Tag-Archive for » windows «

Friday, September 11th, 2009 | Author:

Peace in the land of USB

Under a *nix operating system, having multiple partitions on a USB drive isn’t rocket science, it just works. In my case, my USB drive has two partitions because the first partition is a bootable Arch Linux installer.

I have Windows on a desktop at home – mostly for gaming – and many of my colleagues use it too. Since Windows doesn’t do very well with non-Windows partitions I figured I could create a FAT32 partition on the memory stick after the bootable Arch Linux partition. FAT32 is almost ubiquitous and is usable on every common desktop operating system in the world.


Unfortunately it doesn’t work straight off the bat. Apparently, Microsoft in their infinite wisdom decided that memory sticks are supposed to have one (and only one) partition. In reality Windows finds the first partition and then ignores any others that happen to be set up:

Please Format

Err, no, I do not want you to format my Arch Linux installation partition

The trick to getting it working is to fool Windows into thinking the device is not a regular USB memory stick but perhaps a solid-state hard disk which happens to be connected via USB. Yes I know, this is seriously stupid that Windows behaves this way. A solid-state hard disk is just a whopping big (and fast) memory stick after all!

I found a few sources on how to do this however I still had to figure out some things on my own. Specifically, the guides I found either skipped some steps or didn’t provide enough information on where to download the driver package.

This procedure involves manually changing hardware drivers and installing “non-signed” drivers “not intended for your hardware”. I know someone is going to break their system and blame me so I say now that I take no responsibility for any damage you may do to your Windows system as a result of this. Read that again. 😛


remove the highlighted text

click for larger version

Download and unzip the driver, originally created by Hitachi, here. Open the cfadisk.inf file in notepad (or your favourite plaintext editor), and find the section labeled [cfadisk_device]. Remove the section highlighted on the right:

Minimize (don’t close) the editor and go to your desktop icons – right-click on My Computer and select Properties. Select the hardware tab and then select [Device Manager]:

System Properties

Find the device under “Disk drives”, right-click your memory stick and select Properties:

Device Manager

Click the Details tab and in the dropdown box on that page, select “Hardware Ids”. Click the first line in the list of Hardware IDs and press Ctrl+C to copy the name:

USB Hardware Ids

Don’t close this dialog, go back to notepad (which was minimised) and paste the hardware ID into where the previous content was removed.

Changes pasted into notepad

Save the file in notepad and go back to the device’s property dialog window. Click the “Driver” tab and click the [Update Driver…] button. In the windows that pop up, select “No, not this time”; [Next] -> “Install from a list or a specific location (Advanced)”; [Next] -> “Don’t search. I will choose the driver to install.”; [Next] -> [Have Disk…].

Unsigned Drivers - Click Continue Anyway

Browse to the folder where you have saved the modified cfadisk.inf file. Click [OK]. You will find

there is a Hitachi Microdrive driver listed. Select this and click [Next]. When the warning

appears, click [Yes]. Another warning will pop up regarding a similar issue (these are the “unsigned” and “not intended for your hardware” warnings I mentioned earlier). Click [Continue Anyway]:

At this point I recommend closing all the dialog boxes related to the setup. Finally, remove and re-insert the memory stick into your USB port and you should find that the extra partitions on the stick are accessible. In the worst-case scenario, you might still need to partition the disk however the hard part is over. 🙂

Monday, April 06th, 2009 | Author:

I came across 2 bugs on Windows Server 2003 that are also relevant to Windows XP.

Short Circuits

1. Internet Explorer‘s Desktop icon is disabled. When you double-click on the icon, expecting IE to launch, it simply produces an additional shortcut. Subsequent double-clicks again produce more shortcuts. It is possible, as a workaround, to launch IE from the Start Menu.

My first guess was that malware was attempting to make me click on these new shortcuts where the new shortcuts opened further malware. This idea quickly faded though since, if malware were to have the system privileges to produce these symptoms, it wouldn’t need me to provide further privileges.

I eventually found here what the actual problem was. In my case, the cause was related to IE6 being outdated. If a Windows registry entry is named “LegacyDisable” and is added to specific types of registry keys, it lets Windows know that the key is obsolete and that it has only been left behind for backwards-compatibility. In this case, it disabled the intended primary “verb” function (the double-click) of the shortcut: launching IE.

To fix, you can either update to the latest version of IE or fix the registry entry directly. If you experience this issue even with the latest version of IE then the registry value is the only way I know how to fix it.

Danger, Will Robinson!

Though this is a trivial registry change, the registry is still a dangerous thing to mess with so, as usual, back up your registry: See KB322756. Nobody gets to blame me for trashing their system. 😛

De-Register me!

Paste the following into a .reg file and execute it; or manually remove the “LegacyDisable” entries referred-to here:


Fire me up!

2. When trying to browse to any site from within IE, IE remains dormant while Firefox is launched. Firefox then loads the page which was originally requested in IE.

While many might most of the time consider this to be a triumph [insert childish laughter here], the site I wanted to browse to was the Windows Updates site which, unfortunately, does not work when using Firefox. The same would apply to other sites which depend on the web browser supporting ActiveX.

De-Register Me Too!

