Thursday, February 18, 2016

Fixing NTFS partition in Debian using ntfsfix

Today my external hard drive suddenly become RAW meaning i couldn't mount it in windows or even in linux and worse I couldn't even run chkdsk utility in windows then i came across this utily called ntfsfix  while searching  for the solution.

The following is from the ntfsfix manpage:

ntfsfix  is a utility that fixes some common NTFS problems.ntfsfix is NOT a Linux version of chkdsk.  It only repairs some  fundamental  NTFS inconsistencies,  resets  the  NTFS  journal file and schedules an NTFS consistency check for the first boot into Windows. You may run ntfsfix on an NTFS volume if you think it  was  damaged  by Windows or some other way and it cannot be mounted.

so to run ntfsfix become root and give the following command

# ntfsfix -d /dev/sdb1

it will fix the most common errors in the NTFS partition.

sources:
1. http://askubuntu.com/questions/47700/fix-corrupt-ntfs-partition-without-windows
2. http://pclosmag.com/html/Issues/201205/page06.html

Iptables configuration for Debian Desktop

Iptables  is one of the best firewall  available today. It will do three things
a. ACCEPT
b. REJECT
c. DROP

It has many frontends like for example ufw, etc. So let's configure our firewall for our Debian Desktop.

#iptables -P INPUT -j DROP
#iptables -A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
#iptables -A INPUT -i lo -j ACCEPT
#iptables -A INPUT -p icmp -m limit --limit 1/second --limit-burst 5 -j ACCEPT
#iptables -A INPUT -p icmp -m icmp --icmp-type address-mask-request -j DROP
#iptables -A INPUT -p icmp -m icmp --icmp-type timestamp-request -j DROP
#iptables -A INPUT -p icmp -j DROP
#iptables -A INPUT -p tcp --dport 80 -j ACCEPT
#iptables -A INPUT -p tcp --dport 10000:10020 -j ACCEPT
#iptables -A INPUT -p udp --dport 10000:10020 -j ACCEPT
#iptables -A INPUT -m state --state INVALID -j DROP
#iptables -P FORWARD -j DROP
#iptables -A FORWARD -m state --state INVALID -j DROP
#iptables -P OUTPUT -j ACCEPT
#iptables -A OUTPUT -m state --state INVALID -j DROP

BLOCKING PORT-SCANNING

#iptables -N port-scan
#iptables -A port-scan -p tcp --tcp-flags SYN,ACK,FIN,RST RST -m limit --limit 1/s -j RETURN
#iptables -A port-scan -j DROP

LOGGING

#iptables -N LOGGING
#iptables -A INPUT -j LOGGING
#iptables -A LOGGING -m limit --limit 2/min -j LOG --log-prefix "Iptables dropped: " --loglevel  7
#iptables -A LOGGING -j DROP

To save our configuration run
#iptables-save
#iptables-save > myrules
edit /etc/network/interfaces using nano and add the following lines at the bottom of the file.
pre-up /sbin/iptables-restore
and save. your firewall configuration is now finished.  your iptables log will be in /var/log/kern.log. If you want to have a custom logging file instead of kern.log then create a file in /etc/ryslog.d with the name iptables.conf
with the following content
:msg, contains, "Iptables dropped: "-/var/log/iptables.log  
& ~
and save the file. Create an empty file iptables.log in /var/log it will now begin to log in /var/log/iptables.log.

# - means root shell.

I gathered all these configuration from the internet and debian forums here are the links  for further information

1. http://forums.debian.net/viewtopic.php?f=16&t=117514
2. http://forums.debian.net/viewtopic.php?f=16&t=16166&hilit=firewall
3. http://sharadchhetri.com/2013/06/15/how-to-protect-from-port-scanning-and-smurf-attack-in-linux-server-by-iptables/
4. http://hakersparadise.blogspot.in/2012/05/using-ip-tables-in-linux-to-secure.html
5. http://unix.stackexchange.com/questions/88994/help-configuring-a-custom-log-file-for-iptables
6. http://www.thegeekstuff.com/2012/08/iptables-log-packets/

Also check this tutorial it is based on iptables frontend called arno iptables firewall.
7. http://cosmolinux.no-ip.org/raconetlinux2/arno_iptables_firewall.html