GNU/LINUX Forensic Case Study (ubuntu 10.04)
|
|
- Ralph Watson
- 8 years ago
- Views:
Transcription
1 GNU/LINUX Forensic Case Study (ubuntu 10.04) Creative Commons Attribution-NonCommercial-ShareAlike 3.0 Unported License
2 FCCU Federal Computer Crime Unit of Belgium Assistance house searches Forensic analysis ICT Internet investigations 2
3 Flight Case.. Intervention kit FCCU ATA, SATA, FireWire, USB, Cardreader, DVD,.. 3
4 FCCU GNU/Linux Forensic Boot CD Objectives Learn the forensic methods, primarily done with GNU/Linux system Learn something about forensic tools The Main Purpose of the CD To help in forensic analysis of computers 4
5 Goals Making forensic images primarily Disk 2 disk Partition 2 partition Disk/partition 2 file 5
6 About the Boot CD Difference with other non forensic boot CD's No automatic use of swap partitions Lots of forensic tools No daemons at startup 6
7 Biking Through this case 'Evidence' Imaging & Hardware investigation Why? Low level searches & identify files Deleted files 7
8 Sweating further on the bike Specific files.. Pictures (and multimedia) Compressed files File system specific Timelines Web activitity Log files Virus? Rootkit? 8
9 Determination of Suspect PC Speed? Low level search - keyword search - salvage based on file structures Childporn - an image viewer - mplayer with frame buffer support Internet trace - Firefox - Internet Explorer 9
10 The Evidence Presentation of the Evidence? A 126 MiB USB key Suspect traces are - named forensic target - everything about pirates 10
11 The evidence Forensic sound imaging raw, afflib, libewf,.. Using the tools: dd sdd rdd ddrescue guymanager,dcfldd,cstream,.. 11
12 The Evidence Obtain the forensic image using netcat & dd: Suspect PC dd if=/dev/sda conv=noerrors,sync pipebench netcat -l q 1 Trusted PC netcat x.x 2000 pipebench > /mnt/forensic/sda.dd What does cryptcat do? 12
13 Let's nc We'll use /mnt/forensic as a reference directory: Suspect PC of trustworthy teacher or some peering student cat usbkey.dd pipebench gzip --fast netcat -l q 1 Trusted PC of a good listening student netcat ip.adress.of.sender 2000 gunzip pipebench > /mnt/forensic/usbkey.dd nc ipadress portnr gunzip pv -i 1 -s 128m >/mnt/forensic/usbkey.dd 13
14 The evidence Identifying devices (goals) You have to know what to copy Writing an accurate report Finding suspicious information 14
15 Device Identification General information cat /proc/partitions lshw lshw less cat /proc/meminfo cat /proc/cpuinfo dmesg dmesg more The Evidence dmesg tee dmesg.txt grep 'failed' x86info cpuid 15
16 The Evidence Device identification ATA/IDE Try to find serial numbers Name your image using the serial number lshw less hdparm -i /dev/hda hdparm -I /dev/hda lshw tee lshw.txt egrep -n -A 2 'disk storage' dumpe2fs /dev/hda1 #what? 16
17 The Evidence Device identification HPA/DCO dmesg hdparm --dco-identify /dev/hda hdparm -N /dev/sda disk_stat /dev/hda USB/FireWire/SATA cat /proc/scsi/scsi scsiinfo -s /dev/sda What does dmidecode report? 17
18 Tips Redirect into information file(s) lshw >> usbkey-info.txt Use the bash autocompletion feature (tab (tab)) Read man pages Difference between > and >> 18
19 Image Verification md5sum usbkey.dd #9580e6bb7d6750ad34e fdcc2 md5sum /dev/sda sha1sum usbkey.dd #5f12c42fdb5ea1b9d d303a8f48ed847 sha1sum /dev/sda 19
