Linux Today: Linux News On Internet Time.
Search Linux Today
Linux News Sections:  Developer -  High Performance -  Infrastructure -  IT Management -  Security -  Storage -
Linux Today Navigation
LT Home
Contribute
Contribute
Link to Us
Linux Jobs


More on LinuxToday


Physical Memory Analysis with the LiME Linux Memory Extractor

Apr 20, 2012, 14:00 (0 Talkback[s])
(Other stories by Rikki Endsley)

"LiME (or Linux Memory Extractor) is a tool that allows the capture of volatile memory (RAM) from a running Linux device. It is the first tool of its type that also supports memory capture from Android devices. Forensics memory analysis is vital to investigations as volatile memory contains a wealth of information that is otherwise unrecoverable. Lack of such information can make certain investigative scenarios impossible, such as when performing incident response or analyzing advanced malware that does not interact with non-volatile storage.

Complete Story