DIY: Rescue and recover systems with the Knoppix Linux distribution
By Jack WallenMay 4, 2011, 10:47 AM PDT
Takeaway: Jack Wallen explains how you can become a rescue and recovery ninja by using Knoppix, an incredible graphical Live Linux distribution.
Knoppix is one of the best troubleshooting and rescue tools I have ever used. The Linux distribution can be run and used as either a Live rescue distribution or as a full-blown Linux distribution. There is even a special Knoppix build called ADRIANE (Audio Desktop Reference Implementation and Networking Environment) that is a “talking desktop” for the visually impaired. For the IT crowd, Knoppix has quickly become a go-to tool for system rescue and recovery.
Release and purchase information
There are two main releases of Knoppix:
- Traditional Knoppix (700 MB) will fit on either a CD or a USB. This release offers thousands of tools.
- Maxi Knoppix (4.7 Gb) requires a DVD and can work as a full-blown Linux distribution (including OfficeSuite and many other tools associated with desktop Linux).
You can get your copy of Knoppix from one of the Knoppix Mirrors. You can also purchase a pre-burned copyof the CD/DVD or a pre-installed USB version.
What you can do with Knoppix
You can use the Knoppix distribution (run as a Live distribution) to take care of a number of rescue functions. This is a list of some of those functions.
File recovery: If the operating system becomes unbootable, Knoppix can help recover those files. You can use Knoppix to do this by booting the Live CD, locating the target files, and uploading the files to a server or copying the files to an external drive. (The safest and easiest solution is to copy the files to an external drive.) For each partition Knoppix finds, an icon will appear on the desktop. Double-click that icon to open the file manager to poke around the partition.
Removing corrupted/infected files: Our bench technician does this very same thing with BartPE. He removes the infected drive from the machine, mounts the infected onto his Bart PE machine, and digs into the drive to remove suspect files. You can do the same thing with Knoppix. If you want to dig around the Windows registry, you need to load another tool called chntpw, which can edit the Windows registry and reset the password of any valid Windows user. The nice thing about Knoppix is that you are mostly doing this
using graphical tools, so the job is incredibly easy.
Partitioning/reformatting: Knoppix allows the partitioning and the reformatting of connected drives; this can be handy when a Windows installation cannot repartition the drive in question. Partitions can also be resized using Knoppix, though this should only be handled by those who know what they are doing.
Related resource
Linux 101: Use Knoppix to resize partitions for dual-boot installs.
Cloning drives: Knoppix has the ability to clone drives using the dd command, although the target drive must be larger than the source drive. The command structure looks like this: dd if=/dev/hda of=/dev/hdb (/dev/hda and /dev/hdb are the source and target drives, respectively). You need to get these exactly right before issuing the command, or else you might wind up cloning a blank drive onto the drive you wanted to clone.
Security audit: Knoppix comes with the Nessus security scanner, which allows you to run thousands of security checks from that Live instance. Although it’s not a machine-specific rescue tool, using Knoppix this way circumvents the need to purchase a security tool or do a full-blown Linux installation to take advantage of Nessus.
Winetools: Winetools allows you to safely run some of those Windows-only applications without the usual concerns. This is especially helpful if there is a tool on the Windows drive that needs to be run to access configuration data, but the tool will not run when Windows is up and running. You simply need to run Knoppix, fire up Winetools, fire up the application, and get the configuration data.
Fix Windows boot.ini file: If the Windows boot.ini file becomes corrupt, the Windows machine will more than likely become unbootable. You can boot up Knoppix, edit that .ini file, and restart Windows. As along as you have a clear understanding of the structure of the boot.ini file, it is a snap to repair using Knoppix.
CD vs. USB: Knoppix can be run as a Live distribution from either CD or USB drive. Since there are machines that do not include CD drives, it is always important to have the necessary tools to be able to rescue and recover systems without CDs. If you need to get Knoppix onto a USB flash drive, I recommend using UNetbootin, which is one of my favorite tools.
Conclusion: These are some of the ways the Knoppix distribution can help you out in a pinch. With this incredible graphical Live Linux distribution, you can become a serious rescue and recovery ninja.