20 Tips Think like a plumber Why not use tee to calculate the hash during the imaging dd if=/dev/sda tee usbkey.dd md5sum > usbkey.md5 dd if=/dev/sda tee usbkey.dd sha1sum > usbkey.sha1 Try the same with a progress bar (virtual using cat) Could u obtain this also with dcfldd 20
21 The evidence Once imaging is done, try to identify filesystems DOS type partitioning fdisk -lu usbkey.dd sfdisk -lus usbkey.dd Other types DOS type MAC type BSD disklabels SUN mmls usbkey.dd 21
22 The evidence Is it really a partition magic recovery partition? disktype usbkey.dd disktype recognizes and probes partition types DOS APPLE AMIGA ATARI ST BSD LINUX SOLARIS fsstat usbkey.dd -f ntfs -o 51 22
23 The Evidence Mounting the file system read-only mount usbkey.dd /mnt/forensic -o loop,offset=$((51*512)) -r Attention journaling filesystems! 23
24 The Evidence Basic informations about the filesystem Counting regular files find /mnt/forensic/ -type f wc -l Partition usage df -h /mnt/forensic 24
Linux in Law Enforcement
Linux in Law Enforcement It's all about CONTROL Barry J. Grundy CALUG MEETING JUNE 2008 !! Disclaimer!! This presentation is not sponsored by any organization of the US Government I am here representing
More informationDigital Forensics Tutorials Acquiring an Image with Kali dcfldd
Digital Forensics Tutorials Acquiring an Image with Kali dcfldd Explanation Section Disk Imaging Definition Disk images are used to transfer a hard drive s contents for various reasons. A disk image can
More informationComputer Forensics using Open Source Tools
Computer Forensics using Open Source Tools COMP 5350/6350 Digital Forensics Professor: Dr. Anthony Skjellum TA: Ananya Ravipati Presenter: Rodrigo Sardinas Overview Use case explanation Useful Linux Commands
More informationCapturing a Forensic Image. By Justin C. Klein Keane <jukeane@sas.upenn.edu> 12 February, 2013
Capturing a Forensic Image By Justin C. Klein Keane 12 February, 2013 Before you Begin The first step in capturing a forensic image is making an initial determination as to the
More informationOpen Source and Incident Response
Open Source and Incident Response Joe Lofshult, CISSP, GCIH 1 Agenda Overview Open Source Tools FIRE Demonstration 2 Overview Incident Adverse event that threatens security in computing systems and networks.
More informationUSB 2.0 Flash Drive User Manual
USB 2.0 Flash Drive User Manual 1 INDEX Table of Contents Page 1. IMPORTANT NOTICES...3 2. PRODUCT INTRODUCTION...4 3. PRODUCT FEATURES...5 4. DRIVER INSTALLATION GUIDE...6 4.1 WINDOWS 98 / 98 SE... 6
More informationComputer Forensic Tools. Stefan Hager
Computer Forensic Tools Stefan Hager Overview Important policies for computer forensic tools Typical Workflow for analyzing evidence Categories of Tools Demo SS 2007 Advanced Computer Networks 2 Important
More informationRecovering Data from Windows Systems by Using Linux
Recovering Data from Windows Systems by Using Linux Published by the Open Source Software at Microsoft, May 27 Special thanks to Chris Travers, Contributing Author to the Open Source Software Lab Most
More information2! Bit-stream copy. Acquisition and Tools. Planning Your Investigation. Understanding Bit-Stream Copies. Bit-stream Copies (contd.
Acquisition and Tools COMP 2555: Principles of Computer Forensics Autumn 2014 http://www.cs.du.edu/2555 1 Planning Your Investigation! A basic investigation plan should include the following activities:!
