Data Recovery/Forensics
Peter Amisano
pamisano at kc.rr.com
Thu Oct 30 14:02:50 CST 2003
I need some the security expertise out there.
I am currently working in a computer forensics position, however, our
process only uses windows and windows products for the acquisition and
analysis of data. I am wanting to port the entire process over to Linux,
for learning purposes and experience. I need to know if there is anyone out
there who has real world experience in this area. I would like to know more
about the linux tools and tricks of the trade.
I have done a bit of research on the DD command and Linux bootable forensic
CD's like FIRE and PenguinSleuth.
A few questions to start with:
When imaging a piece of media using DD, will the subject device be written
to in any way? Are there other methods of imaging a device other than DD?
Thanks for your help,
Pete
More information about the Kclug
mailing list