Click here

Partner Sites

JustLinux.com
Linux Planet
PHPBuilder
Technology Jobs

Click here

Click here

Top White Papers

Storage Federation - What is it and Why Does Your Data Center Need It?

Traditional thinking for storage deployment does not work in today’s unpredictable world. With storage federation, you can easily move data across similar...

Download
6 Steps to Competitive Dominance Where the IT Rubber Meets the Road

IT Operations are evolving in surprising ways. The obvious changes are virtualization and the cloud. However, there are five less obvious trends that are...

Download

Click here

Click here

Current Newswire:

More on LinuxToday

Click here

Click here

Window Kit: Investigating Windows Systems With Linux

Nov 20, 2008, 18:03 (0 Talkback[s])
(Other stories by Hans-Peter Merkel, Markus Feilner)

"Before starting any forensic analysis, it is important to create a copy of the storage medium you will be investigating, either as a 1:1 copy or as an image or a collection of images. You can copy the medium as a raw image (with dd) or use a format such as Expert Witness Format (EWF)."

Related Stories:

50 Must-Have Open Source Tools for Security(Nov 10, 2008)
Recover Deleted Files With Foremost, Scalpel in Ubuntu(Oct 20, 2008)
Cybercrime and Politics(Aug 05, 2008)
To Catch a Thief(Jul 30, 2008)
Undeleted: Carving Tools Help You Recover Deleted Files(Jul 24, 2008)
Linux Tool Speeds Up Computer Forensics for Cops(Mar 08, 2008)
Net/FSE: free network forensic search engine(Jan 23, 2008)
Computer Forensics: Linux Style!(Oct 15, 2007)

0 Talkback[s] (click to add your comment)

Click here

Click here

Click here