('binary' encoding is not supported, stored as-is) In-Reply-To: <3D10A42A.9070006at_private> Plase forgive me with this, im not an expert like the rest of you ;) could a read only quaranitne be put up around the drive to image. if read requests are required by the system these are allowed. If the system needs to write to the disk, could it be diverted to a secondary drive, with the system assuming it has gone to the original? then any request for data wrote would come from the secondary device. in the mean time, the original disk is imaged. Just a thought. Forgive me if its a stupid one!! ---------- --------------- ------------- | system |<-------| |<-------| hard disk | | |------->| | | | ---------- | | ------------- | l i v e | || | | \/ | i m a g e r | ------------- | | | i m a g e | | | ------------- | | | |------>|-------------| | | | secondary | | |<------| storage | | | |-------------| --------------- Regards Ed ----------------------------------------------------------------- This list is provided by the SecurityFocus ARIS analyzer service. For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com
This archive was generated by hypermail 2b30 : Fri Jun 21 2002 - 06:56:25 PDT