[GLLUG] Making Forensic Disk Images
Andy Smith
andy at bitfolk.com
Tue Apr 5 18:06:02 UTC 2016
Hi Steve,
On Tue, Apr 05, 2016 at 07:54:12PM +0200, steve taylor wrote:
> a few years ago I was working with someone who made floppy forensics
> disk images for the rest of us to analyse. I would like to do this for
> the people I am workinh with now. Any idea how to start?
What is a "forensic disk image"?
If it's a bootable live system with forensics tools on it, then I
used to recommend debian-live as my go-to project for making a
custom live environment with exactly only the tools on it that I
want.
https://wiki.debian.org/DebianLive
However, that project is currently going through a time of
turbulence and drama that is very depressing to go into, so if it
doesn't work for you then you might want to try grml instead:
https://grml.org/
Bear in mind that some computers make it hard to boot from USB, so
you may need to put it on other less convenient media. If you aren't
dealing with prehistoric hardware then that may not be an issue you
have to face.
If however "forensic disk image" means something else then you'll
have to elaborate.
Cheers,
Andy
--
http://bitfolk.com/ -- No-nonsense VPS hosting
More information about the GLLUG
mailing list