Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:
edgeos network security services platform







Security Basics: Re: Forensic tool to recommend?

Re: Forensic tool to recommend?

From: Erik Luken <eluken_at_pentarch.org>
Date: Wed, 30 May 2007 18:58:22 -0500

By limited usage, I mean next to none. The cd would boot, but not mount any
ram-drives to do the tests.

Now that I think about it, I'm not sure if it was the SATA CD or HDD that
was causing this. I'll have to check again.

----- Original Message -----
From: "ragdelaed" <ragdelaed_at_gmail.com>
To: "'Erik Luken'" <eluken_at_pentarch.org>;
<security-basics_at_securityfocus.com>
Sent: Wednesday, May 30, 2007 6:52 PM
Subject: RE: Forensic tool to recommend?

>I would think you wanted read only if you were conducting a forensic
> examination, right? Or am I reading this wrong?
>
> -----Original Message-----
> From: listbounce_at_securityfocus.com [mailto:listbounce_at_securityfocus.com]
> On
> Behalf Of Erik Luken
> Sent: Wednesday, May 30, 2007 3:58 PM
> To: security-basics_at_securityfocus.com
> Subject: Re: Forensic tool to recommend?
>
> Biggest issue I've noticed here, is that Helix does not recognize SATA
> cdroms. Booting from such, you get a limited read-only usage.
>
> ----- Original Message -----
> From: "Richard Lane" <lane.security_at_gmail.com>
> To: <security-basics_at_securityfocus.com>
> Sent: Wednesday, May 30, 2007 7:55 AM
> Subject: Re: Forensic tool to recommend?
>
>
>
> I recommend the HELIX LiveCD distro. It has both Windows and Linux "sides"
> - booting from cold will give access to the Linux toolset, however loading
> the CD in Windows provides access to a variety of Windows tools.
>
> http://www.e-fense.com/helix/
>
> Good luck
>
> Richard
>
>
>
>>From: Fabio Cerullo <fcerullo_at_gmail.com>
>>Date: Tue, 29 May 2007 07:53:28 +0100
>
>>Hi All,
>>I am evaluating some tools for gathering evidence in Linux and Windows
> distros.
>>In particular I am interested in recovering files/folders which have
>>been deleted "accidentally" from the PC.
>>I am aware there are some Live CD's with Linux installed that could
>>mount a drive and try to recover those files but don't know anyone in
>>particular.
>>Any help will be really appreciated.
>>Thank you very much.
>>Greetings,
>>Fabio
>
>
>
>
Received on May 30 2007

[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]