-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Responding to Jimmy Sadri: ========================================== Using EnCase will build RAID images in certain cases. In other situations you need to image each individual drive separately. That then requires some expertise to get the separate images to "merge" back into a arrayed set of data. However, once you have the image, you will quite often be able to copy/extract the deleted files that your customer is looking for, unless the ex-employee sent the unit on a free space wipe routine after they were done with their deletions. For technical advice particular to your individual RAID array, and whether or not it will succeed on your platform, I would do a quick consult with Charles Hessirfer at Guidance Software. (626) 229-9191 ext 203 - - ============================================================ Edward D. Sandoval Information Security The Regence Group (503) 553-1424 FAX (503) 225-5232 -----BEGIN PGP SIGNATURE----- Version: PGP 8.0 Comment: The Regence Group - Confidential iQA/AwUBPl56reoB/8wkfxh6EQJqGACgwqmfFWv6E986O76pWaQ8RDPd+B4An2RL d5uZAFbsJWH0UY7cowSl+rgH =IQkq -----END PGP SIGNATURE-----
This archive was generated by hypermail 2b30 : Thu Feb 27 2003 - 13:18:52 PST