¹¤¾ß¹âÅÌÖÆ×÷±Ê¼Ç
´´½¨Ê±¼ä£º2003-06-02
ÎÄÕÂÊôÐÔ£ºÔ­´´
ÎÄÕÂÌá½»£ºsan (san_at_xfocus.org)

Ò»¡¢Öعàknoppix

knoppixÊÇÒ»¸ö»ùÓÚdebianµÄÔÚ¹âÅÌÔËÐеÄlinux£¬¹ØÓÚknoppixÖØж¨ÖÆÍøÉÏÓкܶàÎÄÕÂÁË£¬ÎÒÆäʵֻÊÇ×Ô¼º×öµÄ¼Ç¼¶øÒÑ¡£

1¡¢½â°üISO

ûÓпÕÓàµÄ»úÆ÷»ò¿ÕÓàµÄ·ÖÇø£¬Ö»ÄÜÓÃÐéÄâ»úÀ´ÕÛÌÚ¡£ÔÚVPCÉÏÌí¼ÓÒ»¸öеÄlinuxϵͳ£¬Ñ¡ºÃÄÚ´æ´óС£¬Ó²ÅÌÓ³ÏñÎļþ£¬È»ºóÆô¶¯Õâ¸öϵͳ£¬Ôڲ˵¥CD -> Capture Image...Ñ¡ÔñKNOPPIX_V3.2-2003-05-03-EN.iso¾Í¿ÉÒÔÁË¡£

Æô¶¯Ñ¡ÏîÊäÈëknoppix 2½øÈë×Ö·ûģʽ£¬ÓÃfdisk¸ø/dev/hda·ÖÒ»¸öÇø£¬5¸öGÓ¦¸Ã×ã¹»£¬È»ºóÓÃmkfs.ext2¸ø/dev/hda1´´½¨Îļþϵͳ¡£ÔÙ°ÑÕâ¸ö·ÖÇømountÉÏ£º

# mount -o rw /dev/hda1 /mnt/hda1

½¨Á¢¹¤×÷Ŀ¼£º

# mkdir /mnt/hda1/knx
# mkdir -p /mnt/hda1/knx/master/KNOPPIX
# mkdir -p /mnt/hda1/knx/source/KNOPPIX

Èç¹û»úÆ÷ûÓÐ×ã¹»ÄÚ´æÓ¦¸Ã½¨Á¢Ò»¸öswapÎļþ£¬ÒòΪ×îºóѹËõÎļþϵͳµÄʱºò»áÔÝʱ°ÑѹËõÎļþдÈëÄڴ棺

# cd /mnt/hda1/knx ; dd if=/dev/zero of=swapfile bs=1M count=750 ; mkswap swapfile ; swapon swapfile

¿½±´knoppixÎļþ£¬cpµÄp²ÎÊýÊDZ£³ÖÎļþµÄËùÓÐÊôÐÔ£¬ÕâÀïµÄ¿½±´»á³ÖÐø±È½Ï³¤Ê±¼ä¡£

# cp -Rp /KNOPPIX/* /mnt/hda1/knx/source/KNOPPIX

ÒÔϵĿ½±´ÊÇΪÁËÖØбàÒëÄÚºËÒÔºó£¬ÖØ×öisoÒÔÐÂÄÚºËÆô¶¯¡£·ñÔòÖ»Ð追±´boot.img¾Í¿ÉÒÔÁË¡£

# cd /cdrom/KNOPPIX
# cp boot.img boot.cat KNOPPIX /mnt/hda1/knx/master/KNOPPIX

½øÈëchroot»·¾³¶Ôknoppix½øÐдóµ¶À«¸«µÄ²Ã¼ôÁË£º

# chroot /mnt/hda1/knx/source/KNOPPIX

2¡¢²Ã¼ôºÍÌæ»»

½øÈëchroot»·¾³ºó£¬mountÉÏproc£º

# mount -t proc /proc proc

ÅäÖúÃÍøÂç×¼±¸¾ÍÐ÷¡£ÓÉÓÚÊÇ»ùÓÚdebian*×÷ϵͳµÄ£¬ËùÓеÄÈí¼þ°ü¶¼Í¨¹ýaptϵͳÀ´Î¬»¤£¬ËùÒÔ¿ÉÄÜÐèÒªÐÞ¸Ä/etc/apt/sources.listÎļþ£¬Ê¹ÓÃËٶȽϿìµÄ¾µÏñÕ¾µã¡£