More informationRecovering Data from Windows Systems by Using Linux
Recovering Data from Windows Systems by Using Linux Published by the Open Source Software Lab at Microsoft. November 2007. Special thanks to Chris Travers, Contributing Author to the Open Source Software
More informationAcronis True Image 2015 REVIEWERS GUIDE
Acronis True Image 2015 REVIEWERS GUIDE Table of Contents INTRODUCTION... 3 What is Acronis True Image 2015?... 3 System Requirements... 4 INSTALLATION... 5 Downloading and Installing Acronis True Image
More informationSecurity Incident Investigation
Security Incident Investigation Mingchao Ma STFC RAL, UK HEPSYSMAN Workshop 10 th June 2010 Overview Security incident handling lifecycle Based on NIST SP800-61rev1 recommendation http://csrc.nist.gov/publications/nistpubs/800-61-rev1/sp800-61rev1.pdf
More informationOpen Source Data Recovery
Open Source Data Recovery Options and Techniques CALUG MEETING October 2008 !! Disclaimer!! This presentation is not sponsored by any organization of the US Government I am here representing only myself
More informationForensic Imaging and Artifacts analysis of Linux & Mac (EXT & HFS+)
Copyright: The development of this document is funded by Higher Education of Academy. Permission is granted to copy, distribute and /or modify this document under a license compliant with the Creative
More informationBackTrack Hard Drive Installation
BackTrack Hard Drive Installation BackTrack Development Team jabra [at] remote-exploit [dot] org Installing Backtrack to a USB Stick or Hard Drive 1 Table of Contents BackTrack Hard Drive Installation...3
More informationUSB Bare Metal Restore: Getting Started
USB Bare Metal Restore: Getting Started Prerequisites Requirements for the target hardware: Must be able to boot from USB Must be on the same network as the Datto device Must be 64 bit hardware Any OSs
More informationUnix/Linux Forensics 1
Unix/Linux Forensics 1 Simple Linux Commands date display the date ls list the files in the current directory more display files one screen at a time cat display the contents of a file wc displays lines,
More informationCreating a Disk Drive For Linux
Storage Presenter:! Robert Wang Linux s Abstraction (vfs) (file systems) (physical devices) Storage Device Disk Drive Multiple Drives RAID! Redundant Array of Independent/Inexpensive Disks! Software or
More informationMSc Computer Security and Forensics. Examinations for 2009-2010 / Semester 1
MSc Computer Security and Forensics Cohort: MCSF/09B/PT Examinations for 2009-2010 / Semester 1 MODULE: COMPUTER FORENSICS & CYBERCRIME MODULE CODE: SECU5101 Duration: 2 Hours Instructions to Candidates:
More informationLab III: Unix File Recovery Data Unit Level
New Mexico Tech Digital Forensics Fall 2006 Lab III: Unix File Recovery Data Unit Level Objectives - Review of unallocated space and extracting with dls - Interpret the file system information from the
More informationLinux System Administration on Red Hat
Linux System Administration on Red Hat Kenneth Ingham September 29, 2009 1 Course overview This class is for people who are familiar with Linux or Unix systems as a user (i.e., they know file manipulation,
More informationDigital Forensics with Open Source Tools
Digital Forensics with Open Source Tools Cory Altheide Harlan Carvey Technical Editor Ray Davidson AMSTERDAM BOSTON HEIDELBERG LONDON NEW YORK OXFORD PARIS SAN DIEGO SAN FRANCISCO SINGAPORE SYDNEY TOKYO
More informationForensic Investigator. Module XI Linux Forensics
Computer Hacking Forensic Investigator Module XI Linux Forensics Module Objective This module will familiarize you with the following: Use of Linux as a forensic tool. Recognizing partitions in Linux.
More informationDIGITAL FORENSIC INVESTIGATION, COLLECTION AND PRESERVATION OF DIGITAL EVIDENCE. Vahidin Đaltur, Kemal Hajdarević,
DIGITAL FORENSIC INVESTIGATION, COLLECTION AND PRESERVATION OF DIGITAL EVIDENCE Vahidin Đaltur, Kemal Hajdarević, Internacional Burch University, Faculty of Information Technlogy 71000 Sarajevo, Bosnia
More informationUNIX Computer Forensics
Honeynet2_book.fm Page 347 Thursday, April 29, 2004 11:09 AM 12 UNIX Computer Forensics Brian Carrier In the last chapter, we discussed the basics of computer forensics. In this chapter, we discuss the
More informationChapter Contents. Operating System Activities. Operating System Basics. Operating System Activities. Operating System Activities 25/03/2014
Chapter Contents Operating Systems and File Management Section A: Operating System Basics Section B: Today s Operating Systems Section C: File Basics Section D: File Management Section E: Backup Security
More informationIntroduction to The Sleuth Kit (TSK) By Chris Marko. Rev1 September, 2005. Introduction to The Sleuth Kit (TSK) 1
Introduction to The Sleuth Kit (TSK) By Chris Marko Rev1 September, 2005 Introduction to The Sleuth Kit (TSK) 1 This paper provides an introduction to The Sleuth Kit (referred to as TSK herein), from Brian
More information2.6.1 Creating an Acronis account... 11 2.6.2 Subscription to Acronis Cloud... 11. 3 Creating bootable rescue media... 12
USER'S GUIDE Table of contents 1 Introduction...3 1.1 What is Acronis True Image 2015?... 3 1.2 New in this version... 3 1.3 System requirements... 4 1.4 Install, update or remove Acronis True Image 2015...
