Re: Rooted Linux Box Foresensics Questions

From: Brian Coyle (briancat_private)
Date: Wed Aug 01 2001 - 21:43:15 PDT

Next message: Seth Arnold: "Re: Rooted Linux Box Foresensics Questions"

Previous message: Nick Lange: "Rooted Linux Box Foresensics Questions"
In reply to: Nick Lange: "Rooted Linux Box Foresensics Questions"
Next in thread: Seth Arnold: "Re: Rooted Linux Box Foresensics Questions"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Nick Lange wrote:

> 
> anyone know of any single floppy disk distro's designed for forensics
> containing such things as network drivers and fs stuff for mounting and
> transferring information off the machine so I can figure out exactly what
> happneed w/o screwing up evidence? 


The Linuxcare Bootable Business Card CD is great for this.  It even
has TCT.   (If you don't have one, you can download and burn the iso).

        http://www.linuxcare.com/bootable_cd/

If you don't have a bootable CD-ROM in the subject system, you might
take
a look at Trinux and the tctbin.tgz package.

        http://www.trinux.org/

HTH!

-- 
If you're not living on the edge, you're taking up too much space...

-----------------------------------------------------------------
This list is provided by the SecurityFocus ARIS analyzer service.
For more information on this free incident handling, management 
and tracking system please see: http://aris.securityfocus.com

Next message: Seth Arnold: "Re: Rooted Linux Box Foresensics Questions"
Previous message: Nick Lange: "Rooted Linux Box Foresensics Questions"
In reply to: Nick Lange: "Rooted Linux Box Foresensics Questions"
Next in thread: Seth Arnold: "Re: Rooted Linux Box Foresensics Questions"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Thu Aug 02 2001 - 12:22:54 PDT