I've been installing Debian from Knoppix CD over and over for the last couple of weeks or so, since I gave up trying to get RedHat9 to install. Debian had been set up on one hdd for several days when I realised that the firewall (Shorewall) was not set up right, and also that several servers were listening at ports (Samba, portmap, cupsd and probably others). So I reinstalled, on the other hdd, which it now shares with Windows.

Yesterday I carelessly opened an HTML email from the Debian-perl mailing list (I know; it won't happen again) in KMail, and there was nothing there. I sent it to trash, and went to look at the HTML code. It was random words, with a few web addresses scattered about.

F-prot found nothing, but I was concerned enough to reinstall Debian at once, again on the second hdd alongside Windows. This morning I had been on the net about an hour when I decided to download F-prot again. When I ran it, there was a page of error messages. F-prot could not read the boot sector, or any of the Shorewall files, because another program was using them. I rebooted and tried again, with the same result.

I am now using the first hdd, onto which I have reinstalled yet again. There is still some odd behaviour - amongst them an inability for my browser to find packages.debian.org, from where I want to download Shorewall. This might be because of the current power-supply problems in America, but then again it might not. What I need to know is:

Is the Debian packages site experiencing understandable problems?

Could I have problems as deep as my motherboard rom, and if so what do I do? Probably this is over-reaction, but I am not greatly on form at the moment.

I'm confused about how you format a drive in Linux - and I ^have^ tried to find out. Does fdisk remove the old mbr and replace it? Can I remove the mbr on the second drive, and the Debian, and keep the Windows still? Or am I best wiping the whole thing clean, and ditching whatever windows stuff I don't have backed-up? I would be willing and ready to do this using the maxtor floppy if I was sure my problem isn't on the motherboard. Then I could presumably just reinstall from the Knoppix cd.

Any calm words would be a blessing.

Mussy

HI Mussy,

I will first say that you do not necessarilly have to abide by my suggestion or advice, but I am a newbie who is always experimenting with things I have little to no knowledge of. Since Linux is one of those things I have experienced many different variations of situations similar to yours. At the same time, especially because I had studied 2 semesters worth of Unix and C++ (although am still not a programmer) I learned that (almost as badly as people in government) hard line programmers will deny that anything can happen to their code while secretly working their butts off to configure a cure (or repair) for something that did or will happen to their code.

Darn it, there I go almost babbling! Anyway, the point being that anything electrical has the same laws that pertain to water (this is very non-technical), in that water will go wherever it can and electr8icity will go wherever it can. To make another point, while they say linux is pretty much virus free it is only "pretty much virus free". At the same time, since most viruses are attacks against Microsoft products (Windows in particular) and quite a few of us have Linux sharing the same computer with Windows, if a virus attacks Windows it will POSSIBLY negatively affect Linux.

In short, anything that screws with the MBR can and does screw with Linux by not allowing it to open correctly. If you are a programmer, I am told, there are ways to program your way around the difficulties. I, on the other hand, had a situation like yours once - ooops - TWICE before and found that the best solution (although a real pain since I even now have no backup for my data) was to totally erase, format, and reinstall everything.

Of course, I suffer from paranoia (they say) but while viruses are rampant, the best thing to do is to go off line, reinstall Windows first and secure it with whatever firewall and antivirus protection you feel comfortable with. Then reinstall the Linux you prefer to use (I favor Mandrake 9.1 but your choice is to your own liking). If Debian is at all like Mandrake it will offer you varied installation methods of which one is step by step allowing you to see everything being done and - in fact - you being forced to respond to questions pertaining to how you want things done including whether or not to create partitions and whether or not to format what you created or anything else for that matter.

That last bit of information may give you the idea to use your Linux installation to format everything first and then install Windows, but unless you wish to do extra work, it is better to install Windows first. Microsoft does not like Linux (at least not as a FREE entity) and does all it can do to make Windows dominant. As such, while you can boot into Linux and Windows with boot management assistance from Linux, Windows does not permit such a boot process from it's management. So if you install Linux first, when you install Windows you will wipe out the MBR that Linux created and you will only be able to get into Windows. Then you would have to partially reinstall Linux all over again. Anyway, the choice is yours.

Finally and most importantly, only accept e-mail from your friends or whoever else you are certain you can trust at least until you have found and installed perfect or at least hopefully perfect e-mail security.

I hope I did not waste your time.

F-prot could not read the boot sector, or any of the Shorewall files, because another program was using them. I rebooted and tried again, with the same result.
The bootsector should not be in use and I don't know any legitimate application that would allow to have a hold on the bootsector. Shorewall files are read once the firewall is set up (but then again I dont use Shorewall) so should not be in use as well.
To check for Shorewall files that are opened by an application, try (as root) "lsof | grep <thefile>", or "fuser <thefile>". If nothing shows up I suggest you try another AV scanner or try to find out if F-prot supports something like more "aggressive" scanning options.

Could I have problems as deep as my motherboard rom
I sincerely doubt it, unless you been messing with the BIOS yourself.

I'm confused about how you format a drive in Linux - and I ^have^ tried to find out.
With "mke2fs", after you partitioned the disk. Remember partitioning is best done with a tool native to the filesystem. For MICROS~1 DOS you would use FDISK.EXE, Ranish or alike, and for Linux sfdisk or cfdisk or whatever else.

Does fdisk remove the old mbr and replace it?
No. The MBR is not part of a partition, it is the place where the 1st part of the (any) bootloader "lives". And MBR viruses of course.

Can I remove the mbr on the second drive, and the Debian, and keep the Windows still?
Of course. With LILO you can restore the bootsector in the 2nd HD (dunno bout GRUB). If you want to zero out the bootsector, make a copy: "dd if=/dev/<2ndHDnotpartition> of=/tmp/bootsect.dat bs=1 count=512" and zero it out sparing the partition table: "dd if=/dev/zero of=/dev/<2ndHDnotpartition> bs=1 count=446".
The partition you just reformat. If you want to erase it do "dd if=/dev/zero of=/dev/<partition> bs=512 count=<sectors>" Grep the sectorcount from sfdisk.

Or am I best wiping the whole thing clean, and ditching whatever windows stuff I don't have backed-up?
If you're certain you ain't backing up viruses as well, then by all means do a backup first. No one likes to see energy and time go to waste. Wiping clean everything will make sure nothing can come back from the disk to haunt you, tho that assurance doesn't mean that much when you're working with MICROS~1 products I guess...