('binary' encoding is not supported, stored as-is) Greetings, I'm trying to create an image of a Windows 95 machine using dd.exe and netcat. I can successfully accomplish this feat on a Win2k machine by using the following syntax: Target Win2k Machine: dd.exe if:\\.\C: bs=512 | nc.exe 1.b.c.d 4000 Linux Analysis Machine: nc -l -p 4000 | dd of=/evidence.img bs=512 conv=noerror This works quite nicely, and I have imminent need to do the same on two Windows 95 machines. When I try to accomplish this I get a variety of errors depending on whose dd.exe I try to use. In a google newsgroup discussion I read that "Windows 9x does not support opening local volumes line NT-XP does". If this is true than I guess my question is, how do I best accomplish the task of imaging this drive across the wire to my Linux workstation, with little or no budget? This can't be the first time that a Criminal chose to use Windows 95, right? Thanks in advance for your feedback! -Dan Rathbun ----------------------------------------------------------------- This list is provided by the SecurityFocus ARIS analyzer service. For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com
This archive was generated by hypermail 2b30 : Tue Apr 08 2003 - 16:10:24 PDT