Create USB boot flash for win 7

Here are the steps:

1. Run a command prompt with admin privileges
2. Run diskpart
3. Use "list" to list detected disks and select the proper one by using "select disk #". It should be easy to know the exact disk number you are going to use by checking the size of the disk.
   • "clean" - remove partitions
   • "create partition primary"
   • "select partition 1"
   • "active"
   • "fornat fs=ntfs quick" - in case you would not like quick format, just remove it.
   • "assign" - give it a drive letter
   • "exit"
4. Insert your Windows 7 installation disc into the DVD-ROM. Suppose the DVD-ROM is located at drive D: and the USB disc is located at drive E:, run the below commands in the command prompt:
   • "d:"
   • "cd d:\boot"
   • bootsect /nt60 e:
   If everything is find, you should see something like "Successfully updated NTFS filesystem bootcode."
5. Copy all content on the Windows DVD disc to the USB drive. The autorun.inf can be ignored if your antivirus software does not like it.

That's all. Try to boot your computer with the USB drive and enjoy.

Make an "Unidentified Network" in Windows 7 as a private network

The place of an unidentified network in Windows 7 is by default set to public. To make unidentified network as a private network, follow the following steps:

1. Control Panel -> Administrative Tools -> Local Security Policy
2. Network List Manager Policies -> Unidentified Network
3. Set Location Type to Private
4. Optionally, set User permissions to a preferred one

Ubuntu: Disable GDM

Here is an elegant way to disable GDM in Ubuntu

(as root) update-rc.d -f gdm remove

If you want it back:

(as root) update-rc.d -f gdm defaults

Add "Edit with Vim" into Windows 7 context menu

Ref: http://davidvielmetter.com/?p=1094

Two solutions are provided by David:

1) Edit the registry

Save the following content as a .reg file and merge with your registry

---8<---8<---8<---8<--- cut here ---8<---8<---8<---8<---

Windows Registry Editor Version 5.00

[HKEY_CLASSES_ROOT\*\shell\Edit with Vim]

[HKEY_CLASSES_ROOT\*\shell\Edit with Vim\command]

@="C:\\Program Files (x86)\\Vim\\vim72\\gvim.exe \"%1\""

---8<---8<---8<---8<--- cut here ---8<---8<---8<---8<---

2) Vim as a "send to" target

Place the link of the "gvim.exe" into

C:\Users\\AppData\roaming\microsoft\windows\SendTo

Netfilter: Look up real destination IP address and port number after NATed

A user space server (or proxy daemon) may need to know the original IP address and port number of a connection before the connection is NATed (usually port redirection). This can be done easily with Netfilter/Linux. The steps are:

1. accept() a new connection: c = accept(s, (struct sockaddr*) &sin, &sinlen)
2. getsockopt(c, &sin, SOL_IP, SO_ORIGINAL_DST, &sin, &tsinlen).

The original destination IP address and port number can be then extracted from sin.sin_addr and sin.sin_port.

Compile Snort with large file support on Linux

Add these environment variables when running the configure script:

CFLAGS="-D_LARGEFILE_SOURCE -D_LARGEFILE64_SOURCE -D_FILE_OFFSET_BITS=64" ./configure ...

The built snort will be able to read trace files greater than 2GiB.

Modify Netfilter Packet Flow

We can often find the default netfilter packet flow from the following figure (although it's a little bit out dated ...):

(Source: http://l7-filter.sourceforge.net/PacketFlow.png)

You may wish to change the position of these blocks (hooks). It is not really complex to do that. As we can find the priority of these hooks in (kernel-source)/include/linux/netfilter_ipv4.h (if you'd like to modify other address families, just find the corresponding header files). Simply add new priorities into the enumeration of nf_ip_hook_priorities and then modify the table registration data structure, e.g., the mangle table registration is done in (kernel-source)/net/ipv4/netfilter/iptable_mangle.c.

Suppose we are going to move the "mangle" table before "nat" table in the POSTROUTING chain. The steps are:

1. Add a new priority, say NF_IP_PRI_POST_MANGLE = 150 into the nf_ip_hook_priorities enumeration.
2. Modify the ipt_ops data structure in iptable_mangle.c so that the priority of that hook in POSTROUTING chain is set to the newly added NF_IP_PRO_POST_MANGLE.

Recompile your kernel and everything is done! Just remember that a hook with a lower priority number will be placed earlier in the chain.