Secure Erase SSD in Linux

Original Article:

Step 1 – Make sure the drive security is not frozen

Issue the following command:

# hdparm -I /dev/sdX

Step 2 – Enable security by setting a user password

Note: When the user password is set the drive will be locked after next power cycle denying normal access until unlocked with the correct password.

Any password will do, as this should only be temporary. After the secure erase the password will be set back to NULL. In this example, the password is “PasSWorD” as shown:

# hdparm --user-master u --security-set-pass PasSWorD /dev/sdX
Issuing SECURITY_SET_PASS command, password="PasSWorD", user=user, mode=high

As a sanity check, issue the following command

# hdparm -I /dev/sdX

The command output should display “enabled”:

        Master password revision code = 65534
        not     locked
        not     frozen
        not     expired: security count
                supported: enhanced erase
        Security level high

Step 3 – Issue the ATA Secure Erase command

Warning: Triple check that the correct drive designation is used. There is no turning back once the command is confirmed. You have been warned.
# hdparm --user-master u --security-erase PasSWorD /dev/sdX

Wait until the command completes. This example output shows it took about 40 seconds for an Intel X25-M 80GB SSD.

Issuing SECURITY_ERASE command, password="PasSWorD", user=user
0.000u 0.000s 0:39.71 0.0%      0+0k 0+0io 0pf+0w

The drive is now erased. After a successful erasure the drive security should automatically be set to disabled (thus no longer requiring a password for access). Verify this by running the following command:

# hdparm -I /dev/sdX

The command output should display “not enabled”:

        Master password revision code = 65534
        not     enabled
        not     locked
        not     frozen
        not     expired: security count
                supported: enhanced erase

How to Setup Webmin 1.620 using YUM repository on CentOS 6.4


This post will brief you on how to setup Webmin 1.620 using yum repository in CentOS 6.4 virtual private server (VPS). Webmin is an open source system administration and system configuration tool which provide you web-based interface to manage, administer and configure your CentOS VPS or dedicated server through web browser. It’s provide graphical interface remote administration instead of manually edit the configuration using command line from putty or console. 1. Enabling Yum repository for Webmin. Create the /etc/yum.repos.d/webmin.repo file containing :

[root@centos64 ~]# vi /etc/yum.repos.d/webmin.repo
name=Webmin Distribution Neutral

2. Fetch and install my GPG key :

[root@centos64 ~]# wget
[root@centos64 ~]# rpm --import jcameron-key.asc

3. Run “yum install” command to install all required dependencies :

[root@centos64 ~]# yum install webmin -y

Example :

[root@centos64 ~]# yum install webmin -y
Loaded plugins: fastestmirror
Loading mirror speeds from cached hostfile
 * Webmin:
 * base:
 * extras:
 * updates:
Setting up Install Process
Resolving Dependencies
--> Running transaction check
---> Package webmin.noarch 0:1.620-1 will be installed
--> Finished Dependency Resolution

Dependencies Resolved

 Package                Arch                   Version                 Repository              Size
 webmin                 noarch                 1.620-1                 Webmin                  21 M

Transaction Summary
Install       1 Package(s)

Total download size: 21 M
Installed size: 21 M
Downloading Packages:
webmin-1.620-1.noarch.rpm                                                    |  21 MB     04:09
Running rpm_check_debug
Running Transaction Test
Transaction Test Succeeded
Running Transaction
  Installing : webmin-1.620-1.noarch                                                            1/1
Operating system is CentOS Linux
Webmin install complete. You can now login to http://centos64.ehowstuff.local:10000/
as root with your root password.
  Verifying  : webmin-1.620-1.noarch                                                            1/1

  webmin.noarch 0:1.620-1


4. By default Webmin runs on port 10000, therefore port 10000 need to be open in order to allow you to access web base interface remotely.

[root@centos64 ~]# vi /etc/sysconfig/iptables

Add the following rule to existing iptables firewall :

-A INPUT -m state --state NEW -m tcp -p tcp --dport 10000 -j ACCEPT

Restart IPtables :

[root@centos64 ~]# service iptables restart

5. Access and login to Webmin using URL http://serveripaddress:10000/

U.S. Robotics v.92 external init string

U.S. Robotics

For instructions on how to physically connect it and for general configuration instructions, see the documentation that came with the modem.

Set the DIP switches on the modem to match the settings listed in the table below.