More informationTechnical Procedure for Evidence Search
Technical Procedure for Evidence Search 1.0 Purpose - The purpose of this procedure is to provide a systematic means of searching digital evidence in order to find data sought by the search authorization.
More informationLinux Overview. The Senator Patrick Leahy Center for Digital Investigation. Champlain College. Written by: Josh Lowery
Linux Overview Written by: Josh Lowery The Senator Patrick Leahy Center for Digital Investigation Champlain College October 29, 2012 Disclaimer: This document contains information based on research that
More informationHARFORD COMMUNITY COLLEGE 401 Thomas Run Road Bel Air, MD 21015 Course Outline CIS 110 - INTRODUCTION TO UNIX
HARFORD COMMUNITY COLLEGE 401 Thomas Run Road Bel Air, MD 21015 Course Outline CIS 110 - INTRODUCTION TO UNIX Course Description: This is an introductory course designed for users of UNIX. It is taught
More informationRecover Data Like a Forensics Expert Using an Ubuntu Live CD
Recover Data Like a Forensics Expert Using an Ubuntu Live CD There are lots of utilities to recover deleted files, but what if you can t boot up your computer, or the whole drive has been formatted? We
More informationForensics with Linux 101 or How to do Forensics for Free
Forensics with Linux 101 or How to do Forensics for Free Chuck Willis chuckfwillis@netscape.net Black Hat USA 2003 31 July 2003 Introduction Agenda About using Linux for Forensics Preparations Pre-imaging
More informationChapter 8 Objectives. Chapter 8 Operating Systems and Utility Programs. Operating Systems. Operating Systems. Operating Systems.
Chapter 8 Objectives Chapter 8 s and Utility Programs Describe the two types of software Understand the startup process for a personal computer Describe the term user interface Explain features common
More information2.8.1 Creating an Acronis account... 15 2.8.2 Subscription to Acronis Cloud... 16. 3 Creating bootable rescue media... 16
USER'S GUIDE Table of contents 1 Introduction...3 1.1 What is Acronis True Image 2015?... 3 1.2 New in this version... 3 1.3 System requirements... 4 1.4 Install, update or remove Acronis True Image 2015...
More informationInstalling a Second Operating System
Installing a Second Operating System Click a link below to view one of the following sections: Overview Key Terms and Information Operating Systems and File Systems Managing Multiple Operating Systems
More informationNavigating the Rescue Mode for Linux
Navigating the Rescue Mode for Linux SUPPORT GUIDE DEDICATED SERVERS ABOUT THIS GUIDE This document will take you through the process of booting your Linux server into rescue mode to identify and fix the
More informationOracle VM Server Recovery Guide. Version 8.2
Oracle VM Server Recovery Guide Version 8.2 Oracle VM Server for x86 Recovery Guide The purpose of this document is to provide the steps necessary to perform system recovery of an Oracle VM Server for
More informationParagon Backup Retention Wizard
Paragon Backup Retention Wizard User Guide Getting Started with the Paragon Backup Retention Wizard In this guide you will find all the information necessary to get the product ready to use. System Requirements
More informationDigital Forensics For Unix. The SANS Institute
Digital Forensics For Unix The SANS Institute John Green john@cybersecuritysciences.com Hal Pomeranz hal@deer-run.com 1 1 Forensics in a Nutshell Evidence seizure Investigation and analysis Reporting results
More informationWhere is computer forensics used?