È»ºóÓÃapt-get --purge remove programµÄÃüÁʽɾ³ý²»ÐèÒªµÄ¶«¶«£¬¼õÉÙ¿Õ¼ä¿ÉÒÔ×°ÆäËû×Ô¼ºÏëÒªµÄ¶«¶«¡£/usr/share/docÕâ¸öĿ¼µÄ¶«Î÷Ò²±È½Ï´ó£¬100¶àM£¬Ò²¶çÁË¡£

ͨ¹ýÖ´ÐÐdeborphan¿ÉÒÔÕÒµ½Ò»Ð©²»ÔÙ¹ØÁªµÄ°ü£¬ÕâЩҲ¿ÉÒÔ°²È«µÄɾ³ý¡£

ÓÉÓÚÏ£ÍûknoppixÊʺÏhoneynet GenIIµÄÍøÇÅ£¬±ØÐë¸øÄں˴ò²¹¶¡£º

# apt-get install kernel-source-2.4.20
# apt-get install kernel-patch-xfs
# wget http://users.pandora.be/bart.de. ... .003_vs_2.4.20.diff
# wget http://users.pandora.be/bart.de. ... against-2.4.20.diff
# tar jxf kernel-source-2.4.20.tar.bz2
# cp linux/.config kernel-source-2.4.20/ # rm linux
# ln -s kernel-source-2.4.20 linux
# cd linux
# ../kernel-patches/all/apply/xfs
# patch -p1 < ../ebtables-v2.0.003_vs_2.4.20.diff
# patch -p1 < ../bridge-nf-0.0.10-against-2.4.20.diff

ÎÒÃÇʹÓÃÁËknoppixµÄÄÚºËÅäÖÃÎļþ.config£¬ÕâÀïҪעÒâµÄÊÇebtablesµÄ²¹¶¡Ò»¶¨ÒªÔÚbridge-nf´ò£¬·ñÔò»á³ö´íÎó¡£

# make menuconfig

ÔÚÄÚºËÑ¡ÏîÀïÒª°Ñ802.1d Ethernet Bridging¼°Ïà¹ØÑ¡ÏîÑ¡ÉÏ£¬ÆäËûµÄ¿ÉÒÔ¸ù¾Ý×Ô¼ºµÄÐèÇó¸ü¸Ä¶¨ÖÆ£¬Ö´ÐÐÍêÕâÒ»²½´òÉÏknoppixµÄÄں˲¹¶¡£º

# patch -p1 < ../knoppix-kernel.patch

È»ºó±àÒëÄںˣº

# make dep
# make bzImage
# make modules
# make moduels_install

±àÒëÄ£¿éÐèÒª²»ÉÙʱ¼ä¡£°²×°ÍêÒÔºó¿ÉÒÔ°ÑkonippixÔ­À´ÄÚºËÏà¹ØµÄ¶«Î÷ɾ³ý£º

# rm -rf /usr/src/linux-2.4.20-xfs
# rm -rf /lib/modules/2.4.20-xfs
# rm -rf /boot/*
# rm /vmlinuz

°ÑеÄÄں˿½¹ýÈ¥£º

# cp System.map /boot/System.map-2.4.20
# cp arch/i386/boot/bzImage /boot/vmlinuz-2.4.20
# cd /boot
# ln -s System.map-2.4.20 System.map
# ln -s vmlinuz-2.4.20 vmlinuz
# cd / # ln -s boot/vmlinuz-2.4.20 vmlinuz

±ØÐëÓÃÐÂÄÚºËÖØбàÒëcloop.oÄ£¿é£º

# cd /tmp
# wget http://www.knopper.net/download/knoppix/cloop_0.68-2.tar.gz
# tar xzf cloop_0.68-2.tar.gz
# cd cloop-0.68
# make KERNEL_DIR=/usr/src/linux

ÓÉÓÚknoppixͨ¹ýboot.imgÀ´Æô¶¯ÏµÍ³£¬±ØÐëÐÞ¸ÄÖ®£¬°´ALT+F2½øÈëÁíÍâÒ»¸ö·ÇchrootµÄshell£¬°Ñboot.img¿½¹ýÀ´£º

