Scan a network using nmap

Quickly scan a network or subnet to see which hosts are up using nmap. You may need to install it first.

Installation is as easy as sudo apt-get install nmap

Once installation has completed, scan a range of IP addresses to see which ones are live using the following command as an example…

nmap -sP

The output will be something like this…

Here you can see that in my network, at present hosts thru 5 are up, along with 14 and 15.



Mount USB HDD by UUID in Linux

The danger with USB hard disk drives is that when you have more than one plugged into your workstation, the device name assigned to it by the operating system might not be consistent between reboots.  i.e. /dev/sdb1 and /dev/sdb2 might swap places.  Potential disaster if you rsync data from one to the other on a periodic basis.

If permanently mounting usb hard disks, it’s much safer to mount according to the UUID of the disk instead of the device name assigned by the OS.

If you change to root using sudo su – and cd into /dev/disk you’ll see that there are multiple links in there, organised into different folders.  The unique unit id is written in /dev/disk/by-uuid and links the device name to the unique id.

You can see what device name is mounted where using df -h.  Then use the output of ls -al of /dev/dsk/by-uuid to correlate uuid to filesystem mount.  There’s probably other ways to match filesystem to uuid but this is quick and easy enough to do.

Note that I’ve also taken the liberty of piping the commands through grep to reduce output, just showing me what I want to know,  i.e. the uuid’s mounted to devices named /sda1, /sda2, /sdb1 etc.

Once you’re confident you know what UUID is what disk, then you can permanently mount the disk or disks that are permanent fixtures by creating a mount point in the filesystem and adding a line to /etc/fstab

finally, mount -a will pick up the UUID and mount it into the mount point.


Accidentally formatted hard disk recovery

So you had more than one hard disk plugged into your nice new Humax FreeSat set top box, one containing all your existing downloaded media and the other, an empty one intended for recording.

Upon formatting the drive intended for recording you subsequently discover that your other FAT32 disk with all your media on it, now has a nice new, empty NTFS partition on it too.  A real WTF moment that absolutely is not your fault.  It happens to the best of us.  It’s just happened to me.

It’s in these moments that having a can-do attitude is of the utmost importance.  Congratulations are in order, because Life has just presented a real challenge for you to overcome.

The likelihood is 95% of your friends will feign sympathy and tell you…

“there’s nothing you can do if you’ve re-formatted the drive”

the largely self-appointed “tech experts” (on the basis they have all-the-gear) will likely tell you…

“you’ve reformatted your FAT32 partition with NTFS so you’ve lost everything.”

…like you’d have stood a chance if you’d gone over it with a like-for-like file system format and they could have got all your data back for you (yeah, right).

Well, if you’ve been sensible enough to not make any writes to the drive, then I can tell you that you absolutely can recover all your data.  In fact, there’s no data to recover as it’s all still on the drive, so “recovery” will be instantaneous.   I’m here to tell you…

You need a computer running Linux and you need to install the testdisk package.

In a console window, run sudo testdisk

You may need to unmount the disk first using gparted but leave it plugged in.

In testdisk, you need to list partitions and it’ll display the new high performance file system NTFS partition and nothing else at this point.  There is an option to do a “deeper scan”.  This walks the cylinders looking for any evidence that a previous file system was here.  If you’ve not done any writes to the drive since it got reformatted with NTFS, then it’ll instantly find details of a previous FAT32 partition.  You can cancel the scan at this point as it’s found all it needs (see below)

What you need to do now is tell the disk that it’s this format you want on the primary partition, not the current NTFS one.  You can select it, and even list the files on it (P).

This can in someways be the most frustrating part, as you can see that the files and the index are there, but your file manager will still show an empty NTFS disk.  Now you need to switch the NTFS structured disk back over to FAT32 by writing the previously discovered FAT32 structure over the top of the primary partition.

You’ll receive a message along the lines of needing a reboot.  You just need to quit testdisk, and remove and re-add the hard disk (if it’s USB) or reboot if it’s an internal drive and re-run test disk after to see that the NTFS partition structure has been replaced with the FAT32 one that existed before.