What is computer forensics? The preservation, recovery, analysis and reporting of digital artifacts including information stored on computers, storage media (such as a hard disk or CD-ROM), an electronic
More informationPARALLELS SERVER BARE METAL 5.0 README
PARALLELS SERVER BARE METAL 5.0 README 1999-2011 Parallels Holdings, Ltd. and its affiliates. All rights reserved. This document provides the first-priority information on the Parallels Server Bare Metal
More informationRestoring a Suse Linux Enterprise Server 9 64 Bit on Dissimilar Hardware with CBMR for Linux 1.02
Cristie Bare Machine Recovery Restoring a Suse Linux Enterprise Server 9 64 Bit on Dissimilar Hardware with CBMR for Linux 1.02 This documentation shows how to restore or migrate a Linux system on dissimilar
More informationEnCase v7 Essential Training. Sherif Eldeeb https://eldeeb.net
هللامسب EnCase v7 Essential Training What s in this course Explore the most notable features of the new version. Everything you need to know about EnCase v7 to conduct basic investigations. Create Cases
More informationDo it Yourself System Administration
Do it Yourself System Administration Due to a heavy call volume, we are unable to answer your call at this time. Please remain on the line as calls will be answered in the order they were received. We
More informationComputing forensics: a live analysis
April 18th, 2005 1 2 3 Objectives Evidence acquisition Recovery and examination of suspect digital evidence (think Warrick Brown on CSI) Hardware: servers, workstations, laptops, PDAs, mobiles, cameras
More informationCloning Utility for VersaView Industrial Computers
Technical Data Cloning Utility for VersaView Industrial Computers Overview The Cloning Utility lets you create a backup image of your computer s hard drive. If your system becomes unstable or corrupt,
More informationINCIDENT RESPONSE & COMPUTER FORENSICS, SECOND EDITION
" - * INCIDENT RESPONSE & COMPUTER FORENSICS, SECOND EDITION CHRIS PROSISE KEVIN MANDIA McGraw-Hill /Osborne New York Chicago San Francisco Lisbon London Madrid Mexico City Milan New Delhi San Juan Seoul
More informationUser Manual. 2 ) PNY Flash drive 2.0 Series Specification Page 3
User Manual Table of Contents 1 ) Introduction Page 2 2 ) PNY Flash drive 2.0 Series Specification Page 3 3 ) Driver Installation (Win 98 / 98 SE) Page 4 4 ) Driver Installation (Win ME / 2000 / XP) Page
More informationIT Essentials v4.1 LI 11.4.5 Upgrade and configure storage devices and hard drives. IT Essentials v4.1 LI 12.1.3 Windows OS directory structures
IT Essentials v4.1 LI 11.4.5 Upgrade and configure storage devices and hard drives 2.3 Disk management tools In Windows Vista and Windows 7, use the following path: Start > Start Search > type diskmgmt.msc
More informationAdvanced SUSE Linux Enterprise Server Administration (Course 3038) Chapter 5 Manage Backup and Recovery
Advanced SUSE Linux Enterprise Server Administration (Course 3038) Chapter 5 Manage Backup and Recovery Objectives Develop a Backup Strategy Create Backup Files with tar Work with Magnetic Tapes Copy Data
More informationLinux command line. An introduction to the Linux command line for genomics. Susan Fairley
Linux command line An introduction to the Linux command line for genomics Susan Fairley Aims Introduce the command line Provide an awareness of basic functionality Illustrate with some examples Provide
More informationDeploying a Virtual Machine (Instance) using a Template via CloudStack UI in v4.5.x (procedure valid until Oct 2015)
Deploying a Virtual Machine (Instance) using a Template via CloudStack UI in v4.5.x (procedure valid until Oct 2015) Access CloudStack web interface via: Internal access links: http://cloudstack.doc.ic.ac.uk
More informationFORENSIC ANALYSIS OF USB MEDIA EVIDENCE. Jesús Alexander García. Luis Alejandro Franco. Juan David Urrea. Carlos Alfonso Torres
FORENSIC ANALYSIS OF USB MEDIA EVIDENCE Jesús Alexander García Luis Alejandro Franco Juan David Urrea Carlos Alfonso Torres Manuel Fernando Gutiérrez UPB 2012 Content INTRODUCTION... 3 OBJECTIVE 4 EVIDENCE
More informationTUXERA NTFS for Mac USER GUIDE 2/13. Index
2/13 Index 1. Introduction to Tuxera NTFS for Mac... 3 1.1 What is a file system driver?... 3 1.2 How does it work?... 3 2. Installation... 5 2.1 Installing Tuxera NTFS for Mac... 5 2.2 Uninstalling Tuxera
More informationFred Hantelmann LINUX. Start-up Guide. A self-contained introduction. With 57 Figures. Springer
Fred Hantelmann LINUX Start-up Guide A self-contained introduction With 57 Figures Springer Contents Contents Introduction 1 1.1 Linux Versus Unix 2 1.2 Kernel Architecture 3 1.3 Guide 5 1.4 Typographical
