On 14 May 2010 at 15:54, Peter van Houten wrote: > Due to the change of government in the UK, the crisis has been averted and I > have the luxury of inspecting the damage myself next week. I would, however > still like to access the system remotely and since last night have Nessus > trying to find an opening :-)
Can you air-mail them a bootable rescue CD to allow you remote access (or have them download the ISO from http://www.sysresccd.org/Download and burn it themselves)? In the past I have used SystemRescueCD to recover files from an unbootable Windows box. SRCD includes an SSH server to which I logged in across the LAN using SSH. From the remote shell, I was able to run ntfs-3g to mount the NTFS partition, then used WinSCP to copy files off the unbootable box. I think this would fit the original need you stated at the start of this thread, to grab a file from the (l)user's desktop. You just need to have your remote user press [TAB] and add "rootpass=password" to the SRCD command-line at boot-time to have the SSH server load automagically. While I was googling to answer this, I discovered that the current SystemRescueCD also includes a "VNC server" boot option; I just booted a test VM using the latest SRCD, setting both a root password and a VNC password using command-line additions at boot time, and I was able both to SSH into the VM using PuTTY and to open a VNC session using my UltraVNC viewer. FYI the "vncserver" addition to the default command-line, which I entered after pressing [TAB] on the boot-screen, is unfortunately missing from the on-CD SRCD boot-help screens. After some dinking around, I found I needed to add "vncserver=2:passwd1 dhdhcp rootpass=passwd2" (without the "quotes", of course, and using your choice of passwords) to the default command-line. The VNC password must be between 5 and 8 characters or VNC server won't load. FYI the VNC server listens on port 5901 (and 5902 if you specify "vncserver=2:"), not the default of 5900. The VNC session opened with a live terminal window, from within which I could mount the Windows partion and "see" it from Linux. ============= Included Stuff Follows ============= r...@sysrescuecd /root % ntfs-3g /dev/sda1 /mnt/windows r...@sysrescuecd /root % ls /mnt/windows arcldr.exe CONFIG.SYS MSDOS.SYS Program Files arcsetup.exe Documents and Settings NTDETECT.COM System Volume Information AUTOEXEC.BAT Install ntldr WINNT boot.ini IO.SYS pagefile.sys r...@sysrescuecd /root % ============= Included Stuff Ends ============= This IMHO is a very powerful troubleshooting tool, and I am going to add this SRCD-with-SSHD_&_VNC_server to my troubleshooting tools for remote support on unbootable systems. See also: Use SystemRescueCd remotely with VNC server http://www.sysresccd.org/news/2008/04/12/use-systemrescuecd-remotely-with-vnc-server/ or here if the above wraps unusably: http://preview.tinyurl.com/27a3m9r and: Manage remote windows & linux servers using SystemRescueCd http://www.sysresccd.org/Sysresccd-manual-en_Manage_remote_windows_linux_servers_using_SystemRescueCd or here if the above wraps unusably: http://preview.tinyurl.com/4g949q -- Angus Scott-Fleming GeoApps, Tucson, Arizona 1-520-895-3270 Security Blog: http://geoapps.com/ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~
