Specifications For Dell XPS 15 9560 (PDF)

Here’s a PDF file that contains everything you want to know about the Dell XPS 15 9560.  My own XPS 15 9560 has 32GB ram, 1TB NVMe, 4K touch screen, a fingerprint sensor, Nvidia 1050 GTX and Windows Pro.  The only thing I’m unhappy with is the fact that Microsoft removed ReFS from Pro, now I have to spend another $120 to upgrade Pro to get ReFS back which I need.  Otherwise the XPS 15 9560 is perfect.  It has had some BSOD related to VirtualBox which I removed VirtualBox and the BSOD fixed itself.  Aside from a few other minor bugs here and there the XPS 15 9560 has been great.  The best computer laptop I ever owned.

 

XPS 15 9560 Specifications

How To Obtain System Information On Windows 10 Pro

  • Right click on start menu and select Windows PowerShell (Admin).
  • While PowerShell is opened, create a folder in Documents, name it something like WinInfo
  • Back to PowerShell; type:

cd c:\users\your-username\documents\WinInfo

Type:

systeminfo > systeminfo.txt

ipconfig /all > IPconfig_All.txt

For GUI applications, we will run them in admin mode, keeping PowerShell open, type:

msinfo32

In msinfo32, go to file>Export.  Give it a name like msinfo32 and save to the dir you created above.  When done close msinfo32.

Now type:

dxdiag

Give it a few seconds to load.  Check the box for check for WHQL drivers.  Then click save info.  Save to the folder you made above.

Now go to the folder and read through all the info.  There you go.  It’s up to you to interpet the data.  Feel free to leave a comment if you have a question about the data.

SystemInfo MSINFO32 IPconfig_All DxDiag

The Output For lshw For Dell Mini 10V

The Mini 10V is called Triton after the ancient God.  The Dell netbook uses an encrypted hard drive.  The boot is configured to display the text output instead of a pretty picture which should help with certain attacks.  The bios and hard drive are protected with two passwords.  All in all a fairly secure computer.  The encrypted partition is protected by a strong password and is unlikely to be brute force.  More likely would be a flaw in the crypt itself that would lead to a breach.