# cp /mnt/hda1/knx/master/KNOPPIX/boot.img /mnt/hda1/knx/source/KNOPPIX/var/tmp

ÔÚchrootµÄshell»·¾³Ï½øÐÐÐ޸ġ£

# cd /tmp
# mkdir boot mroot
# mount boot.img boot -t msdos -o loop=/dev/loop0
# cp boot/miniroot.gz .
# gzip -d miniroot.gz
# mount miniroot mroot -t ext2 -o loop=/dev/loop1
# cp /tmp/cloop-0.68/cloop.o /tmp/mroot/modules/
ÓÉÓÚÎÒµÄÄں˽ϴó£¬Ë÷ÐÔ°Ñscsi¹âÇýÖ§³ÖÈ¥µô£¬ÕâÑùÆô¶¯µÄʱºòËÙ¶ÈÒ²»á¿ì²»ÉÙ£º

# rm -rf /tmp/mroot/modules/scsi

ÐÞ¸Ä/tmp/mroot/linuxrc£¬ÉèÖÃSCSI_MODULES=""¡£

Æäʵ¿ÉÒÔÓÃwinimage°Ñboot.imgÀ©´ó£¬ÄÇôÕâЩ¶«Î÷¾Í¿ÉÒÔÇáÒ׵ķÅÈ룬Óöà¸öÆô¶¯Ó³ÏñÎļþ£¬¶àÒ»ÖÖÑ¡Ôñ¸üºÃ¡£×¢ÒâÓ³ÏñÎļþÃûҪʹÓÃ8.3¸ñʽ£¬ºóÃæÌáµ½µÄdiskemuÖ»ÄÜʹÓÃÕâ¸ö¸ñʽ¡£

°Ñminiroot´ò°ü»ØÈ¥£º

# umount /tmp/mroot
# gzip -9 miniroot
# cp miniroot.gz boot/
°ÑеÄÄÚºËÓ³ÏñÒ²¿½»ØÈ¥£º

# cp /boot/vmlinuz-2.4.20 /tmp/boot/vmlinuz

ÐÞ¸Ä/tmp/bootĿ¼ÏÂsyslinux.cfgÎļþµÄDEFAULT vmlinuzÉèÖ㬰Ñlang=us¸ÄΪlang=cn 2£¬°ÑÏÂÃæËùÓеÄlang=us¸ÄΪlang=cn¡£ÕâÑùknoppixÖØÐÂÆô¶¯µÄʱºòĬÈÏ°ÑÓïÑÔÊôÐÔ¸ÄΪÖÐÎÄ£¬¶øÇÒĬÈÏʹÓÃ×Ö·ûģʽ£¬Ã»ÓбØÒªÒ»Æô¶¯¾Í½øÈëxwindow¡£

»¹¿ÉÒÔÐÞ¸Ä/tmp/bootϵÄboot.msg¡¢f2¡¢logo.16Õ⼸¸ö±ê¼Ç¡£Õâ¸öеÄboot.img¾Í¿ÉÒÔ°ÑknoppixÒýµ¼µ½ÐµÄÄںˣ¬ÏÈÖØйà×°£¬È»ºóÔÚеÄÄÚºËÏ°²×°ÓëÄÚºËÏà¹ØµÄÇý¶¯¡£Í˳öchroot»·¾³£¬ÓÃеÄboot.imgÖØÐ*Æ×÷iso£º

# cp /mnt/hda1/knx/source/KNOPPIX/var/tmp/boot.img /mnt/hda1/knx/master/KNOPPIX/boot.img
# cd /mnt/hda1/knx/
# mkisofs -pad -l -r -J -v -V "KNOPPIX" -b KNOPPIX/boot.img -c KNOPPIX/boot.cat -hide-rr-moved -o /mnt/hda1/knx/knoppix.iso /mnt/hda1/knx/master

ÖÆ×÷isoËٶȱȽϿ죬°Ñ/mnt/hda1/knx/knoppix.iso´«µ½×Ô¼ºµÄϵͳÀïÃ棬ȻºóÓÃÕâ¸öisoÆô¶¯ÐéÄâ»ú¡£

3¡¢¸üкͰ²×°ÐµÄÇý¶¯

ÖØÐÂÆô¶¯ºó¿ÉÒÔÓÃuname -a¿´¿´ÊÇ·ñÒѾ­ÊÇÐÂÄںˡ£

ÔöÇ¿¶ÔÎÞÏßÍø¿¨µÄÖ§³Ö¡£Ä¬ÈÏlinuxÊDz»Ö§³ÖatmelоƬµÄÎÞÏßÍø¿¨£¬ÐèÒªÁíÍâ°²×°£¬ÕâÀïʹÓÃÊǷǹٷ½·¢²¼°æ±¾£º