More informationImpact of Digital Forensics Training on Computer Incident Response Techniques
Impact of Digital Forensics Training on Computer Incident Response Techniques Valorie J. King, PhD Collegiate Associate Professor University of Maryland University College Presentation to AFCEA June 25,
More informationCreating a Cray System Management Workstation (SMW) Bootable Backup Drive
Creating a Cray System Management Workstation (SMW) Bootable Backup Drive This technical note provides the procedures to create a System Management Workstation (SMW) bootable backup drive. The purpose
More informationAn Introduction to the Linux Command Shell For Beginners
An Introduction to the Linux Command Shell For Beginners Presented by: Victor Gedris In Co-Operation With: The Ottawa Canada Linux Users Group and ExitCertified Copyright and Redistribution This manual
More informationReviewer s Guide. EaseUS Backup Solution. EaseUS Todo Backup Reviewer s Guide 1. Contents Introduction... 2. Chapter 1...3
EaseUS Todo Backup Reviewer s Guide Reviewer s Guide Contents Introduction... 2 Chapter 1...3 What is EaseUS Todo Backup?...3 Versions Comparison... 4 Chapter 2...7 Using EaseUS Todo Backup...7 Backup...7
More informationLinux System Administration
System Backup Strategies Objective At the conclusion of this module, the student will be able to: describe the necessity for creating a backup regimen describe the advantages and disadvantages of the most
More informationSystem administration basics
Embedded Linux Training System administration basics Michael Opdenacker Thomas Petazzoni Free Electrons Copyright 2009, Free Electrons. Creative Commons BY SA 3.0 license Latest update: Dec 20, 2010, Document
More informationTestDisk Step By Step CGSecurity
This Recovery example guides you through TestDisk step by step to recover a missing partition and repair a corrupted one. Translation of this TestDisk manual to other languages are welcome. Example Problem
More informationCloning Complex Linux Servers
Cloning Complex Linux Servers Cloning A Linux Machine That Has A Complex Storage Setup Where I work we have Cent OS servers whose drives are in various software raid and LVM2 configurations. I was recently
More informationTutorial 0A Programming on the command line
Tutorial 0A Programming on the command line Operating systems User Software Program 1 Program 2 Program n Operating System Hardware CPU Memory Disk Screen Keyboard Mouse 2 Operating systems Microsoft Apple
More informationPrimeRail Installation Notes Version A-2008.06 June 9, 2008 1
PrimeRail Installation Notes Version A-2008.06 June 9, 2008 1 These installation notes present information about installing PrimeRail version A-2008.06 in the following sections: Media Availability and
More informationDigital Forensics Tutorials Acquiring an Image with FTK Imager
Digital Forensics Tutorials Acquiring an Image with FTK Imager Explanation Section Digital Forensics Definition The use of scientifically derived and proven methods toward the preservation, collection,
More informationDigital Forensics. Module 4 CS 996
Digital Forensics Module 4 CS 996 Hard Drive Forensics Acquisition Bit for bit copy Write protect the evidence media EnCase for DOS Safeback (NTI: www.forensics-intl.com) Analysis EnCase FTK (www.accessdata.com)
More informationEaseUS Partition Master
Reviewer s Guide Contents Introduction... 2 Chapter 1... 3 What is EaseUS Partition Master?... 3 Versions Comparison... 4 Chapter 2... 5 Using EaseUS Partition Master... 5 Partition Manager... 5 Disk &
More informationCisco Networking Academy Program Curriculum Scope & Sequence. Fundamentals of UNIX version 2.0 (July, 2002)
Cisco Networking Academy Program Curriculum Scope & Sequence Fundamentals of UNIX version 2.0 (July, 2002) Course Description: Fundamentals of UNIX teaches you how to use the UNIX operating system and
More informationHow To Set Up Software Raid In Linux 6.2.2 (Amd64)
Software RAID on Red Hat Enterprise Linux v6 Installation, Migration and Recovery November 2010 Ashokan Vellimalai Raghavendra Biligiri Dell Enterprise Operating Systems THIS WHITE PAPER IS FOR INFORMATIONAL
More informationHow to Restore a Linux Server Using Bare Metal Restore
How to Restore a Linux Server Using Bare Metal Restore This article refers to firmware version 5.4 and higher, and the Barracuda Linux Backup Agent 5.4 and higher. Use the steps in this article to restore
More informationRed Hat System Administration 1(RH124) is Designed for IT Professionals who are new to Linux.
