The Digital Forensic Research Workshop 2004 Final Report is now available at www.dfrws.org, and the DFRWS 2005 is scheduled for August 17 to 19, 2005. The 2005...
I posted this query on the "other" Linux Forensics group, and ... I'm starting to see R-studio be mentioned more and more as file recovery software, and am...
... I've used many,, many,, and frequently test new versions and the R-Studio does come out tops most every time for data recovery including raid arrays. ... ...
Another great one Restorer 2000 dirt cheap does a great job. ... From: "IanC" <saladin@...> To: <linux_forensics@yahoogroups.com> Sent: Thursday, August...
How about Ontrack Easy Recovery Pro? I have to admit that I've never played with R-Studio so I cannot compare, but EasyRecovery has always been fine for me....
Luis Gómez Miralles
lgomez@...
Aug 8, 2005 9:46 am
1674
I use R-Studio most times, but I would like to use a linux tool. The problem is that I am not aware of any linux tool to recover all deleted files at once. As...
... files > one by one, not all at once (the same for autopsy). You can use a simple script to undelete all the files at once using sleuthkit. All on one line...
... Get used to that. ;) The Unix philosophy is "do something simple, and do it well" and to use pipelining (as demonstrated in the last message) to do more ...
Its far more simple than I thought! I have been using Windows for a while in my exams and now I am moving to Linux. Like you and Dave Dittrich suggested, I...
Does anyone have any experience with recovering data from tape? In specific, I am trying to recover a corrupt Arcserve session. Here's what I know: I am able...
... In what way is the tape corrupted? Is the table of contents corrupted, a block in the middle of the tape? What sort of tape media is it (DAT, DLT)? Have...
It's old but it still has some good features. A more popular one right now is Helix available at http://www.e-fense.com/helix/. It has its own dd GUI interface...
... Actually, you can now skip the '-f ntfs' and you should now use 'icat -r'. For NTFS, the '-r' doesn't matter, but it is needed for TSK to start guessing...
I'm on sleuthkit version 1.73, it hasn't been updated in the gentoo portage tree for some reason. I see the latest is 2.02, I'll have to update. But if I get...
... If you are using 2.00+ with the autodetect feature, it could be: ils imagefile.dd | awk -F '|' '($2=="f") {print $1}' | while read i; do icat -r...
BackupExec will also read ArcServe formatted tapes, though I would imagine ArcServe itself would handle any error recovery when reading the contents much more ...
Just FYI: If you use ArcServe, be sure to use the latest version you can get. Older versions of ArcServe will sometimes purport to restore a tape made by a...
I would like to know what methods people are using to basline-verify computer systems. I want to put together a procedure that when a workstation or server are...
... I just implemented a similar program. For each new server we: 1) md5sum all files 2) nmap scan for open ports 3) nessus scan for vulnerabilities 4) If...
... Dennis, I don't mean to discourage you, but its going to be a little more complicated than that. You have to deal with several cases: Files that change...
I hope the following does not violate "too severely" the posting criteria for the board. I would just like to introduce myself and let "natural networking"...
I am look to this list for experiences with the Services, software, or the partnership program of the Vogon International company. I hope to learn more about...
Do you have any in San Diego, CA? ... I hope the following does not violate "too severely" the posting criteria for the board. I would just like to introduce...
Luis Salazar
Luis.Salazar@...
Aug 18, 2005 7:53 pm
1693
To the listserv. my bad. Please Disregard. ... Do you have any in San Diego, CA? ... I hope the following does not violate "too severely" the posting ...
Luis Salazar
Luis.Salazar@...
Aug 18, 2005 7:56 pm
1694
Not really forensic-related, but it does involve Linux. <g> I'm trying to revive a circa 2001 system which has a 1.3Ghz T-bird running at 266 Mhz FSB. PC 2100...
... That's a good question. I guess part of the answer is that I didn't _think_ I'd have to put any effort into it at all (ie, it would work as is), and when...
... Could it be a cooling fan at fault? CPU's are funny things when overheating. (ie: if it works for even a little time then fails it's likely to be ...
... Ian, thanks. Definitely something worth checking out. In the meantime, I've plugged in another motherboard and cpu that were sitting on the shelf, and...
Having problems with message search?
Fill out this form to ensure your group is one of the first to be migrated to the new message search system.