# chroot /mnt/hda1/knx/source/KNOPPIX
# cd /tmp
# wget http://atmelwlandriver.sourcefor ... -ss-20030507.tar.gz
# tar xzf atmelwlandriver-ss-20030507.tar.gz
# cd atmelwlandriver
# make config
Build all [y/N] <-- ÕâÀïÑ¡y°ÑËùÓеÄÇý¶¯¶¼±àÒëÁË¡£
# make all
# make install

¶ÔÓÚorinocoµÄÇý¶¯linux×Ô´øÄÚºËÄ£¿é£¬µ«Ä¬ÈϵÄÇý¶¯²»Ö§³ÖÎÞÏßÍø¿¨µÄmonitorģʽ£¬airsnortÖ÷Õ¾ÌṩÁËÏàÓ¦²¹¶¡£¬¿ÉÒÔͨ¹ý¸øpcmcia-cs´ò²¹¶¡£¬Ò²¿ÉÒÔͨ¹ý¸øorinocoÇý¶¯´ò²¹¶¡£¬ÕâÑù¸ü¼òµ¥Ò»Ð©£º

# cd /tmp
# wget http://ozlabs.org/people/dgibson/dldwd/orinoco-0.13b.tar.gz
# wget http://airsnort.shmoo.com/orinoco-0.13b-patched.diff
# tar xzf orinoco-0.13b.tar.gz
# cd orinoco-0.13b
# patch -p1 < ../orinoco-0.13b-patched.diff
# make
# make install

linux-wlan-ngµÄÇý¶¯Ò²¸üÐÂһϣº

# cd /tmp
# wget ftp://ftp.linux-wlan.org/pub/lin ... g-0.2.1-pre5.tar.gz
# tar xzf linux-wlan-ng-0.2.1-pre5.tar.gz
# cd linux-wlan-ng-0.2.1
# make config <-- ÕâÀï¿ÉÒÔ»ù±¾ÉÏ°ÑËùÓеÄÇý¶¯¶¼¼ÓÉÏ
# make all
# make install

prismµÄоƬҲÄÜʹÓÃorinocoµÄÇý¶¯£¬Èç¹ûÈ·ÈÏһЩÍø¿¨Ê¹ÓõÄÊÇprismоƬ¿ÉÒÔÐÞ¸Ä/etc/pcmcia/configÎļþ£¬Ê¹ÓõÄÇý¶¯¸Äһϣ¬±ÈÈçCompaq WL100µÄÍø¿¨Ô­À´Ê¹ÓÃorinocoµÄÇý¶¯£¬¿ÉÒÔ°ÑËü¸Ä³É£º

bind "prism2_cs"

ÕâÑù²åÈëCompaq WL100µÄÍø¿¨¾Í»áʹÓÃlinux-wlan-ngµÄÇý¶¯£¬ÆäËüµÄÍø¿¨Ò²¿É×öÀàËÆÐ޸ģ¬µ«ÄãµÃÖªµÀÍø¿¨Ê¹ÓõÄоƬ¡£

4¡¢xwindow×ÀÃæ»·¾³µÄÐ޸ĺͺº»¯

KNOPPIXĬÈÏʹÓÃKDE×÷Ϊ×ÀÃæ»·¾³£¬ÕâʵÔÚÌ«´óÁË¡£³ýÁËfluxbox¡¢wmake¡¢twm£¬É¾³ýÁËÆäËüËùÓÐ×ÀÃæ»·¾³£¬fvwmÒ²ÊǷdz£²»´íµÄ£¬Ö±½ÓÓÃapt°²×°¡£Ê¹ÓÃfluxbox×÷ΪĬÈϵÄ×ÀÃæ¡£ÊäÈ뷨ʹÓÃfcitx£¬·Ç³£²»´í£¬¶øÇÒÒѾ­½øÁËdebianµÄsid£¬ÒÔºó¸üоͷ½±ãÁË¡£ÐÞ¸Ä/etc/init.d/knoppix-autoconfigµÄ1026Ðи½½ü¹ØÓÚDESKTOP±äÁ¿µÄ¸³Öµ¸ÄΪÈçÏ£º