Triton

id:
triton
description: Portable Computer
product: Inspiron 1011 ()
vendor: Dell Inc.
version: A06
serial: 91CP2L1
width: 32 bits
capabilities: smbios-2.5 dmi-2.5 smp-1.4 smp
configuration:
boot = oem-specific
chassis = portable
cpus = 1
uuid = 44454C4C-3100-1043-8050-B9C04F324C31
id:
core
description: Motherboard
product: CN0Y53
vendor: Dell Inc.
physical id:
0
version: A06
serial: .91CP2L1.ppppppppppppppd
id:
firmware
description: BIOS
vendor: Dell Inc.
physical id:
1
version: A06
date: 07/29/2009
size: 102KiB
capacity: 1984KiB
capabilities: pci pnp apm upgrade shadowing escd cdboot bootselect acpi usb smartbattery biosbootspecification
id:
cpu
description: CPU
product: Intel(R) Atom(TM) CPU N270 @ 1.60GHz
vendor: Intel Corp.
physical id:
5
bus info:
cpu@0
version: 6.12.2
serial: 0001-06C2-0000-0000-0000-0000
slot: U1
size: 1067MHz
capacity: 2048MHz
width: 32 bits
clock: 533MHz
capabilities: boot fpu fpu_exception wp vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat clflush dts acpi mmx fxsr sse sse2 ss ht tm pbe nx constant_tsc arch_perfmon pebs bts aperfmperf pni dtes64 monitor ds_cpl est tm2 ssse3 xtpr pdcm movbe lahf_lm dtherm cpufreq
configuration:
cores = 1
enabledcores = 1
id = 1
threads = 2
id:
cache:0
description: L1 cache
physical id:
6
slot: L1 Cache
size: 32KiB
capacity: 32KiB
capabilities: asynchronous internal write-back
id:
cache:1
description: L2 cache
physical id:
7
slot: L2 Cache
size: 512KiB
capacity: 4MiB
capabilities: burst external write-back
id:
logicalcpu:0
description: Logical CPU
physical id:
1.1
width: 32 bits
capabilities: logical
id:
logicalcpu:1
description: Logical CPU
physical id:
1.2
width: 32 bits
capabilities: logical
id:
memory
description: System Memory
physical id:
f
slot: System board or motherboard
size: 1GiB
capacity: 2GiB
id:
bank
description: SODIMM DDR2 Synchronous 533 MHz (1.9 ns)
physical id:
0
slot: M1
size: 1GiB
width: 32 bits
clock: 533MHz (1.9ns)
id:
pci
description: Host bridge
product: Mobile 945GSE Express Memory Controller Hub
vendor: Intel Corporation
physical id:
100
bus info:
pci@0000:00:00.0
version: 03
width: 32 bits
clock: 33MHz
configuration:
driver = agpgart-intel
resources:
irq : 0
id:
display:0
description: VGA compatible controller
product: Mobile 945GSE Express Integrated Graphics Controller
vendor: Intel Corporation
physical id:
2
bus info:
pci@0000:00:02.0
version: 03
width: 32 bits
clock: 33MHz
capabilities: msi pm vga_controller bus_master cap_list rom
configuration:
driver = i915
latency = 0
resources:
irq : 16
memory : f0000000-f007ffff
ioport : 1800(size=8)
memory : d0000000-dfffffff
memory : f0200000-f023ffff
id:
display:1
description: Display controller
product: Mobile 945GM/GMS/GME, 943/940GML Express Integrated Graphics Controller
vendor: Intel Corporation
physical id:
2.1
bus info:
pci@0000:00:02.1
version: 03
width: 32 bits
clock: 33MHz
capabilities: pm bus_master cap_list
configuration:
latency = 0
resources:
memory : f0080000-f00fffff
id:
multimedia
description: Audio device
product: NM10/ICH7 Family High Definition Audio Controller
vendor: Intel Corporation
physical id:
1b
bus info:
pci@0000:00:1b.0
version: 02
width: 64 bits
clock: 33MHz
capabilities: pm msi pciexpress bus_master cap_list
configuration:
driver = snd_hda_intel
latency = 0
resources:
irq : 44
memory : f0440000-f0443fff
id:
pci:0
description: PCI bridge
product: NM10/ICH7 Family PCI Express Port 1
vendor: Intel Corporation
physical id:
1c
bus info:
pci@0000:00:1c.0
version: 02
width: 32 bits
clock: 33MHz
capabilities: pci pciexpress msi pm normal_decode bus_master cap_list
configuration:
driver = pcieport
resources:
irq : 40
ioport : 3000(size=4096)
memory : 40000000-401fffff
ioport : 40200000(size=2097152)
id:
pci:1
description: PCI bridge
product: NM10/ICH7 Family PCI Express Port 2
vendor: Intel Corporation
physical id:
1c.1
bus info:
pci@0000:00:1c.1
version: 02
width: 32 bits
clock: 33MHz
capabilities: pci pciexpress msi pm normal_decode bus_master cap_list
configuration:
driver = pcieport
resources:
irq : 41
ioport : 4000(size=4096)
memory : f0100000-f01fffff
ioport : 40400000(size=2097152)
id:
network
description: Wireless interface
product: BCM4312 802.11b/g LP-PHY
vendor: Broadcom Corporation
physical id:
0
bus info:
pci@0000:03:00.0
logical name:
wlan0
version: 01
serial: c4:17:fe:12:2e:e8
width: 64 bits
clock: 33MHz
capabilities: pm msi pciexpress bus_master cap_list ethernet physical wireless
configuration:
broadcast = yes
driver = wl0
driverversion = 6.30.223.248 (r487574)
ip = 192.168.43.62
latency = 0
multicast = yes
wireless = IEEE 802.11abg
resources:
irq : 17
memory : f0100000-f0103fff
id:
pci:2
description: PCI bridge
product: NM10/ICH7 Family PCI Express Port 3
vendor: Intel Corporation
physical id:
1c.2
bus info:
pci@0000:00:1c.2
version: 02
width: 32 bits
clock: 33MHz
capabilities: pci pciexpress msi pm normal_decode bus_master cap_list
configuration:
driver = pcieport
