Honeypots mailing list archives

Re: Free/Open Source Disk Imaging Tools

From: "William Salusky" <change () dmzs com>
Date: Thu, 6 Feb 2003 12:24:10 -0400

I do not recommend using partimage for acquiring forensic images, as it will miss slack space entirely. (great tool, 
just not for forensics)

I have been using rda (remote data acquisition) http://www.md5sa.com which will do inline md5 hashes of the source and 
destination image and generate reporting as well.

This is now included in the fire distribution as well.

W

Current thread:

Free/Open Source Disk Imaging Tools George Chamales (Feb 06)
- Re: Free/Open Source Disk Imaging Tools John Papapanos (Feb 06)
  - Re: Free/Open Source Disk Imaging Tools Brian Carrier (Feb 06)
- Re: Free/Open Source Disk Imaging Tools Volker Kindermann (Feb 06)
- Re: Free/Open Source Disk Imaging Tools Mel (Feb 06)
  - Re: Free/Open Source Disk Imaging Tools Seth Arnold (Feb 06)
- <Possible follow-ups>
- RE: Free/Open Source Disk Imaging Tools Hudak, Tyler (Feb 06)
  - RE: Free/Open Source Disk Imaging Tools george chamales (Feb 06)
    - Re: Free/Open Source Disk Imaging Tools Volker Tanger (Feb 07)
- Re: Free/Open Source Disk Imaging Tools William Salusky (Feb 06)
- RE: Free/Open Source Disk Imaging Tools crazytrain.com (Feb 07)
  - Re: Free/Open Source Disk Imaging Tools George Bakos (Feb 07)
    - Re: Free/Open Source Disk Imaging Tools Bernie, CTA (Feb 07)
    - Re: Free/Open Source Disk Imaging Tools Bill Moylan (Feb 07)
- Re: Free/Open Source Disk Imaging Tools Bernie, CTA (Feb 09)