# Also read desired desktop, if any
DESKTOP="$(getbootparam desktop 2>/dev/null)"
# Allow only supported windowmanagers
case "$DESKTOP" in fvwm|windowmaker|wmaker|fluxbox|twm) ;; *) DESKTOP="fluxbox"; ;; esac

knoppix¹ØÓÚxwindowµÄ½Å±¾Êµ¼ÊÖ´ÐеÄÊÇ/etc/X11/Xsession.d/45xsession£¬ÀïÃæÓÐÆô¶¯¸÷ÖÖ×ÀÃæµÄº¯Êý£¬±ÈÈçstartkde()¡£ÐèÒª¸øfvwmÌí¼ÓÒ»¸öÀàËƵĺ¯Êý£¬ÍêÈ«¿½±´startfluxbox()¡£startkde()ÍêÈ«¿ÉÒÔɾ³ýÒÔ½Úʡƪ·ù¡£

ÐÞ¸Ä45xsessionÎļþ×îºó²¿·Ö£º

if [ "$LANGUAGE" = "cn" ]; then
export XMODIFIERS=@im=fcitx
/usr/bin/fcitx &
fi

case "$DESKTOP" in
fvwm|FVWM) startfvwm ;;
fluxbox|FLUXBOX) startfluxbox ;;
windowmaker|wmaker|WINDOWMAKER|WMAKER) [ "$FREEMEM" -ge "35000" ] && startwindowmaker || starttwm lowmem 64; ;;
twm|TWM) starttwm; ;;
*) starttwm invalidwm; ;;
esac

Õâ¸ö½Å±¾»¹ÓÐÐí¶àµØ·½¿ÉÒÔÐ޸ģ¬Ò²ÐíÄ㻹ÐèÒªÐÞ¸Ä/etc/init.d/xsession½Å±¾µÈµÈ¡£

×ÖÌåʹÓÃsimsun£¬²¢ÇÒʹÓÃfireflyµÄ²¹¶¡£¬¿ÉÒÔµ½ÕâÀïÏÂÔØ£º
http://debian.ustc.edu.cn/dev/

ÐÞ¸Ä/etc/gtk/gtkrc.zh_CN£º
style "gtk-default-zh-cn" {
fontset = "-misc-simsun-medium-r-normal--14-*-*-*-*-*-iso10646-1,\
-misc-simsun-medium-r-normal--14-*-*-*-*-*-iso10646-1"
}
class "GtkWidget" style "gtk-default-zh-cn"

ÐÞ¸Ä/etc/init.d/xsession£¬Ä¬ÈÏʹÓÃrootÓû§Æô¶¯X¡£

5¡¢honeynet¹¦ÄÜ

# mkdir /honeynet
# wget http://honeynet.xfocus.net/papers/honeynet/tools/snort_inline.tgz
# wget http://honeynet.xfocus.net/paper ... ksniff-2.0.1.tar.gz
# wget http://honeynet.xfocus.net/paper ... -linux-2.0.1.tar.gz

# apt-get install swatch
# apt-get install honeyd

ÒÔºóÔÙµ÷Õû¡£

6¡¢Éú³ÉѹËõÎļþϵͳ

ÖعàÇ°½¨Òé¶Ôϵͳ×öÒ»±éÉý¼¶ºÍÇåÀíÀ¬»øµÄ¹¤×÷¡£

# apt-get -u upgrade <- ÕâÀïҪעÒ⣬ÓÐЩ·þÎñÐ͵ÄÈí¼þ»á¼ÓÉÏ¿ª»úÆô¶¯½Å±¾£¬¿ÉÒÔÓÃupdate-rc.dɾ³ý¡£
# apt-get clean

¸üйØÁª£º

# updatedb
# umount /proc

Í˳öchroot»·¾³ºóѹËõÎļþϵͳ£º

# mkisofs -R -U -V "KNOPPIX.net filesystem" -P "KNOPPIX http://www.knoppix.net" -hide-rr-moved -cache-inodes -no-bak -pad /mnt/hda1/knx/source/KNOPPIX | nice -5 /usr/bin/create_compressed_fs - 65536 > /mnt/hda1/knx/master/KNOPPIX/KNOPPIX

¶þ¡¢ÖÆ×÷winpe

×÷Ϊһ¸ö¹¤¾ßÅÌÈç¹ûÓÐwindows»·¾³ÄǾ͸üºÃÁË£¬winpe½â¾öÁËÕâ¸öÎÊÌâ¡£
¶¨ÖÆÒ»¸öwinpe·Ç³£ÈÝÒ×£¬ÏÂÃæ½éÉܵÄÓ¢ÎÄ°æµÄ¶¨ÖÆ£º