Red Hat Enterprise Linux 7- RH124 Red Hat System Administration I Red Hat System Administration 1(RH124) is Designed for IT Professionals who are new to Linux. This course will actively engage students
More informationDr Michael Cohen. This talk does not represent my Employer. April 2005
RAID Reconstruction And the search for the Aardvark Dr Michael Cohen This talk does not represent my Employer April 2005 1 RAID 0: Striping What is RAID? Improves performance due to parallel disk access
More informationBare Metal Backup And Restore
Bare Metal Backup And Restore A TundraWare Inc. Technical Note Author: Tim Daneliuk (tundra@tundraware.com) Version: $Id: baremetal.rst,v 1.124 2014/08/26 13:15:28 tundra Exp $ Précis Many commercial and
More informationAbstract. Microsoft Corporation Published: August 2009
Linux Integration Components Version 2 for Hyper-V (Windows Server 2008, Windows Server 2008 R2, Microsoft Hyper-V Server 2008, and Microsoft Hyper-V Server 2008 R2) Readme Microsoft Corporation Published:
More informationUsing Secure4Audit in an IRIX 6.5 Environment
Using Secure4Audit in an IRIX 6.5 Environment Overview... 3 Icons... 3 Installation Reminders... 4 A Very Brief Overview of IRIX System auditing... 5 Installing System Auditing... 5 The System Audit Directories...
More informationInstalling Windows 98 in Windows Virtual PC 7 (Windows Virtual PC)
Installing Windows 98 in Windows Virtual PC 7 (Windows Virtual PC) Before beginning, you will need to have a Windows 98 installation CD and a Windows 98 license key and a bootable CD. A bootable floppy
More informationTaurus - RAID. Dual-Bay Storage Enclosure for 3.5 Serial ATA Hard Drives. User Manual
Dual-Bay Storage Enclosure for 3.5 Serial ATA Hard Drives User Manual v1.0 August 23, 2007 EN Table of Contents CHAPTER 1 - INTRODUCTION 1 CHAPTER 3 - SYSTEM SET UP 9 ICON KEY 1 THE TAURUS RAID 1 AVAILABLE
More informationDigital Forensics Lecture 3. Hard Disk Drive (HDD) Media Forensics
Digital Forensics Lecture 3 Hard Disk Drive (HDD) Media Forensics Current, Relevant Topics defendants should not use disk-cleaning utilities to wipe portions of their hard drives before turning them over
More informationDeployStudio Server Quick Install
DeployStudio Server Quick Install v1.7.0 The DeployStudio Team info@deploystudio.com Requirements OS X 10.7.5 to 10.11.1 DeployStudioServer_v1.7.x.pkg and later NetBoot based deployment 100 Mb/s switched
More informationHARD DISK MANAGER 14 / FULL FEATURES LIST. HDM 14 Suite. Features. HDM 14 Pro. Drive Partitioning. Data Backup & Restore
Features HDM 14 Suite HDM 14 Pro Drive Partitioning Create Partition Express Create Partition Format Partition Delete Partition Undelete Partition Move/Resize Partition Express Resize Partition Redistribute
More informationHP LeftHand SAN Solutions
HP LeftHand SAN Solutions Support Document Support Procedures Seting Up iscsi volumes on CENTOS 5, RedHat 5, Fedora 7 and, Debian Ubutu Linux Legal Notices Warranty The only warranties for HP products
More information2013 Open Source Digital Forensics Conference
4 TH ANNUAL OSDF 2013 Open Source Digital Forensics Conference DATA TRIAGE: The art of making molehills out of mountains Tobin Craig, MRSC, CISSP, CCE, CFCE Lab Chief, Computer Crimes Unit Department of
More informationUsing Symantec NetBackup with Symantec Security Information Manager 4.5
Using Symantec NetBackup with Symantec Security Information Manager 4.5 Using Symantec NetBackup with Symantec Security Information Manager Legal Notice Copyright 2007 Symantec Corporation. All rights
More informationLecture 6: Operating Systems and Utility Programs
Lecture 6: Operating Systems and Utility Programs Chapter 8 Objectives Identify the types of system software Summarize the startup process on a personal computer Summarize the features of several stand-alone
More informationStorageCraft Technology Corporation Leading the Way to Safer Computing 2004-2009 StorageCraft Technology Corporation. All Rights Reserved.