U.S. Robotics External Modem Switch Settings Switch Setting Function 

  1. OFF (Up) DTR (Data Terminal Ready) override
  2. OFF (Up) Result codes
  3. ON (Down) Result codes
  4. OFF (Up) Keyboard command echo
  5. ON (Down) Auto answer
  6. OFF (Up) CD (Carrier Detect) override
  7. ON (Down) Power-on and ATZ reset factory defaults
  8. ON (Down) AT command recognition


Initialization Strings:

When using a US Robotics modem, I have found the best initialization strings are:

Using Caller ID AT&F1&N6S0=2#CID=1
Without Caller ID AT&F1&N6S0=1
Error Correction Disabled* AT&F1&M0&K0&N6S0=1
If you need to connect to older systems using TN1648 boards (2400 baud) you need to turn off error control (ARQ) by adding &M0 to the string like: AT&F1&N6&M0&K0S0=1


Retrieve, View or Display Wireless WEP or WPA WiFi Network Security Key or Password in Windows 7 « My Digital Life

Retrieve, View or Display Wireless WEP or WPA WiFi Network Security Key or Password in Windows 7 « My Digital Life.



Retrieve, View or Display Wireless (WEP or WPA WiFi) Network Security Key or Password in Windows 7

Windows 7, like its predecessors, remembers and saves (on user consent) the network security key or password on first connection to a secured wireless (WiFi) network which is protected by WEP, WPA or WPA2, so that Windows 7 can automatically authenticate, sign in and connect to the Internet through the wireless access point or WiFi hotspot on every system startup.

For many reason, end users may want to retrieve or view the WEP, WPA or WPA2 protected wireless network security key. For example, lost or forgotten administrator password making it impossible to view the serial key on the Wi-Fi wireless gateway or router, or need to setup new computer to access the Internet through same wireless network adapter or Wi-Fi hotspot.

The quickest way to get the network security key for an existing wireless connection, of course, is from the PC or computer which is currently connected to the wireless network. Although the network security key is saved and stored in local Windows computer, Windows OS does not provide an easy way to retrieve, view or display the network security key or password on screen, in plain text and not hidden as asterisk, until Windows 7.

How to Recover, Retrieve, Show or Display Network Security Key for WEP, WPA or WPA2 Protected Secure Wireless Network in Windows 7

  1. Go to Control Panel -> Network and Internet -> Network and Sharing Center.
  2. Click on Manage wireless networks on the left pane.
  3. A list of wireless networks that the PC used to connect to with saved password or security key. Click to highlight on a wireless network connection that user wants to view its network security key, and the right click on it and select Properties.

  4. Click on Security tab.
  5. The network security key for the wireless network is hidden by asterisk by default. Instead of usingutilities to reveal, display or show original characters of password or key hidden behind asterisks, click on Show characters button to reveal and display the actual original network security key on screen.

Howto: Build a Windows Server 2003 R2 VMware Template | Mike’s Realm

Howto: Build a Windows Server 2003 R2 VMware Template | Mike’s Realm.





With how many hits my 2008 R2 walkthrough got, I figured it was about time I do one for 2003 R2.

Remember to setup vCenter for Guest Customizations by placing the sysprep files for all the various versions of Windows in the proper locations, refer to this VMware KB Article for locations and instructions: VMware KB:1005593

Give your feedback, if you don’t agree with something let me know!

Things you may need to keep out of your templates: (research your particular product)

  • Anti-Virus Agents
  • Systems Management Clients (LANDesk, Altiris, SMS, SCCM, etc.)

This is how I put together Windows Server 2003 R2 VMware Templates:

Build a VM with these specs:

Disk – C: 30Gb (Thin Provisioned)
Memory 1024 MB
Network Adapter 1 VMNET 3

Then follow this procedure:

Task Notes/Reasoning
Mount Windows 2003 R2 ISO How else are you going to install? (anyone still using RIS out there?)
Boot to CD Drive
Format drive as NTFS Why would you want to go with FAT32?
Reboot when prompted Required reboot to start the actual install
Set Regional & Languages Options as you see fit I can’t answer these questions for you
Set your licensing options Most folks go with Per Device Licensing, you can always choose Per Server and change to Per Device (only allowed to do once) read this technet article for more info
Name Computer Win2k3-R2-E-Template This is just personal preference, when you deploy the VM your guest customization will rename it to whatever you want anyway
Set Description: “VMware Template” Let AD know this is a VM
Set Administrator password
Set Time & Time Zone Time is important
When install is complete, login
Mount Disc 2 when asked and let it run through it’s process
Install VMware Tools Fix that laggy mouse and gain the additional benefits
Set Hardware Acceleration to Full This will also go further in fixing that mouse lag
Install SNMP Services (SNMP Service, SNMP WMI Provider) Most people have some kind of network monitoring that will take advantage of the additional info SNMP will provide
Configure SNMP:
Contact: Help Desk
Location: VMware
Services: Physical, Applications, End-to-end
This is SysContact, SysLocation and SysServices (as defined by RFC1213)- these are picked up by alot of network monitoring tools, letting them know it’s virtual without having to nmap or otherwise find the NICs mac and see it’s VMware is nice
Disable Windows Firewall You can turn it back on and punch your holes later
Enable Remote Desktop So server admins can remote in later when this suckers deployed
Install Windows Update So we can obtain all those patches….
Configure IE:

  • Home page: about:blank
  • Set Google as default search
  • Remove Bing
  • Remove all Accelerators
  • Configure Advanced Settings
    • Disable Show friendly HTTP error messages
    • Enable Empty Temporary Internet Files folder when browser is closed
These are what I like, home pages slow down IE loading, when I’m just going to navigate elsewhere, Google > Bing, Kill Bing, Remove accelerators–because we aren’t mapping or blogging from our servers…, and advanced settings, ensure temp files are cleared when you exit IE, and turn off those friendly HTTP errors
Adjust visual effects for performance Save some CPU, removes the unnoticable fancy stuff, window shadows, cursor shadows, etc.
Lower Boot Menu timeout to 5 seconds In case something else ends up in the boot menu, don’t want reboots to take longer then they have to…oh and this won’t survive sysprep anyway…
Modify Folder Options to:

  • Enable Show hidden files, folder, and drives
  1. Disable Hide extensions for known file types
  2. Disable Hide protected operating system files
  3. Enable Display the full path in the title bar
This is all self explanatory no?
Set Control Panel to Large Icons Not even sure if this survives sysprep
Set Windows Update to Never check for updates This won’t survive sysprep but is required so you can check for updates
Windows Update -> Check for updates Uncheck IE Updates/Anti-Malware from IE8 Setup
Apply Updates
Restart (required for Windows Updates)
Log in
Windows Update -> Check for updates Select just the TS Client upgrade (must be done seperate)
Windows Update -> Check for updates
Apply Updates
Windows Update -> Check for updates
Apply Updates
No more updates required to apply–Did not apply:

  1. .NET Framework 4.0
  2. Windows Search 4.0
  3. IE8 Compatibility View List
I don’t put any of these updates into images (.NET 4.0 can present problems, you can always install it if required on a per machine basis, but not hose up the works on every other VM that likely won’t need it.
Configure IE ESC to be disabled for Administrators Admins are going to do this anyway…
Install BGInfo to C:BGInfo
Create Shortcut with switches in C:ProgramDataMicrosoftWindowsStart MenuProgramsStartup
BGInfo is your friend! – click here for more info on BGInfo
Delete desktop.ini file on desktop House keeping before defrag
Empty C:Documents and SettingsAdministratorLocal SettingsTemp House keeping before defrag
Disable Hibernation via powercfg.exe -h off (deletes hiberfile.sys) Our servers aren’t going to hibernate
Disable Screensaver Save those CPU Cycles
Disable Paging Don’t be afraid, this is to defrag as much as possible
Restart (required for disabling paging)
Defrag C: Optimize everything
Renable Paging self explanatory…
Change sound profile to no sounds Save every ounce of CPU
Create temp user and add to local administrators group This is the beginning of the h4x!
Log out because your going to login with the temp account
Log in as temp user mkay…
Copy Administrator Profile to Default Profile Now you see why we made that temp account, some people use sysprep to do this–I just do it like this though
Log out
Log in as admin user mkay…
Delete temp user
Restart required to delete locked temp user profile bits
Log in as Administrator
Delete temp user profile
Test IE and verify settings An update may have botched your IE settings, so double check!
Disable Indexing on C: This is really a performance thing, and is augmented further by virtualization, imagine your VMs sitting idle indexing the C: drive, awesome use of CPU cycles!
Disable all visual effects Again save those CPU cycles!
Disable the pre-logon screensaver via regkey: set HKEY_USERS.DEFAULTControl PanelDesktopScreenSaveActive: 0 Another thing to save CPU cycles!
Shutdown Bye guys
Detach ISO Ya…
Convert to Template Mkay…

Build your Guest Customization Specification with these RUNONCE commands

reg add “HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionWindowsUpdateAuto Update” /v AUOptions /t REG_DWORD /d 1 / Disable automatic updates (does not survive sysprep)
bootcfg /timeout 5 Set bootmenu timeout to 5 seconds (does not survive sysprep)
powercfg.exe -h off Turn off Hibernation (does not survive sysprep)

How to Configure Static IP Address on CentOS 6.3 Linux Host

This post shows the steps to configure static ip address, default gateway, netmask, dns server and make a network auto start at boot on linux CentOS 6.3 host normally configured with static ip address, so that easier to maintain the configuration on it’s client and DNS server will always able to resolve it.