I eventually found the solution here, and it turns out to be similar to the solution for the first bug – except that it is to remove an entire key. Again, ensure you have a backup of your registry before continuing. Here is the relevant content of the .reg file:


I hope that resolves things for anyone else having similar issues. 🙂

Thursday, January 22nd, 2009 | Author:

I very recently found a problem with a client’s web site due to a .htaccess file. The site was hosted on a Windows server running IIS using IISPassword, which makes use of .htaccess files for its settings.

IISPassword doesn’t follow exactly the same rules as with Apache however. If the .htaccess file exists then it must contain IISPassword-appropriate rules, otherwise the server returns only the following error:

Error 500 given by IIS Password
Here’s the content of the .htaccess file. I’ve only modified the final redirection URL to point to example.com appropriately:

RewriteEngine On
RewriteCond %{HTTP_REFERER} .*google.*$ [NC,OR]
RewriteCond %{HTTP_REFERER} .*aol.*$ [NC,OR]
RewriteCond %{HTTP_REFERER} .*msn.*$ [NC,OR]
RewriteCond %{HTTP_REFERER} .*yahoo.*$ [NC,OR]
RewriteCond %{HTTP_REFERER} .*yandex.*$ [NC,OR]
RewriteCond %{HTTP_REFERER} .*rambler.*$ [NC,OR]
RewriteCond %{HTTP_REFERER} .*ya.*$ [NC]
RewriteRule .* http://siffy-phishing-url.example.com [R,L]

If this were on a server running Apache with mod_rewrite, most web users would go directly to the correct site content. Only if they reached the site through the search engines and indexes listed in the .htaccess, would they be redirected to the siffy phishing url that the cracker wants victims to reach.

Of course, the cracker (or perhaps even an automated worm) didn’t realise that the server in question didn’t even support these mod_rewrite rules. But either way, this is very worrying as I can foresee many arguments about whether or not the site is working

Monday, November 17th, 2008 | Author:

I’d never really had the need to connect to a VPN until this weekend. After connecting, I found that my Internet access was rather non-functional except to the VPN in question. A colleague happened to be on hand (he’d given me the access details in the first place) and he quickly suggested this workaround.

Today, a client had the same issue. Perhaps this problem is more common than I first thought.

When connecting to the VPN, Windows updates the default gateway on your desktop to reflect the VPN’s settings. Most likely, however, you only need to access specific subnets on the VPN and you want all unrelated traffic to use your “old” settings.

It turns out that its a simple checkbox that needs to be unchecked. The jist (sp.??) of finding the setting: Right-click the VPN in Network Connections -> Properties -> Internet Protocol (TCP/IP); [Properties] ; [Advanced], and uncheck the “[ ] Use default gateway on remote network”.

Then click the usual OK/Apply/Yes-of-course-your-dialogue-ness (all the while reading and absorbing any warnings appropriately) until you’re back to your Network Connections window. Right-click the VPN connection and disable / re-connect.

You should be able to confirm that the Default Gateway does not change by running the command-line app ipconfig before and after enabling the VPN connection. Look specifically for the line labelled “Default Gateway”.

[edit reason=”moore”]…

It turns out that a possible reason for this setting being the default setting is for security. If your desktop happens to be compromised or inadvertently routing traffic, connecting to the VPN might expose the supposedly “private” network to the Internet.

Tuesday, November 11th, 2008 | Author:

I sometimes use a simplified remote desktop script I built a long time ago, before KRDC and its kin came about. It is still useful for if you normally only connect to 1 server at a time or you want your screen’s real-estate back. Feel free to adjust the defaults. 🙂

This works for generally any distro as long as you have rdesktop installed:

((pacman|yaourt) -S|emerge|(yum|aptitude) install) rdesktop

Copy the text into an appropriately-named file in your ~/bin/ folder. Then chmod it to be executable and link the second alias.

tricky@swiftspirit:~$ [ -d ~/bin ] || mkdir ~/bin
tricky@swiftspirit:~$ nano ~/bin/rd
tricky@swiftspirit:~$ chmod +x ~/bin/rd
tricky@swiftspirit:~$ link ~/bin/rd ~/bin/rdc

Also, create a folder at /media/rd that is writable only by root but readable by anyone. Then also create a second folder within this which is writable by anyone. The /media/rd folder is shared with the remote desktop when you connect so it is useful to keep small scripts or applications that you might install or need often in this folder. The /media/rd/honey folder is there for security purposes so that you can copy content to your desktop but ALSO so that a virus-infected server doesn’t infect your existing executables and scripts in the main /media/rd/ folder:

tricky@swiftspirit:~$ sudo mkdir /media/rd
tricky@swiftspirit:~$ sudo mkdir /media/rd/honey
tricky@swiftspirit:~$ sudo chown -R root:root /media/rd
tricky@swiftspirit:~$ sudo chmod 755 /media/rd
tricky@swiftspirit:~$ sudo chmod 777 /media/rd/honey

copy rd’s content from here.

Once this is in place, to connect to a server, type the command into your terminal from within your GUI:

tricky@swiftspirit:~$ rd my.server.swiftspirit.co.za

If you want to connect to a console session (session 0), use the rdc version:

tricky@swiftspirit:~$ rdc my.server.swiftspirit.co.za

Improvements and suggestions are welcome. I’d built a version which could save your passwords into a shadow file using openssl however I never quite got it to work. Maybe another time. 😉

Category: linux  | Tags: , , , ,  | Leave a Comment