FDS-TEAM
Linux, Windows, Programming and more...
25 Dec 2013 22:13 CET  written by FDS-Team - 22 comment(s)
[article-image]

Every linux user knows that for some Windows programs or services do not exist equivalent linux programs. This is especially true if the internal functionality of such programs should be kept secret (for example DRM based software), so you need to use Windows or Wine. One way to keep your normal desktop enviroment while doing this, is to use a virtual machine like Virtualbox or KVM. This works well, as long as you don't want to play games or use any other software which makes heavy usage of 3D. In this case you need to use a real Windows installation and you most likely will end up with two Windows installations which needlessly consume more space than they should. In this article I will show how to boot an existing Windows 7 Installation in Virtualbox/KVM/VMware, so that you will only need one Installation, which can be booted inside a VM or on your real system.

From a technical point of view this "Dualboot" method works flawless though it is not compatible with Microsofts license restrictions. Microsoft wants you to buy a second license if you want to use the system inside a VM and on a real machine disregarding the fact that the installation can not be used twice at the same time. Even if you would buy a second license of Windows 7 the system would still not be able to make use of both of them since you can only enter a single serial number which is used during the activation. This may lead to the problem that Windows wants to be reactivated after every switch between the VM and a real boot as the activation system will detect the change of the hardware. Depending on the used VM software it is possible to tweak some settings like HDD serial numbers and similar stuff to prevent this, but this is still kind of a hack.

16 Aug 2013 21:23 CEST  written by FDS-Team - 240 comment(s)
[article-image]

Today we want to present you our latest project Pipelight, which allows to run your favorite Silverlight application directly inside your Linux browser. The project combines the effort by Erich E. Hoover with a new browser plugin that embeds Silverlight directly in any Linux browser supporting the Netscape Plugin API (Firefox, Chrome / Chromium, Midori, Opera, …). He worked on a set of Wine patches to get Playready DRM protected content working inside Wine and afterwards created an Ubuntu package called Netflix Desktop. This package allows one to use Silverlight inside a Windows version of Firefox, which works as a temporary solution but is not really user-friendly and moreover requires Wine to translate all API calls of the browser. To solve this problem we created Pipelight.

18 Jun 2013 00:47 CEST  written by FDS-Team
[article-image]

Inspired by a DEFCON speech from 2010 ("How I Met Your Girlfriend" by Samy Kamkar, NAT pinning part) we both wanted to know if the method for NAT pinning described in his talk is still possible - as it turns out it is indeed and moreover we revealed a bug in several router firmwares, which allows to use unsuspecting people as a relay/proxy on the internet.

NAT pinning summarizes several methods which can be used to temporarily open and forward ports in the router. There is a whole bunch of methods out there, you can take a look at Phrack - Issue 63 - Breaking Through a Firewall for example. Usually these methods are used for example for peer to peer applications to trick the local router/NAT. Normal peer to peer programs cannot be used behind a NAT because the router does not know which device in the internal network should receive an incoming connect packet as all local clients share the same public IP address. NAT devices track all incoming and outgoing connections and deliver packets depending on the information saved in their tracking table. The idea of NAT pinning is to get an entry in this table to allow incoming connections, although you can normally get only entries for outgoing connections.

17 Jun 2013 01:49 CEST  written by FDS-Team - 2 comment(s)
[article-image]

This article explains how to limit IPv6 access in Linux to only selected applications. You may ask yourself why you should bother about restricting IPv6 to some specific programs and do not use it systemwide as it is the future. The main problem is to secure an IPv6 network which is much more complicated than using a typical IPv4 network consisting of a router and several devices behind it. The idea of this article is to select only several applications which are allowed to use the new IP standard, so that you have much more control over it. This is also useful if you are using a tunnel broker and do not want to redirect all traffic (like for example email) through this tunnel. Even if you actually don't necessarily need an IPv6 address, it might be useful, if you need to get an IP address in a different country because of some sort of geo blocked service…

08 Jun 2013 14:34 CEST  written by Richard, Michael - 3 comment(s)
[article-image]

Gestern noch die Lieblingsserie aufgenommen und nun das: Der Fernseher erkennt die Festplatte nicht mehr und möchte diese neu formatieren! Dies ist sehr ägerlich, da dadurch auch die Aufnahmen gelöscht werden, die noch ungesehen auf der Festplatte gespeichert sind. In vielen Fällen ist es jedoch nicht notwendig eine Formatierung auszuführen, denn ein Großteil der vorhandenen Daten lässt sich mit ein paar einfachen Linux Befehlen retten.

Das Problem entsteht in der Regel durch ein defektes Dateisystem auf der externen Festplatte. Moderne Dateisysteme, wie das von Samsung TVs verwendete XFS, besitzen eigentlich ein Journal um dieses Problem zu verhindern. Die Aufgabe des Journals ist es Änderungen zu vermerken bevor sie tatsächlich durchgeführt werden und so dafür zu Sorgen das sich das Dateisystem bei einem Absturz oder einem Stromausfall immer in einem konsisten Zustand befindet. Würde zum Beispiel beim Umbennen einer Datei das System abstürzen und der Dateiname wäre noch nicht vollständig geschrieben, so würde beim nächsten Start die Umbennenung vollendet werden, da der volle Name bereits im Journal steht (wäre dies nicht der Fall so hätte die Datei ggf. einen ungültigen Namen oder wäre nicht mehr korrekt ins Dateisystem eingebunden).

DP-CMS 0.1 RSSRSS - Feed