resources:
irq : 42
ioport : 2000(size=4096)
memory : 40600000-40afffff
ioport : f0500000(size=1048576)
id:
network
description: Ethernet interface
product: RTL8101/2/6E PCI Express Fast/Gigabit Ethernet controller
vendor: Realtek Semiconductor Co., Ltd.
physical id:
0
bus info:
pci@0000:04:00.0
logical name:
eth0
version: 02
serial: 00:26:b9:a0:83:1b
size: 10Mbit/s
capacity: 100Mbit/s
width: 64 bits
clock: 33MHz
capabilities: pm msi pciexpress msix vpd bus_master cap_list rom ethernet physical tp mii 10bt 10bt-fd 100bt 100bt-fd autonegotiation
configuration:
autonegotiation = on
broadcast = yes
driver = r8169
driverversion = 2.3LK-NAPI
duplex = half
latency = 0
link = no
multicast = yes
port = MII
speed = 10Mbit/s
resources:
irq : 43
ioport : 2000(size=256)
memory : f0510000-f0510fff
memory : f0500000-f050ffff
memory : f0520000-f053ffff
id:
usb:0
description: USB controller
product: NM10/ICH7 Family USB UHCI Controller #1
vendor: Intel Corporation
physical id:
1d
bus info:
pci@0000:00:1d.0
version: 02
width: 32 bits
clock: 33MHz
capabilities: uhci bus_master
configuration:
driver = uhci_hcd
latency = 0
resources:
irq : 23
ioport : 1820(size=32)
id:
usb:1
description: USB controller
product: NM10/ICH7 Family USB UHCI Controller #2
vendor: Intel Corporation
physical id:
1d.1
bus info:
pci@0000:00:1d.1
version: 02
width: 32 bits
clock: 33MHz
capabilities: uhci bus_master
configuration:
driver = uhci_hcd
latency = 0
resources:
irq : 19
ioport : 1840(size=32)
id:
usb:2
description: USB controller
product: NM10/ICH7 Family USB UHCI Controller #3
vendor: Intel Corporation
physical id:
1d.2
bus info:
pci@0000:00:1d.2
version: 02
width: 32 bits
clock: 33MHz
capabilities: uhci bus_master
configuration:
driver = uhci_hcd
latency = 0
resources:
irq : 18
ioport : 1860(size=32)
id:
usb:3
description: USB controller
product: NM10/ICH7 Family USB UHCI Controller #4
vendor: Intel Corporation
physical id:
1d.3
bus info:
pci@0000:00:1d.3
version: 02
width: 32 bits
clock: 33MHz
capabilities: uhci bus_master
configuration:
driver = uhci_hcd
latency = 0
resources:
irq : 16
ioport : 1880(size=32)
id:
usb:4
description: USB controller
product: NM10/ICH7 Family USB2 EHCI Controller
vendor: Intel Corporation
physical id:
1d.7
bus info:
pci@0000:00:1d.7
version: 02
width: 32 bits
clock: 33MHz
capabilities: pm debug ehci bus_master cap_list
configuration:
driver = ehci-pci
latency = 0
resources:
irq : 23
memory : f0444000-f04443ff
id:
pci:3
description: PCI bridge
product: 82801 Mobile PCI Bridge
vendor: Intel Corporation
physical id:
1e
bus info:
pci@0000:00:1e.0
version: e2
width: 32 bits
clock: 33MHz
capabilities: pci subtractive_decode bus_master cap_list
id:
isa
description: ISA bridge
product: 82801GBM (ICH7-M) LPC Interface Bridge
vendor: Intel Corporation
physical id:
1f
bus info:
pci@0000:00:1f.0
version: 02
width: 32 bits
clock: 33MHz
capabilities: isa bus_master cap_list
configuration:
driver = lpc_ich
latency = 0
resources:
irq : 0
id:
ide
description: IDE interface
product: 82801GBM/GHM (ICH7-M Family) SATA Controller [IDE mode]
vendor: Intel Corporation
physical id:
1f.2
bus info:
pci@0000:00:1f.2
version: 02
width: 32 bits
clock: 66MHz
capabilities: ide pm bus_master cap_list
configuration:
driver = ata_piix
latency = 0
resources:
irq : 19
ioport : 1f0(size=8)
ioport : 3f6
ioport : 170(size=8)
ioport : 376
ioport : 1810(size=16)
memory : 40b00000-40b003ff
id:
serial
description: SMBus
product: NM10/ICH7 Family SMBus Controller
vendor: Intel Corporation
physical id:
1f.3
bus info:
pci@0000:00:1f.3
version: 02
width: 32 bits
clock: 33MHz
configuration:
latency = 0
resources:
ioport : 18c0(size=32)
id:
scsi
physical id:
0
logical name:
scsi0
capabilities: emulated
id:
disk
description: ATA Disk
product: SAMSUNG SSD UM41
physical id:
0.0.0
bus info:
scsi@0:0.0.0
logical name:
/dev/sda
version: VAM1
serial: DCF410S936SE936B8675
size: 14GiB (16GB)
capabilities: partitioned partitioned:dos
configuration:
ansiversion = 5
sectorsize = 512
signature = 0006c99e
id:
volume:0
description: Linux filesystem partition
vendor: Linux
physical id:
1
bus info:
scsi@0:0.0.0,1
logical name:
/dev/sda1
logical name:
/boot
version: 1.0
serial: 4d73753f-b696-4feb-a14e-efecdff37099
size: 243MiB
capacity: 243MiB
capabilities: primary bootable extended_attributes ext2 initialized
configuration:
filesystem = ext2
lastmountpoint = /boot
modified = 2017-04-07 18:39:50
mount.fstype = ext2
mount.options = rw,relatime
mounted = 2017-04-07 18:39:50
state = mounted
id:
volume:1
description: Extended partition
physical id:
2
bus info:
scsi@0:0.0.0,2
logical name:
/dev/sda2
size: 14GiB
capacity: 14GiB
capabilities: primary extended partitioned partitioned:extended
id:
logicalvolume
description: Linux filesystem partition
physical id:
5
logical name:
/dev/sda5
capacity: 14GiB
id:
battery
product: Unknow!
vendor: Unknow!
physical id:
1
slot: Rear
capacity: 57720mWh
configuration:
voltage = 11.1V

