Security Incidents mailing list archives
Re: Digital forensics of the physical memory
From: Mariusz Burdach <mariuszburdach () yahoo com>
Date: Thu, 16 Jun 2005 04:43:19 -0700 (PDT)
The only other thing I would like to mention is the difficulty in gathering a trustworthy image of physical memory. In fact I would go so far as saying that this is an impossibility so long as the imaging process relies on the host operating system.
Thank you for your useful comments. The primary drawback to use any user or kernel land tool as a method of collecting evidence from a live system is a trustworthy of such evidence in the court. But technology such FireWire seems to be promising. Regards, Mariusz Burdach http://forensic.seccure.net __________________________________ Discover Yahoo! Use Yahoo! to plan a weekend, have fun online and more. Check it out! http://discover.yahoo.com/
Current thread:
- Digital forensics of the physical memory Mariusz Burdach (Jun 15)
- Re: Digital forensics of the physical memory Ben Hawkes (Jun 17)
- Re: Digital forensics of the physical memory Mariusz Burdach (Jun 17)
- Re: Digital forensics of the physical memory Harlan Carvey (Jun 17)
- RE: Digital forensics of the physical memory George M. Garner Jr. (Jun 18)
- RE: Digital forensics of the physical memory Harlan Carvey (Jun 20)
- Re: Digital forensics of the physical memory David Pick (Jun 20)
- Moderator's note: Re: Digital forensics of the physical memory Daniel Hanson (Jun 20)
- part deux, was -> RE: Digital forensics of the physical memory Harlan Carvey (Jun 20)
- Re: part deux, was -> RE: Digital forensics of the physical memory Ben Hawkes (Jun 20)
- Re: Digital forensics of the physical memory Ben Hawkes (Jun 17)