Like before, you can list the files on the partition using testdisk.  Seeing as this partition is now the current live one, the files should also appear in your file manager.  In my case, I’m using the Nemo file manager on Linux Mint 18.1 Serena, Cinnamon 3.0 edition (and I can highly recommend it).

So there you go.  There are a few lessons to be learned here -for all of us, but like many things in life, things are not always as they seem.  Your computers file manager does not show you what data is on the disk – it is merely reading the contents of the current known good file allocation table from an address on the front of the disk that the partition is known to begin at.  Such file allocation tables will exist all over the disk from previous lives in between re-formatted for re-use.  When you re-format a disk, you’re just giving the file allocation table a fresh start with a new address but the old one will still exist somewhere and in multiple places on the disk.  The file allocation table is the index of disk contents that is read by the file manager in order to give you a representation of what it believes to be retrievable data on your disk.  The data itself can then be found starting at the addresses contained in that index for each file.  The data is still there on parts of the disk that have not yet been written over with replacement blocks of data, hence if you’ve not performed any writes, then all your data is all still there.  So if you want your data to be truly irrecoverable, then you must perform multiple random writes over the top of all cylinders using a tool like DBAN that will take hours to complete, or better, take an angle grinder to it.  Just remember to take a backup first.

So if you want your data to be truly irrecoverable, then you can perform multiple random writes over the top using a tool like DBAN, or better, take an angle grinder to it.

So the real proof that the data is indeed readable once again would be to open and play a movie file.  So as proof, here’s a little screenie of VLC Media Player playing Penelope Spheeris’ 1981 punk rock documentary “The Decline Of Western Civilization”.

Coincidentally, 1981 is quite a significant year for me, I was 6 years old and my parents had just bought me my first computer -a BBC Model B micro computer that had just been released.  I began teaching myself BASIC right away.



Protect your Anonymity online with Vadalia, Privoxy and Proxychains

Happy New Year.  You will be monitored.  We are watching you.  We know who you are.  We know where you are.

The following is a concise guide to configuring Internet Anonymity on Linux by leveraging the tor network (vidalia) and a local proxy server (privoxy) then running your web browser using proxychains.

I have tried the tor browser bundle but couldn’t access most of my websites so found it to be pretty useless in everyday life.  This however, lets me access all my sites fine (so far), so provides protective anonymity without getting in the way.

I have found certain sites like Google sometimes use captcha to prove you’re a human but it’s no big deal.  It is a response that is more likely to be coming from OpenDNS rather than Google actually.

Disclaimer:  The following should be used for educational purposes only and not to facilitate any illegal online activity.

This is a compliment to your firewall.  It should remain ON.  You can further harden your web browser by “jailing” it to prevent penetration by following this guide here.

Remember:  Todays paranoia is tomorrows security standard.

You should see your IP address and location.

This information is logged along with the sites you visit and held by your ISP in line with new regulations.  Everything they need to lead them right to your door.  FTS.

sudo apt-get install privoxy vidalia proxychains

PRIVOXY – local privacy proxy server runs on
vi /etc/privoxy/config, search for localhost:8118 and replace with

VIDALIA – tor front-end. set up relaying to use local privoxy proxy (enter privoxy settings above) then add vidalia to Session & Startup apps list.

  Note that the green Tor onion may take a little while to go green after your computer initially connects to the network/wifi.

DNS SERVICES – change your network/wifi IPv4 settings
Use OpenDNS addresses

ProxyChains allows to run any program through HTTP or SOCKS proxy.
This tool tunnels all TCP and DNS connections of given applications.

Note: precede launcher command of application with proxychains, i.e. proxychains firefox %u

vi /etc/proxychains.conf
comment out strict_chain
uncomment dynamic_chain
add these lines under [ProxyList] section
socks4 9050
socks4a 9050
socks5 9050
http 8118

proxychains firefox
You should see that you now appear to be in a foreign country, not your actual geographical location.

