Security Incidents mailing list archives
Re: Ramen
From: Lance Spitzner <lance () SPITZNER NET>
Date: Tue, 23 Jan 2001 20:11:57 -0600
On Wed, 24 Jan 2001, Russell Fulton wrote:
I agree that this is desirable, however it is non trivial on most modern systems which don't have handy tapedrives etc. Do you have any suggestions for making this process more straight forward?
Netcat and dd? This allows you to take images of the compromised system without taking it down. http://project.honeynet.org/challenge/faq.html#faq3 lance