1¡¢Ê×ÏÈ¿½±´winpe¹âÅ̵ÄwinpeĿ¼µ½Ó²ÅÌ£¬¼ÙÉ追±´µÄÓ²ÅÌĿ¼ÊÇ£ºe:\winpe¡£

Õâ¸öÓÃ×ÊÔ´¹ÜÀíÆ÷¿½±´¾Í¿ÉÒÔÁË¡£

2¡¢È»ºó´Ó΢ÈíÍøÕ¾ÏÂÔØMSA EDC Deployment Kit¡£

e:\temp\>wget http://download.microsoft.com/do ... .5DeploymentKit.exe
½â¿ªÕâ¸ö°üµ½e:\temp\EDCAPFDeployment£¬È»ºó£º

e:\temp\>copy EDCAPFDeployment\WinPESupport\WINPESYS.INF e:\winpe

ÕâÀïµÄWINPESYS.INFÆäʵÊÇÌí¼ÓÁËramdiskµÄÖ§³Ö£¬Ä¬ÈÏÅÌ·ûÊÇr£¬´óСÊÇ4M¡£¿ÉÒÔͨ¹ýÐÞ¸ÄHKLM,"SYSTEM\ControlSet001\Services\ramdrv\Parameters","DriveLetter",0000000000,"R:"À´¸Ä±äÅÌ·û£¬ÐÞ¸ÄHKLM,"SYSTEM\ControlSet001\Services\ramdrv\Parameters","DiskSize",0x00010001,0x400000À´¸Ä°æ´óС¡£

3¡¢×¼±¸winxpµÄ¹âÅÌ£¬±ÈÈçÔÚfÅÌ¡£ºÜÆæ¹ÖÄǸöpebuilderΪʲôҪÓÃsp1µÄ¹âÅÌ£¬ÎÒ·¢ÏÖ¾ÍxpµÄ°²×°Ò²ÊÇ¿ÉÒÔÖÆ×÷µÄ¡£

4¡¢ÔËÐÐmkimg.cmd½Å±¾£¬Éú³ÉwinpeµÄÎļþ¡£

Èç¹ûÄãÏëÈÃwinpeÆô¶¯µÄʱºòÔÚÄÚ´æÖ´ÐгÌÐò£¬¿ÉÒÔÐÞ¸Äe:\winpeĿ¼ÏµÄconfig.infÎļþ£¬°ÑosloadoptionsÏî¸Ä³ÉÈçÏ£º

osloadoptions=txtsetup.sif,setupdata,"/fastdetect /minint /noguiboot /inram"

µ«ÊÇÈ·¶¨ÄãµÄϵͳÓÐ256MÄÚ´æ¡£

Èç¹ûÏëÐÞ¸ÄÆô¶¯ÌáʾÐÅÏ¢£¬ÐÞ¸ÄloaderpromptÏî¡£µ±È»ÕâÁ½Ï¿ÉÒÔ²»×ö£¬Ö±½ÓÓÃÒÔÏÂÃüÁîÉú³ÉwinpeÎļþ£º

e:\winpe\>mkimg.cmd f: e:\temp\winpe.tmp

Èç¹ûɾ³ýi386ϵÄWinSxSĿ¼¼°ÆäÎļþ£¬×îºó×ö³ÉµÄiso»á²»ÄÜʹÓÃnotepad¡£µ«ÊÇÈç¹ûÖ±½Ó¸Ä΢Èí·¢²¼µÄwinpe iso£¬¶¼»áÔì³Énotepad²»ÄÜÖ´ÐУ¬²»ÖªµÀΪʲô¡£

5¡¢¿½±´ramdiskµÄÇý¶¯Îļþ

e:\winpe\>copy e:\temp\EDCAPFDeployment\WinPESupport\ramdrv.INF e:\temp\winpe.tmp\I386\inf\
e:\winpe\>copy e:\temp\EDCAPFDeployment\WinPESupport\ramdrv.sys e:\temp\winpe.tmp\I386\system32\drivers\