Download the latest Linux .iso file to create some bandwidth and view the bandwidth graph in vidalia.

That’s it.  You’re Anonymous!


Best file manager on Linux? Dolphin.

Need a powerful file manager on Linux?  Minimalism is so last decade.  Functionality is king and it needn’t look ugly either.  Look no further than Dolphin.  KDE’s file manager and it’s an absolute cracker of a file manager.  It’s nothing new as it’s been about a while.

My favourite feature, other than the split screen and integrated command line panel (so long as you install konsole as well as dolphin), is being able to pause multiple, individual in-flight IO operations.  This is great if you’re making multiple copies to a USB stick and want to queue up the individual copy requests so they’ll ultimately complete quicker.

It’s quite simply the best file manager I’ve ever seen.  All about functionality.

sudo apt-get install dolphin konsole


Notepad++ for Linux (Notepadqq)

Add yours and my favourite text editor (Notepad++) to your preferred Linux distribution (Linux Mint) using the following commands…

sudo add-apt-repository ppa:notepadqq-team/notepadqq
sudo apt-get update
sudo apt-get install notepadqq


Protect your Linux system by jailing your web browser

Your Linux system is inherently less vulnerable to attack than Microsoft Windows for a number of reasons.

  1. You’re less of a target to virus attack by being in the minority (Only 2.18% of people run Linux as their desktop operating system with most of those running a Debian derivative, the most popular being Linux Mint).
  2. You execute user processes as a non-privileged user (Remote code executing in your browser is not running in the context of a local Administrator account so has much less privileges to do potentially damaging things to your computer and data).
  3. Your Linux system is built entirely from packages obtained and installed from known, trusted repositories (No dodgy software downloaded from goodness-knows-where that may or may not be what you think it is.  The code of any given package undergoes constant scrutiny and improvements by the open source community.)
  4. There’s no marketing, advertising, ransom-ware or hidden agendas lurking in the operating system or the applications that are ultimately built by the people, for the people, and distributed to the people for free (feel the love).

Despite all these advantages, we live in the (dis)information age, and that means that the way to reach your users is through their web browsers.  So this next part should interest you.

…we live in the disinformation age, and that means the way to reach you is through your web browser.  So this next part should interest you.

How do I protect my web browser? (Firefox is the default web browser on Linux Mint -my OS and browser of choice)


  1. Enable the firewall (above)
  2. Once a new installation of Linux Mint is complete, I reboot, log on, Install all pending updates by typing sudo apt-get update && sudo apt-get dist-upgrade in a terminal window.
  3. Connect to my WiFi network, open Firefox and install the AdBlock Plus and uBlock Origin plugins.

And that’s it.  Or at least it has been until now, and in fairness it’s kept me safe since 2005.  I’ve never installed anti-virus software and never had a problem in over a decade.  AV products on Linux such as clam are usually for the benefit of Windows users on the same network or mail attachment scanning on Linux mail servers, neither of which is applicable in my home network environment.

Today though, I learned about something else.  The existence of firejail, -a program that “jails” certain other programs, and I really like what I see.

Like most Linux programs, it’s super quick to install with a quick sudo apt-get install firejail command in a terminal window and as easy to “use”.  In firejail’s case, you just edit the shortcuts of your existing launchers and pre-pend the command firejail

e.g. firefox %u becomes firejail firefox %u


By jailing the firefox process, it prevents the web browser from being able to access your system, quite literally.  Kind of like a firewall for processes rather than TCP/UDP ports, that only allows certain interactions with the rest of the operating system through.

