Migrating Windows to New Hardware

Thursday, May 27th, 2010

Have you ever used your computer and thought to yourself, “man this thing is slow, I need an upgrade”.  Chances are you have.  I believe that I am on my sixth computer, and surprisingly my current machine has lasted me about five years.

It’s true that the pace of computer development has slowed greatly, and an older machine will get you by just fine, so long as you don’t play the latest computer games.  But, the disposable nature of consumer electronics ensures that at some point you are going to want to upgrade your hardware.

Note, I said upgrade your hardware not software.  In my case, after using my computer for 5 years I’ve developed a large amount of photos, music files, documents, power-points, and customized settings.  I’ve installed many software packages and have written custom bash scripts and aliases to make my life easier (I’m a linux user).  The last thing I want to do is start over again from scratch on a new computer.  I’m sure windows users feel exactly the same way.

Case in point, a few weekends ago, my father received a hardware upgrade.  He needed it badly, as his previous machine was still in the sub-ghz range with 384 meg of ram.  Naturally, he wanted his installation of Windows XP with all of his files and settings to be transferred to his new machine.  He wasn’t interested in reconfiguring a new computer when he already had things set up the way he wanted.

You would think that a good operating system would anticipate the need to upgrade hardware, and facilitate the transfer.  But windows doesn’t.  In the linux world, there is a simple tool to do this called dd.  So I thought why not give it a shot on my Dad’s windows box.

There are a few ways you could have set up the hardware to do this.  In my case, I run a dedicated linux server with plenty of spare space in my father’s home (I don’t live with my parents any more, just my server does).  So I simply set up an nfs share point on the server, and dumped the hard drive image there.  I then setup the new hardware and restored the hard drive image from the network.  If you don’t have a similar setup at home, you will likely want to remove the hard drive from your original box and install it into the new hardware so you can copy from your old hard drive to the new one.

The first step was to download a linux live cd that I could run on the WinXP box.  You want to run off of a linux cd so you are not accessing the hard drives you want to copy, and because all the tools you need are available in linux for free.  I chose Knoppix as my live linux cd for no particular reason.  You simply go to their website, download the cd image and burn it to a cd.  Put the new cd into the the cd drive and boot the computer off of the cd into a live linux environment.

Once the Adriane Screen Reader starts, you select shell to get to a command prompt.  In my case, I turned off the computer speakers at this time to silence the annoying Adriane Screen Reader.

Now that you are at the command prompt, you will want to find out which hard drive is the new one, and which is the original. In linux, hard drives are set up in the directory structure as /dev/sda /dev/sdb /dev/sdc etc. Each drive will then have partitions labeled numerically such as /dev/sda1 /dev/sda2 /dev/sda3 and so on. Older versions of linux, used hd to replace sd for pata connections. In this case you would have /dev/hda /dev/hdb /dev/hdc and /dev/hda1 /dev/hda2 /dev/hda3 etc.

To find out what device points your hard disks are at do the following:

# ls /dev/hd*
# ls /dev/sd*

The result will show what hard drives your system has detected.  Here’s an example output from my server to give you an idea of what to look for.

mike@mikeradio:~$ ls /dev/hd*
/dev/hda  /dev/hda1  /dev/hda2  /dev/hdc  /dev/hdc1  /dev/hdc2
mike@mikeradio:~$ ls /dev/sd*
/dev/sda   /dev/sda2  /dev/sda6  /dev/sdb   /dev/sdb2  /dev/sdb6
/dev/sda1  /dev/sda5  /dev/sda7  /dev/sdb1  /dev/sdb5  /dev/sdb7

as you can see I have 4 hard drives, and a lot of partitions. Now you will want to check the geometry of each drive to verify which is your old drive and which is your new drive. Hopefully they are a different size to make this step easy. For each drive found with the previous command do the following.

fdisk -l /dev/sda

Again I’m showing output from my server.

mikeradio:/home/mike# fdisk -l /dev/hda

Disk /dev/hda: 200.0 GB, 200049647616 bytes
255 heads, 63 sectors/track, 24321 cylinders
Units = cylinders of 16065 * 512 = 8225280 bytes
Disk identifier: 0xb576c039

   Device Boot      Start         End      Blocks   Id  System
/dev/hda1   *           1          16      128488+  83  Linux
/dev/hda2              17       24321   195229912+   5  Extended
mikeradio:/home/mike# fdisk -l /dev/sda

Disk /dev/sda: 1000.2 GB, 1000204886016 bytes
255 heads, 63 sectors/track, 121601 cylinders
Units = cylinders of 16065 * 512 = 8225280 bytes
Disk identifier: 0x52e7014a

   Device Boot      Start         End      Blocks   Id  System
/dev/sda1   *           1          16      128488+  fd  Linux raid autodetect
/dev/sda2              17      121601   976631512+   5  Extended
/dev/sda5              17         624     4883728+  fd  Linux raid autodetect
/dev/sda6             625         746      979933+  fd  Linux raid autodetect
/dev/sda7             747      121601   970767787   fd  Linux raid autodetect
mikeradio:/home/mike#

The output should be enough to tell which is your old hard drive and which is the new one. In my case, /dev/hda is a 200gb drive while /dev/sda has a 1000gb drive. To follow what I’m going to show you below you will want your new hard drive to be equal or larger in size to your old drive to ensure everything fits.