6¡¢¼ÓÉÏerd command 2002

Ö»Ð追±´commandshell.exe, common.dll, compmgmt.exe, cs.cfg, dt.cfg, erdcmdr2002.cnt, erdhelp.exe, explorer.exe, fauxshell.dll, fe.cfg, filesearch.exe, locksmith.exe, logoff.exe, logon.exe, ntfsver.exe, pwdserv.exe, tcpcfg.exe, windowsshell.exeÕ⼸¸öÎļþµ½e:\temp\winpe.tmp\I386\system32ÏÂÃæ¾Í¿ÉÒÔÁË¡£×ö³ÉisoÆô¶¯ºóÔÚsystem32Ŀ¼Ï*´ÐÐlogon¾ÍÄܽøÈëerd£¬¼´Ê¹²»ÏëÓÃerd£¬»¹¿ÉÒÔʹÓÃËüµÄһЩ¹¤¾ß£¬±ÈÈçÓÃtcpcfg¾Í¿ÉÒÔ·½±ãµÄÅäÖÃÍøÂç¡£

7¡¢µ÷Õûwinpe

ÏÖÔھͿÉÒÔÖÆ×÷isoÁË£¬µ«ÊÇÕâÑùwinpeÆô¶¯µÄʱºò»áÌáʾPress any key to boot from CD.£¬Èç¹ûûÓа´¼ü¾ÍÏë´ÓÓ²ÅÌÒýµ¼£¬Ö»Ðèɾ³ýe:\temp\winpe.tmp\i386Ŀ¼ÏµÄBOOTFIX.BINÎļþ¾Í²»»áÓÐÕâ¸öÌáʾÁË¡£

winpeÆô¶¯µÄʱºòÊ×ÏÈ»áʹÓÃe:\temp\winpe.tmp\I386\system32\startnet.cmdÎļþ£¬¿ÉÒԱ༭Õâ¸ö½Å±¾£¬Ê¹µÃÆô¶¯Ê±¸ü¼Ó·½±ã¡£

Èý¡¢ÖÆ×÷isoÎļþ¡£

DISKEMUÊÇÒ»¸ö¶àÆô¶¯¹âÅ̳£ÓõÄÈí¼þ£¬¶øÇÒËüʹÓÃÒ²·Ç³£¼òµ¥¡£½¨Á¢¹¤×÷Ŀ¼e:\cd£¬¿½±´DISKEM1X.BIN¡¢DISKEMU.CMDµ½cdĿ¼¡£ÔÚcdĿ¼Ï½¨Á¢IMG¡¢KNOPPIXĿ¼¡£
¿½±´KNOPPIXµÄѹËõÎļþKNOPPIXµ½e:\cd\KNOPPIXÏ£¬¿½±´boot.imgµ½e:\cd\img\knoppix.img£¬ÔÙ¿½±´Ò»·Ýµ½e:\cd\KNOPPIX\ÏÂÃ棬·ñÔòÔÚʹÓÃknx-hdinstsall½Å±¾°Ñknoppix°²×°µ½Ó²Å̵Äʱºò»á²»ÕýÈ·¡£
°Ñe:\temp\winpe.tmpÏÂËùÓÐÎļþ¿½±´µ½e:\cdÏ£¬¿½±´e:\winpe\ETFSBOOT.COMµ½e:\cd\img\winpe.bin¡£

ÐÞ¸ÄDISKEMU.CMDÎļþ£¬ÒÔÏÂÊǸö²Î¿¼£º

cd img
:start
cls
print
print
print
print
print
print
print
print
print
print 1. KNOPPIX
print 2. WindowsPE
print r. Reboot
print q. Quit to command prompt
print Esc. Boot first harddisk
print
print
print
print
print
print
print
print
:mainkey
; timeout is 60 seconds, default key is escape
getkey 60 esc
onkey 1 goto knoppix
onkey 2 goto winpe

onkey f1 goto help
onkey q quit
onkey r reboot
onkey f boot 0
onkey esc boot 80
; When no key found...
goto mainkey
;
:help
cls
print HELP
print ----
print + Have ISO9660 filesystem support, you can do "dir" and "cd"
print + A "advanced" command prompt to load anything you want
print + A simple bootmenu for "less" advanced users
print + Autodetection of floppy image types (by filesize)
print + Using a bootable Diskemu 1.x CD-Rom, you can even boot images from "non-
print bootable" CD-Roms, just swap the CD, type "cd \" and you can use that CD.
print (Cool!)
print + You can create a multiboot bootable CD-Rom using (almost) any recording
print software you want
print + Supported floppy types: 160KB, 180KB, 320KB, 360KB, 1.2MB, 720KB, 820KB,
print 1.44MB, 1.68MB, 1.72MB, 2.88MB
print
print All supported command are listed below.
print
print batch boot bootinfotable cd cls dir
print echo emusegm getkey goto help keyval
print loadsegm onkey print quit readtest reboot
print run test type ver
print
print help <command> (or ?) Displays help about <command>
print
print Press any key to return to main menu
getkey
goto start
;

