If you can reboot the machine, boot it on linux using a live CD (linux BBC http://www.lnx-bbc.org/ is very handy on this, and it fits on a Business Card CD!). If you can't then could you explain with more detail what errors do you get? HTH, Albert Bendicho On Thu, 2003-04-03 at 14:29, Dan Rathbun wrote: > Greetings, > > I'm trying to create an image of a Windows 95 machine > using dd.exe and netcat. I can successfully accomplish > this feat on a Win2k machine by using the following syntax: > > Target Win2k Machine: > dd.exe if:\\.\C: bs=512 | nc.exe 1.b.c.d 4000 > > Linux Analysis Machine: > nc -l -p 4000 | dd of=/evidence.img bs=512 conv=noerror > > This works quite nicely, and I have imminent need to do > the same on two Windows 95 machines. When I try to > accomplish this I get a variety of errors depending on > whose dd.exe I try to use. > > In a google newsgroup discussion I read that "Windows > 9x does not support opening local volumes line NT-XP does". > > If this is true than I guess my question is, how do I > best accomplish the task of imaging this drive across > the wire to my Linux workstation, with little or no budget? > > This can't be the first time that a Criminal chose to > use Windows 95, right? > > Thanks in advance for your feedback! > > -Dan Rathbun > > ----------------------------------------------------------------- > This list is provided by the SecurityFocus ARIS analyzer service. > For more information on this free incident handling, management > and tracking system please see: http://aris.securityfocus.com > ----------------------------------------------------------------- This list is provided by the SecurityFocus ARIS analyzer service. For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com
This archive was generated by hypermail 2b30 : Tue Apr 08 2003 - 16:27:38 PDT