/dev/hda bs=16065b | netcat < targethost-IP > 1234

On target machine:

Code:

netcat -l -p 1234 | dd of=/dev/hdc bs=16065b

Variations on target machine:

Code:

netcat -l -p 1234 | bzip2 > partition.img

makes a compressed image file using bzip2 compression.

Code:

netcat -l -p 1234 | gzip > partition.img

makes a compressed image file using gzip compression. I back up a 100 GB lappy disk on a desktop drive, over a lan connection, and the 100 GB compresses to about 4.0 GB. Most of the drive is empty, so it's mostly zeroes. Repetitive zeroes compress well.
Alert!! Don't hit enter yet. Hit enter on the target machine. THEN hit enter on the source machine.

Netcat is a program, available by default, on most linux installations. It's a networking swiss army knife. In the preceding example, netcat and dd are piped to one another. One of the functions of the linux kernel is to make pipes. The pipe character looks like two little lines on top of one another, both vertical. Here is how this command behaves: This byte size is a cylinder. bs=16065b equals one cylinder on an LBA drive. The dd command is piped to netcat, which takes as its arguments the IP address of the target(like 192.168.0.1, or any IP address with an open port) and what port you want to use (1234).

You can also use ssh.

Code:

dd if=/dev/sdb2 | ssh sam@192.168.0.121 "sudo dd of=/home/sam/sdb2.img"

CONTINUED ... SEE NEXT POST

Dd is like Symantec Norton Ghost, Acronis True Image, Symantec Drive Image. You can perform disk drive backup, restore, imaging, disk image, cloning, clone, drive cloning, transfer image, transfer data, clone to another drive or clone to another machine, move Windows XP to a new hard drive, clone Windows XP, clone Windows, transfer Windows, hard drive upgrade, duplicate a boot drive, duplicate a bootable drive, upgrade your operating system hard drive, Tired of reinstalling WinXP Windows XP?

Copyright 2008, 2010 by AwesomeMachine.
All Rights Reserved.

Blog Hj Mohsin

Sunday, 19 June 2016

BOOK: How to Win Friends and Influence People

This is Dale Carnegie's summary of his book, from 1936

Table of Contents

Fundamental Techniques in Handling People

Six ways to make people like you

Win people to your way of thinking

Be a Leader: How to Change People Without Giving Offense or Arousing Resentment

Saturday, 4 June 2016

The real dd command

About Me