hi ya j easiest way to clone systems ... assuming you have a master(original) disk /dev/hda assuming your clone is /dev/hdc cloning scripts are here... http://www.Linux-Consulting.com/Boot/Linux-1U/ a. fdisk /dev/hdc ( fdisks.sh ) b. copy directories to /dev/hdc ( clone.sh ) mount /dev/hdc1 /mnt/hdc1 cd / ; tar cf - boot root bin sbin etc dev lib \ | ( cd /mnt/hdc1 ; tar xvfp - ) ... repeat for other partitions like /usr, /var - dont forget to tchange the hostname/domainname/ip# on the clone c. run lilo to make the clone bootable ( i just use a boot floppy to boot the clone ) - or run lilo to dump into /dev/hdc disk which will boot as hda when its used takes about 10-30 minutes to clone ..dpending ony our duplicating station cpu/memory speeds c ya alvin On Tue, 18 Jun 2002, J Jewitt wrote: > > All, > A few months ago, a post came through asking about > forensic duplication devices. I'd like to revisit that > issue. > My organization has a need to be able to quickly > duplicate hard drives for forensic purposes, and we're > now exploring these devices as an option. > We have a system in our forensics lab which uses > Trinux (and soon Biatchux) to duplicate as well, so > those paths have already been explored. > Analysis of the image is typically done using > Encase. Encase can support a raw dd-type image or > capture from the original hard drive. > > These are my requirements: > 1. Support for SCSI and IDE hard drives > 2. Fairly fast duplication (approx 1 G/min) > 3. Claim of forensic-quality capabilities > 4. Methodology does not rely on duplicating to hard > drive with identical geometry. > 5. Source drive write blocking by default. > 6. Nice to have: optional evidence tag printer, hash > or checksum generator. > 7. Must be very portable. > > We've looked at the following products, at their web > site: > > www.ics-iq.com Solo Product Line > www.logicube.com Forensic SF5000 > > Does anyone have EXPERIENCE with a device like the > above, and is willing to recommend it? > > Thanks in advance, > J Jewitt ----------------------------------------------------------------- This list is provided by the SecurityFocus ARIS analyzer service. For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com
This archive was generated by hypermail 2b30 : Wed Jun 19 2002 - 08:11:21 PDT