1. Configure eth0:

[root@centos ~]# nano /etc/sysconfig/network-scripts/ifcfg-eth0

2. Configure Default gateway:

[root@centos ~]# nano /etc/sysconfig/network

4. Configure DNS server :

[root@centos ~]# nano /etc/resolv.conf

Tip, If after a reboot the interface is still not working, you may need to delete the 70-persistent-net.rules file from /etc/udev/rules.d

Luka’s tech blog: Virtualizing Windows 2000 server P2V

Luka’s tech blog: Virtualizing Windows 2000 server P2V.

UPDATE: Original site is now GONE!


Luka’s tech blog

I’ll try to post as many as possible solutions to the problems I encounter at my dally work as an IT systems engineer.

12 DECEMBER 2010

Virtualizing Windows 2000 server (P2V)

Last week a customer called and said that a disk died in an old Dell PowerEdge 1500SC server with Windows 2000 installed. Since this is a really old server, my estimation is about 8 years, the best solution was to virtualize it. This was also my suggestion for the customer. They agreed and I started working.At the beginning I didn’t prepare much since I made numerous P2V migrations with VMware Converter in my career without any problems, but none of it involved Windows 2000. I prepared server and network like I usually do:
– I checked latest full server backup.
– Installed and connected temporary Gigabit switch (pluged in server and my laptop which have VMware vCenter Converter Standalone Client installed).
– Wrote down IP settings (ipconfig /all).
– Stopped / disabled all unnecessary services and wrote down their names and startup type. We wanted to control services startup. I also stopped and disabled all Dell management agents and AV software.After server was prepared I started VMware Converter and run P2V wizard as described in my previous blog.During this wizard I was asked to point to newer version of Scsiport.sys file. My current version was 5.0.2195.7017 and I needed 5.0.2195.7059. I started searching and found it on some other W2k server. I pointed a wizard to this file and moved forward. After two hours server was virtualized and ready to start.

Before booting virtual machine I always change Power On Boot Delay parameter to value 9000 in Virtual Machine Properties. I do it because I don’t like catching ESX at boot to choose whatever boot parameter I need.
Dammit, Blue Screen or so called BSOD! It says STOP: 0x0000001E (0xC0000005,0x804a6467,0x00000000,0x000000B0).

I checked on Google and quickly found out that the problem is in Scsiport.sys driver. Quote from MS KB904374: “This problem occurs because of a code problem in the Scsiport.sys driver that is included in Update Rollup 1 for Windows 2000 SP4”. I also found this two other links: KB Article 1879 and KB Article 1005208.

Here is few suggestions for solving this issue that I found but didn’t help:
1. Injecting SCSI controller device drivers into Windows (VMware KB 1005208). I tried it and it didn’t help.
2. I also tried changing Scsiport.sys with some older and newer versions and didn’t help either. I did this by booting virtualized server from Ultimate Boot CD and copying the files to proper location on server’s hard disk.
3. I downloaded and extracted Hotfix from KB904374 and copied files to virtualized server. Didn’t help.
4. I changed SCSI controller from BusLogic to LSI Logic and got different error “STOP 0x0000007B INACCESSIBLE_BOOT_DEVICE”.

The solution that worked was:
1. I installed hotfix from KB904374 to original server.
2. I also installed VMware SCSI controller driver to original server. I did this:
a. Download the VMware SCSI Disk Controller driver floppy.
b. Extract with vmscsi- with 7zip to original server.
c. Start “Add new hardware” from Control panel.
d. Add new SCSI device and point to extracted files.
3. Repeat server prepare steps and start P2V wizard from VMware Converter.
4. Boot virtualized server and “Voila” Windows 2000 virtualized server is now booting.

After successful first boot I prepared virtualized machine as described in my previousblog.

Next time I’ll do P2V of something for the first time I’ll probably Google first 😉

This is it. Have fun!