PRODUCT SCENARIOS Introduction Fast and reliable online backup and bare metal recovery for Windows servers ShadowProtect Server Edition creates an exact point-in-time backup of your entire server or specific
More informationBackup Agent Plug-in. Installation Manual. Theater Management Suite
Backup Agent Plug-in Installation Manual Theater Management Suite R59770810/00 06/11/2012 Barco nv Entertainment Division Noordlaan 5, B-8520 Kuurne Phone: +32 56.36.82.11 Fax: +32 56.36.883.86 Support:
More informationDigital Forensics using Linux and Open Source Tools
2 Digital Forensics using Linux and Open Source Tools Sept 26, 2005 Bruce Nikkel Overview/Goals of Seminar Provide a high level overview of forensic and investigative tools available for Linux Present
More informationMake a Bootable USB Flash Drive from the Restored Edition of Hiren s Boot CD
Make a Bootable USB Flash Drive from the Restored Edition of Hiren s Boot CD proteuss@sdf.lonestar.org Contents 1 Linux Method 2 2 Windows Method 3 3 Alternative Windows Method (RMPrepUSB) 4 4 HBCD on
More informationA+ Guide to Managing and Maintaining Your PC, 7e. Chapter 16 Fixing Windows Problems
A+ Guide to Managing and Maintaining Your PC, 7e Chapter 16 Fixing Windows Problems Objectives Learn what to do when a hardware device, application, or Windows component gives a problem Learn what to do
More informationis605 Dual-Bay Storage Enclosure for 3.5 Serial ATA Hard Drives FW400 + FW800 + USB2.0 Combo External RAID 0, 1 Subsystem User Manual
is605 Dual-Bay Storage Enclosure for 3.5 Serial ATA Hard Drives FW400 + FW800 + USB2.0 Combo External RAID 0, 1 Subsystem User Manual (English/Deutsch/ 中 文 ) v1.0 August 23, 2007 Table of Contents CHAPTER
More informationPCIe AHCI-IP Demo Instruction Rev1.0 10-Jul-15
PCIe AHCI-IP Demo Instruction Rev1.0 10-Jul-15 This document describes the instruction to show PCIeSSD demo by using SATA AHCI-IP, SATA-IP, and PCIeIP connecting with SATA-III/II SSD on Xilinx evaluation
More informationWindows 7. Tips and Tricks. Scott Sekinger
Windows 7 Tips and Tricks By Scott Sekinger This article includes helpful Windows 7 tips and tricks. The topics discussed are: 1. Windows keyboard shortcuts 2. how to create a System Repair disk 3. how
More informationUser Manual. 2 Bay Docking Station
FANTEC MR-CopyDU3 User Manual 2 Bay Docking Station With One Touch Backup (OTB) and Copy Function Hardware: PC and Notebooks, Macintosh USB 1.1, USB 2.0 or USB 3.0 interface Features: 2,5 or 3,5 SATA I,II,III
More informationHands on Post Mortem Forensics Analysis in SUSE Linux Enterprise Servers Technical Tutorial Session Length - 1 hour
Hands on Post Mortem Forensics Analysis in SUSE Linux Enterprise Servers Technical Tutorial Session Length - 1 hour Sandro Melo Teacher in Bandtec College - Brazil sandro.melo@bandtec.com.br About me Sandro
More informationEC-Council Ethical Hacking and Countermeasures
EC-Council Ethical Hacking and Countermeasures Description This class will immerse the students into an interactive environment where they will be shown how to scan, test, hack and secure their own systems.
More informationReplacing a Laptop Hard Disk On Linux. Khalid Baheyeldin http://2bits.com. KWLUG, September 2015
Replacing a Laptop Hard Disk On Linux Khalid Baheyeldin http://2bits.com KWLUG, September 2015 About Khalid 30 years in software development and software consulting First computer: Sinclair ZX Spectrum
More informationITU Session Four: Device Imaging And Analysis. Mounir Kamal Q-CERT
ITU Session Four: Device Imaging And Analysis Mounir Kamal Q-CERT 2 Applying Forensic Science to Computer Systems Like a Detective, the archaeologist searches for clues in order to discover and reconstruct
More information