Linux Swap Partitions

From: saliskorat_private
Date: Wed Jul 24 2002 - 11:38:33 PDT

Next message: Ryan Barnett: "Shell Session Monitoring with Modified Script Utility"

Previous message: Robert Goto: "Host Protected Area"
Next in thread: Samuel R.Baskinger: "Re: Linux Swap Partitions"
Reply: Samuel R.Baskinger: "Re: Linux Swap Partitions"
Reply: Seth Arnold: "Re: Linux Swap Partitions"
Reply: Knut Eckstein: "Re: Linux Swap Partitions"
Reply: NM: "Re: Linux Swap Partitions"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

('binary' encoding is not supported, stored as-is) New to forensics.... particularly in Unix/Linux... I have imaged the partitions on a problematic Linux box, ending up with, among other things, a swap partition. My question is: Is there any value to mounting and analysing a linux swap partition ? I attempted to mount and received an error, stating that the partition appeared to be a swap partition - which of course it was. If there is value in mounting and analysing, is there a particular -t parameter for mounting a swap file system? What should I be looking for once i get it mounted ? Thanks in advance for any suggestions or advice. Rick ----------------------------------------------------------------- This list is provided by the SecurityFocus ARIS analyzer service. For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com

Next message: Ryan Barnett: "Shell Session Monitoring with Modified Script Utility"
Previous message: Robert Goto: "Host Protected Area"
Next in thread: Samuel R.Baskinger: "Re: Linux Swap Partitions"
Reply: Samuel R.Baskinger: "Re: Linux Swap Partitions"
Reply: Seth Arnold: "Re: Linux Swap Partitions"
Reply: Knut Eckstein: "Re: Linux Swap Partitions"
Reply: NM: "Re: Linux Swap Partitions"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Sun Jul 28 2002 - 12:15:14 PDT