For a while now we have been doing incremental work to push out new RescueCD with new features.
So what new do we have?
Here is a Quick Changelog
- New Security Platform
- New Knoppix
- USB stick improvements
- Ability to speed up the process by storing malware definitions on USB stick if scan is done often
- Ability to automate scanning or enable malware definition download behind a proxy
- Ability to run personalized automated script for the system as part of the process
- Ability to convert RescueCD into bootable USB stick
We have taken the Knoppix 6.0.1 as the new base for the RescueCD. It has been stripped down somewhat to make download a bit smaller and initialization process is slightly altered to make it fairly simple to use. If you think some crucial tool is missing from the image please let us know and we consider including it later. Both emacs and vi are removed on purpose :)
New Security Platform
Security Platform has been updated to version 2.50. It should be faster now.
Extended usability of USB stick with the product
Using USB stick to store malware definitions
To use USB stick as malware definition storage initialize USB stick by creating directory fsecure on the stick and under that subdirectory rescuecd. Now when you boot the machine with RescueCD and USB stick is inserted into machine it will automatically use the stick to store definitions into. (there must be ~256MB of free space on the stick)
To automate the scan process with help of USB stick
Act as above and after you have booted up you can have a look at the config file /mnt/usbstick/fsecure/rescuecd/config. This file explains different options that can be useful to automate the process or enable virus definition downloads by setting a proxy.
If you wish to automate the scanning process just set the TIMEOUT=5 and every dialog will show only for 5 seconds and after that proceed to next step. Process will halt to last screen that shows scan result.
If you are behind a proxy you can set the http_proxy in the config file according explained specifications.
Running personalized script as part of the process
If you have initialized the USB stick you can create file /mnt/usbstick/fsecure/rescuecd/custom_script.sh
This script can contain your own customised actions that are taken before scan process. This is basically same thing as repair_script.sh used to be, but just renamed to have more generic meaning. You can for example use this script to backup all pictures or documents from your machine to the stick (if it is large enough) or have rsync backup files to remote machine over network.
Converting RescueCD into bootable USB stick (for advanced users)
One of the nice features that we managed to push to the CD is transmogrify script. This script can be used to change normal USB stick into bootable RescueCD stick. Word of warning thou the script will delete everything from target device. So be very careful as you use it to create your bootable USB stick.
To create a USB stick version of the RescueCD, please run the following command in ‘Alt-F2′ after booting the CD:
/opt/f-secure/transmogrify_cd_into_stick.sh [cdrom device] [usb stick device]
[cdrom device] usually is one of the following /dev/hda /dev/hdc /dev/sr0. You can verify the device by changing to different virtual console with ‘Alt-F2′ and typing df. The device on the very first line with /mnt-system is the device you wish to use as first argument to the script.
[usb stick device] is bit harder to figure out. If you have just booted the computer without any stick and have the one that you wish to use in your hand insert it in and check dmesg | grep -A2 usb-storage. Command should print out something like
usb-storage: waiting for device to settle before scanning
scsi 126:0:0:0: Direct-Access USB 2.0 USB Flash Drive 0.00 PQ: 0 ANSI: 2
sd 126:0:0:0: [sdd] 3948544 512-byte hardware sectors (2022 MB)
so in this case destination device would be /dev/sdd
Note: if you create USB stick after databases have been downloaded you will have the fresh virus description databases already on your next boot.
The package can be downloaded here.
Please have a look at the release notes before using the product. They are also available inside the zip package.
checksums for f-secure-rescue-cd-beta-3.10.22900.zip:
And as before comments and suggestions are welcome trough email address displayed at the bottom of the page.
Many thanks to KNOPPIX team NTFS-3G developers and people in OSS scene.