RE: Rooted Linux Box Foresensics Questions

From: Sports (madbooat_private)
Date: Tue Aug 07 2001 - 15:10:53 PDT

Next message: Manuel Beltran: "Netscape History file"

Previous message: Wouter Slegers: "Re: Psion Revo PDAs"
In reply to: Brian Lane: "Re: Rooted Linux Box Foresensics Questions"
Next in thread: David Douthitt: "Re: Rooted Linux Box Foresensics Questions"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

 
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Also you can get a copy of YARD (GNU) from freshmeat.com, this lets
you make a customizable 
bootable linux disk/cd/zip and is fairly straight forawrd.


- -----Original Message-----
From: Brian Lane [mailto:brianat_private]
Sent: Sunday, August 05, 2001 6:00 PM
To: Nick Lange
Cc: Forensicsat_private
Subject: Re: Rooted Linux Box Foresensics Questions


On Wed, Aug 01, 2001 at 08:04:48AM -0500, Nick Lange wrote:
> anyone know of any single floppy disk distro's designed for
> forensics containing such things as network drivers and fs stuff
> for mounting and transferring information off the machine so I can
> figure out exactly what happneed w/o screwing up evidence? I'm
> curious how exactly this happened and  

  Tom's root boot is a nice single floppy distribution, and its not
too hard
to customize for your own use. You can also make a bootable CD with
it so
you can include the kitchen sink if you need to.

  http://www.toms.net/rb

  Brian

- -- 
Brian C. Lane - Linux Programmer/Consultant/Writer        
www.brianlane.com
                                                     
www.nexuscomputing.com
Liberty & Privacy 'zine Editor                          
www.libertynews.org
======================================================================
======
Sponges grow in the ocean... that *kills* me.  I wonder how much
deeper
they'd be if that didn't happen.
						-- Stephen Wright

- -----------------------------------------------------------------
This list is provided by the SecurityFocus ARIS analyzer service.
For more information on this free incident handling, management 
and tracking system please see: http://aris.securityfocus.com

-----BEGIN PGP SIGNATURE-----
Version: PGPfreeware 7.0.3 for non-commercial use <http://www.pgp.com>

iQA/AwUBO3BnbXuovSIevPCzEQLOngCgmULuHGmmKmfHnX2J3G6upybpWQUAoJu7
gF9aLhE6k9WqXmt6ULDrh25B
=6l8C
-----END PGP SIGNATURE-----


-----------------------------------------------------------------
This list is provided by the SecurityFocus ARIS analyzer service.
For more information on this free incident handling, management 
and tracking system please see: http://aris.securityfocus.com

Next message: Manuel Beltran: "Netscape History file"
Previous message: Wouter Slegers: "Re: Psion Revo PDAs"
In reply to: Brian Lane: "Re: Rooted Linux Box Foresensics Questions"
Next in thread: David Douthitt: "Re: Rooted Linux Box Foresensics Questions"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Wed Aug 08 2001 - 10:22:41 PDT