For example, look what happens when trying to upload a picture I’ve saved to my Desktop to this very blog post…


The Desktop looks empty.  Nothing.  Blank.  No files or subfolders.  Yet my Desktop folder contains loads of images and other files and subfolders, as does my Pictures folder – same again, blank.  This is because firefox is jailed.  It can’t get out and into your filesystem.  Brilliant – and only a little inconvenient as it can still access my Downloads folder.  So if I want to upload a file, I just have a make a copy into my Downloads folder first using my File manager caja (which isn’t jailed).  Uploading to my Dropbox account using the web based interface would be a bit of a pain, but the Dropbox daemon running on my computer does all my file syncing anyway, so it doesn’t present a problem.  I don’t actually need to use Dropbox’ web interface.

This all works in accordance with the application profile in /etc/firejail/firefox.profile -there’s loads of them, not just for firefox but other internet/vulnerable programs like filezilla, transmission etc too.

Filezilla’s firejail profile on the other hand seems to be a lot more lenient and allows access to your home directory where you might wish to upload an entire folder structure to your web server.  You could always edit the filezilla.profile to harden it yourself I guess.

Whilst I found firejail in my repositories, I didn’t find the accompanying firetools package – a simple launcher that sits on your desktop.  It’s not really needed if you’ve edited your launchers to your favourite apps already and just allows you to add some additional programs to it and shows any running jailed processes if you’re interested in seeing that.  It places a convenient icon in your systray area too, for easy recall.






Install hevc codec for .mkv video on Linux Mint

Given how complete Linux Mint is out of the box, I’m surprised to have experienced this problem even after installing all extra codecs from the repositories after initial installation.

Upon attempting to play the latest .mkv episode of Silicon Valley, I received the following error in VLC Media Player.

“unable to decode hevc, there’s nothing you can do about this error”

Or words to that effect.  I’d include a screen-shot of the error but I’ve fixed it now, so am sharing the fix with you instead.  I’ll keep it succinct.

sudo apt-add-repository ppa:strukturag/libde265

sudo apt-get update

sudo apt-get install gstreamer0.10-libde265

sudo apt-get install gstreamer1.0-libde265

sudo apt-get install vlc-plugin-libde265


Adding a blocklist to Transmission torrent client on Linux

When using a torrent client on Windows such as utorrent, it’s not a bad idea to run peer block to protect your computer from inbound connections from a maintained list of known ip addresses.

Linux comes with a torrent client built in, usually Transmission, although Deluge is a bit more like utorrent, i.e. shows more info on the screen, has a few more options etc.  Transmission works perfectly well though and ticks the minimalist box if that’s your thing.  Both are available via the repositories using the built in package manager.

Peer Block isnt available for Linux.  Transmission however, supports the use of blocklists, so increasing your level of protection has actually never been simpler.

In Preferences, just add the following url to the Blocklist field and click Update.  Done.


To provide system-wide protection, you should install ufw from the package manager.

  gufw is a GUI that can be used to enable ufw and configure rules.

ufw is installed by default in Linux Mint but is not turned on.



Dell BIOS updates w/o Windows

If like me, you have a Dell laptop running linux and you want to bring your firmware up to date, you’ll realise that the executables downloadable from Dell’s support site require Windows OS to run.  Or do they?  The good new is No.  They don’t.

OK, so they won’t run on Linux either, but they will run from a FreeDOS command line.

Long story short,  download SystemRescueCD

Create a bootable USB Stick using THESE instructions…

mkdir -p /tmp/cdrom

sudo mount -o loop,exec ~/Downloads/systemrescuecd-x86-4.5.4.iso         #your version maybe newer!

plug in the usb stick      #be prepared to loose everything on it!

cd /tmp/cdrom

sudo bash ./

Create a folder on the USB stick called Dell for example, and copy the BIOS update for your computer into it.

Boot the computer with the USB stick and choose the FreeDOS option (it can be found in one of the menus), otherwise it’ll boot into the default linux command line environment, and you don’t want that for this.

At the FreeDOS command prompt A:> change to C:> and type dir to view the files on the USB stick.

You should see the Dell directory you created.  cd into the Dell directory and run the executable BIOS upgrade program.

Reboot into your Linux OS.  The following commands show the firmware level and other info for your computer.

You may need to install libsmbios first

sudo apt-get install libsmbios-bin