Continue reading

How To Reduce Your Vulnerability to Evil Maid Attack When You Have Disk Encryption

  1. Zero hard drive(s) with dd
  2. Mark drive(s) as raw lvm disk
  3. Make your vg and lv
  4. Make your encryption
  5. Make file system ext4
  6. Install Ubuntu
  7. Make sure you have SDcard inserted before you turn on computer
  8. When you get to disk partitioner in install, format SDcard ext2, all of it, the whole thing, except if you need a little bit for efi partition in which case the SDcard will have two partitions a grub/boot partition/mbr and efi.
  9. Mark your lvm volume as ext4 and use entire volume for /
  10. In the partitioner select SDcard for grub/boot partition/mbr/efi install.
  11. If you install grub/boot partition/mbr/efi to your lvm disk the computer will not boot as you overwrote the lvm.
  12. Now proceed with install and the grub/boot partition//mbr/efi will be installed to the SDcard and the OS will be installed to the encrypted lvm.
  13. If you need efi partition that also will need to be installed to SDcard.
  14. Reboot when installer says to.
  15. Check everything works.
  16. Shutdown computer and remove SDcard.
  17. Boot computer, it should fail to boot if it’s working right. The bios/efi should behave as if the hard drives were blank.
  18. Shut down computer and insert SDcard. Boot computer and it should now boot to encrypted password box and you should now be able to log in.
  19. Reboot and set a bios/efi admin and user password.
  20. Reboot and verify bios/efi passwords are required.
  21. Now when you leave the house always hide the SDcard or take it with you or if you have a laptop always put the SDcard in a separate backpack pocket as the criminal is unlikely to know the significance of the SDcard.

