On Wed, Aug 01, 2001 at 08:04:48AM -0500, Nick Lange wrote: > anyone know of any single floppy disk distro's designed for forensics > containing such things as network drivers and fs stuff for mounting and > transferring information off the machine so I can figure out exactly what > happneed w/o screwing up evidence? LinuxCare used to have promotional distros on business-card CDs. They may have them still, or someone from your local linux user group may have one. There are other more available options. I think trinux and tomsrtb may be the most popular, or at least are old enough that their names are stuck in my head now. (Though I reserve the right to have misspelled tomsrtb.) Our friends at ibiblio (nee metalabs nee sunsite) have a large list of distributions with some of each's selling points: http://www.ibiblio.org/pub/Linux/distributions/ Note also that whatever you used to install your linux system probably has some sort of rescue mode on its bootable CD, though those tend to try to mount/repair the filesystems available .. which may not be quite what you are after. Good luck. BTW -- consider especially putting the old hard drive in a different system, and using 'dd' to make a copy of the drive image. You could then use a loopback mount (mount(8) "-o loop") to look through a copy of the drive image. ----------------------------------------------------------------- This list is provided by the SecurityFocus ARIS analyzer service. For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com
This archive was generated by hypermail 2b30 : Thu Aug 02 2001 - 12:53:54 PDT