Now for the copy command to transfer all your data from your old disk to your new disk.  To hopefully prevent confusion I’m going to call your old drive /dev/old and your new drive /dev/new.  Please replace old and new with the proper sd or hd scheme as determined from the above commands.  It is important to get this correct or you could completely obliterate all the data on your old drive.

# dd if=/dev/old of=/dev/new bs=4096

You’ll have to wait a while for this command to finish. Depending on how much data your are copying it could be several hours.

Once it’s done, shutdown your computer

# halt

Remove the cd and probably the old hard drive unless you wish to continue using it in your new computer.  When you turn the computer back on, if you are very lucky it should boot into Windows.  I was not very lucky, and Windows did not start.  Don’t worry, even if it did start you would not get far as Windows would detect that you have moved the operating system onto new hardware and would quit working anyways.

It turns out that Windows not only does not provide the tools needed to migrate your software to a new computer, but actively tries to prevent it.  There is a way around this.

You have to put your WindowsXP install disk into your cd drive and boot from the cd.  You want to do what’s called a repair install.  This will re-install all the core parts of windows, and the boot loader, and give you a chance to re-activate your copy of windows.

This link explains how to do it.

Now windows should boot, but your larger hard drive is only showing up as the same size your old hard drive used to be.  That’s not what you want.  You want to unleash the full size of your new drive right?  Again, windows offers no tools to do this.  So, back to the linux live cd.

At this point, I’m going to assume your new hard drive is located at /dev/sda.  This is where it should be if you are using knoppix and you only have one drive in your machine.  I explain above how to find out where it is located if you have more than one hard drive, or are using an older version of linux on a live cd.

Again, you will want to get to the shell or command prompt. From here use fdisk to re-size the partition table on the hard drive. First enter fdisk.

# fdisk /dev/sda

now change units by typing ‘u’ and pressing enter.

Command (m for help): u
Changing display/entry units to sectors

Type ‘p’ to get list your current partition. You want to write down the start sector. For me, it was 63.

Next delete the partition by typing ‘d’ and enter.

Now we create a new partition by typing ‘n’.  Follow the prompts to make it a primary partition located at partition 1. Make sure the starting sector is the same as you wrote down earlier, and accept the default last sector to fill the entire disk.

Type ‘t’ to change the partition type to 7 otherwise known as ntfs

Type ‘a’ to make the partition bootable

Finally type ‘w’ to save your changes and exit fdisk

Now we have to resize the ntfs file system to fill the partition.  Again Windows dose not give you a tool to do this, so we use linux.  Simply use the ntfsresize command as follows.

# ntfsresize /dev/sda1

Note that I referred ntfsresize to /dev/sda1 the 1 indicates that I am looking at the first partition on the first hard drive. ntfsresize should resize the file system to fill the newly expanded partition, and thus your hard drive. Reboot into windows and you should have full use of your new hard drive.

# reboot

The end.

Tags: linux
Posted in linux | No Comments »

Postfix Sending Spam From User www-data

Monday, February 22nd, 2010

Recently I discovered that Postfix had been busy sending spam emails to people all over the web.  Several entries like this started showing up in my /var/log/mail.log

Jan 24 09:05:50 li51-89 postfix/qmgr[2971]: 278C6C499: from=<www-data@####.members.linode.com>, size=600, nrcpt=1 (queue active)

278C6C499: to=<luke.debett####@law.com>, relay=none, delay=185184, delays=185184/0/0.05/0, dsn=4.4.1, status=deferred (connect to law.com[12.170.132.211]:25: Connection refused)

I also found many rejected emails that had bounced back to my server in the /var/mail/www-data file.  These gave me an idea of what kind of emails my server was busy sending out.

Here’s and example, I removed the link address from the email, parts of my server’s domain name, and the recipient’s email address.

--3432BC4CA.1262789678/####.members.linode.com
Content-Description: Undelivered Message
Content-Type: message/rfc822

Received: by ####.members.linode.com (Postfix, from userid 33)
id 3432BC4CA; Wed,  6 Jan 2010 08:54:36 -0600 (CST)
To: runner####@hotmail.com
Subject: Biggest result ever
MIME-Version: 1.0 ^M
Content-type: text/html; charset="utf-8" ^M
X-Mailer: eComm Php^M
From: mail@shop.subdomain.org ^M
Message-Id: <20100106145437.3432BC4CA@####.members.linode.com>
Date: Wed,  6 Jan 2010 08:54:36 -0600 (CST)

Only here you can get it. <a href="CENSORED"><font size=3 color="orange">Get now</font></a><style>}3;m@7~w(;9j]8T_3FB|}IP9b5X][H;Np5nlEn</style>

--3432BC4CA.1262789678/####.members.linode.com--

From the “From” line in the above returned email, I could find the source of the problem.  My website located a shop.subdomain.org was being hijacked to send spam.  This particular website was running osCommerce v2.2 Rc 2a last released in 2008.  There were no updates available to OsCommerce that fixed this problem.

I suppose at this point I could have tried to find the component at fault and bugfix it myself, but I took the lazy way out, and completely shut down the site.

Result: problem fixed.

Hope this helps someone with a similar problem.  For those that must know, I started using Joomla 1.5 and Virtuemart for the same website.  Haven’t had any problems yet… fingers still crossed.

Tags: linux
Posted in linux | 2 Comments »