You can always have two or three SDcards that are dd clones of the key and you can update the clones whenever you have an update.  If you have to you can always make new boot cards from an known good computer.  The point is you never have to rely upon the idea that your stuck with the boot code Ubuntu installed.  Any suspicion that SDcard has been compromised you can make new SDcard boot key.  Give the keys to trusted family/friends or hide them around the house. Now you are much more secure against evil maid attack as any attempt to write to lvm disk will destroy encrypted lvm disk. Attacker will need the key which is your SDcard.  Yes of course attacker can use their own boot code and attempt an attack upon the disk.  However we are concerned here with boot code integrity.

If you are kidnapped and they demand key, I highly recommend that you give them the key as no data is worth the loss of human life.

Install and Setup Logwatch on Ubuntu

I installed the program logwatch. A little confusing at first. This is mostly so I don’t forget. I thought it could help others.  An excellent tool for auditing an Ubuntu system.

sudo apt-get install exim4

I prefer EXIM4, however some people like Postfix. Setting up EXIM4 and Postfix is beyond the scope of this logwatch thread.

dpkg-reconfigure exim4-config
sudo apt-get install logwatch
sudo nano -w -W /usr/share/logwatch/default.conf/logwatch.conf

Use nano to change the following settings.

#To make Html the default formatting Format = html
Format = html
# Default person to mail reports to.  Can be a local account or a
# complete email address.  Variable Output should be set to mail, or
# --output mail should be passed on command line to enable mail feature.
MailTo = user@example.org
# Default person to mail reports from.  Can be a local account or a
# complete email address.
MailFrom = user@ubuntu.org
sudo logwatch --html_wrap 80 > logwatch.html

When done, open logwatch.html in your home dir. Example /home/nate/logwatch.html, should open in your web browser. Everything should work. Now you will need to wait 12 to 24 hours for an email from logwatch. Check your spam box too if you missed it. Be sure to add logwatch to your email address contact list.

Here’s My SSH Port Forward Command

ssh -2TND 1080 user@ip-or-hostname

A special note about option -C. Unless you are on a dial-up modem connection, the -C option only hurts you on virtually all modern network connections. I would not use the -C unless your speed is slower than about 1Mbps. It really is designed for 56K dial-up modems and other similar slow connections like ISDN. Here is the man page entry for -C;

-C Requests compression of all data (including stdin, stdout,
stderr, and data for forwarded X11 and TCP connections). The
compression algorithm is the same used by gzip(1), and the
“level” can be controlled by the CompressionLevel option for pro‐
tocol version 1. Compression is desirable on modem lines and
other slow connections, but will only slow down things on fast
networks. The default value can be set on a host-by-host basis
in the configuration files; see the Compression option.

Most SSH advice concerning -C is incorrect. Unfortunately too many people blindly use the -C option without understanding the option. Most people just copy and paste the command from some web site and don’t bother to read the man page. As you can see it’s a pet peeve of mine.

ssh -2TND 1080

I’ll break it down for you.

-2 Forces ssh to try protocol version 2 only.

T Disable pseudo-tty allocation.

N Do not execute a remote command. This is useful for just for forwarding ports (protocol version 2 only).

D [bind_address:]port
Specifies a local “dynamic” application-level port forwarding.
This works by allocating a socket to listen to port on the local
side, optionally bound to the specified bind_address. Whenever a
connection is made to this port, the connection is forwarded over
the secure channel, and the application protocol is then used to
determine where to connect to from the remote machine. Currently
the SOCKS4 and SOCKS5 protocols are supported, and ssh will act
as a SOCKS server. Only root can forward privileged ports.
Dynamic port forwardings can also be specified in the configura‐
tion file.

1080 I’d use this port as it’s the socks port. Use of another port is fine, but will not give you any security advantage. So I use this port. The only reason not to use this port is if you already have another application using 1080.

I’m interested in hearing from anybody about their commands. Just so you know I use keys without a password. My keys have a bit strength of 8192 bits and I maintain strict control over the devices that have keys, so devices are all encrypted with very strong passwords.