:knoppix
print Use KNOPPIX
run knoppix.img
getkey
goto start
;

:winpe
print WindowsPE
run winpe.bin
getkey
goto start
;

; EOF

È»ºó¾Í¿ÉÒÔÖÆ×÷isoÎļþÁË£¬µ«ÊDZØÐëҪעÒâisoµÄ¸ñʽ£¬²»ÄÜÓÃiso9660£¬ÒªÊ¹ÓüæÈÝiso9660ÎļþµÄJoliet¸ñʽ£¬cdimageµÄ-j1²ÎÊýÂú×ãÕâ¸öÌõ¼þ£º

cdimage -ltoolcd -j1 -bloader.bin cd toolcd.iso

OK£¬ÓÃtoolcd.isoÒýµ¼ÊÔÊÔ¡£

ËÄ¡¢¼òµ¥Ê¹ÓÃ˵Ã÷

linux²¿·Ö£º

1¡¢Æô¶¯²Ëµ¥Ñ¡Ôñ1ÊÇÆô¶¯Ã»ÓÐSCSIµÄKNOPPIX£¬µ«ËٶȱȽϿ죬ѡÔñ2ÊÇÓÐSCSIµÄKNOPPIX£¬Æô¶¯¼ì²âSCSIÉ豸¡£
2¡¢vmwareÀï´ÓxwindowÍ˳ö»áÔì³ÉÆÁÄ»±äС»¹Ã»ÓÐÕÒµ½ÎÊÌâËùÔÚ¡£
3¡¢Èç¹û»úÆ÷Óжà¸ö¹âÇý£¬Òª·ÅÔÚ/dev/cdromÕâ¸ö¹âÇýÀ·ñÔò²»ÄÜÆô¶¯¡£
4¡¢¿ÉÒÔÓÃknx-hdinstall½Å±¾°Ñϵͳ·½±ã¿ìËٵݲװµ½Ó²ÅÌ¡£

winpe²¿·Ö£º

1¡¢Æô¶¯ºó»áʹÓÃstartcmd.netµÄ½Å±¾£¬Ê×ÏÈÌáʾϵͳ·Ö±æÂÊ£¬Ä¬ÈÏÊÇ800x600¡£
2¡¢ÌáʾÆô¶¯ÍøÂ绹ÊÇÆô¶¯erd command£¨Ó²ÅÌÐèÒªÓÐwinϵͳ£¬licenseÔÚ¹âÅ̸ùĿ¼£©¡£
3¡¢ÊäÈëexplorerÆô¶¯erdµÄ×ÊÔ´¹ÜÀíÆ÷£¬Ó²ÅÌÓÐfat¡¢ntfs·ÖÇøÒ²¿ÉÒÔÖ±½Ó¶Áд¡£
4¡¢toolsĿ¼»á¼Óµ½PATH»·¾³±äÁ¿ÀïÃ棬ÀïÃæÓкܶàºÃÍæµÄ¶«¶«£¬Ä㻹¿ÉÒÔ×Ô¼ºÔÙÌí¼Ó¡£

ÉùÃ÷£º

ÓÉÓڸùâÅÌ°üº¬Á˺ܶàÉÌÒµÈí¼þ£¬ËùÒÔû·¨ÌṩÏÂÔصģ¬Ò²²»ÒªÎÊÎÒÕâЩ¶«¶«´ÓÄÇÀïÀ´¡£ÎÒÖ»ÊǸø´ó¼Ò½éÉÜÒ»¸ö¹¤¾ß¹âÅ̵ÄÖÆ×÷·½·¨£¬·½±ã´ó¼Ò×öÉø͸²âÊÔ¡¢µ÷²éÈ¡Ö¤¡¢ÈëÇÖ¼ì²â¡¢ÍøÂçÏÝÚåµÈµÈ¡£

²Î¿¼£º
http://www.knoppix.net/docs/index.php/KnoppixRemasteringHowto
http://www.knoppix.net/docs/index.php/KnoppixCustomKernelHowto
http://www.microsoft.com/technet ... /build/EDCBLD05.ASP
http://honeynet.xfocus.net/papers/gen2/

ÔÎÁË£¬ºÃ¶àµÄeÎÄ°¡£¡

¿´²»Ì«Ã÷°×£¬ÓôÃÆ°¡