greggmaynard wrote:
>
> I used dclfdd to create an image file from Knoppix (FoRK); how can I now
> analyse the file (or add as evidence) in enCase? Any...
Gregg, In EnCase, from the file menu, select [Add Raw Image]. If you imaged the entire disk, choose "Disk", or if you imaged the partition only, choose ...
... Hi, Theres actually a encase Linux boot CD called "linen" for hard disk imaging with the new version. I dont think the main gui has been ported yet though....
Adam Daniel
adamd@...
Mar 8, 2006 1:07 am
1953
Guys, Yes, EnCase have an tool available similar to their DOS acquisition tool that runs on *nix that they call "Linen". No, the main EnCase analysis tool has...
... I can't say i'm dissapointed about that :) -- ... FORENSIC DATA - Discovery and Recovery *The Data Recovery Experts* SYDNEY - 107/83 York Street Sydney NSW...
Adam Daniel
adamd@...
Mar 8, 2006 1:48 am
1955
Not *really* much need, when you look at the tools already available. pyFLAG can do pretty much everything that EnCase can, except produce a report compiled...
Hi Blare, A few years ago I got Encase GUI edition running on Linux (Xandros from memory) using crossover office. Trouble was I couldn't get the USB key ...
... The last time I checked, this was the LINUX forensics list. The question asked in this context was STUPID, and a stupid question deserves a stupid answer,...
Harry Duncan
usr.src.linux@...
Mar 8, 2006 5:24 am
1958
... the system ... will not ... have no ... I tried to resist, but I just can't - last time I looked, SMART wasn't open source... As far as accepting images of...
... I went to this web page to learn a little about FoRK, http://www.vitaldata.com.au/modules/tinycontent1/index.php?id=9 which eventually takes you here for...
Adam Daniel wrote:
> Hi, Theres actually a encase Linux boot CD called "linen" for hard disk
> imaging with the new version.
>
> I dont think the main gui has...
... Linux does not imply Opensource. Would have expected anyone with the interest or profession in Forensics not to make up facts or implications in their...
Harry Duncan
usr.src.linux@...
Mar 8, 2006 8:52 am
1963
Harry, I was merely responding to you talking up SMART as an alternative to EnCase when you state "and will not attempt to shove you down some closed ...
I heartily agree Blare...and you were much nicer to Harry than I would have been... _______________________________ Raymond Smith, M.A., EnCE Vice President -...
... Hmm. So let me ask a stupid question. EnCase has always been touted as preferred, because its "accepted by the courts" where Linux products were...
Dave, I guess that EnCase got the mantle as being the "preferred" tool by its widespread use, and really is only touted as such by Guidance Software. I don't...
... preferred, because its "accepted by the courts" where Linux products were "untested," yadda yadda. (This always seemed a silly argument to make, since it...
Greg, Once you have gathered your image with dd or dcfldd or whatever, and you have your case created in EnCase, you can do click on File Menu - Add Raw Image...
I must chime in here. Yes, It's me and many have probably wondered where I have been. Long story but I finally made it to DC. Got a promotion with my agency...
Spot on Ernest, Exactly what I was attempting to verbalise coming off the back of a steaming debate ;-) It is the examiner's experience, competency and their...
... What really get me time and time again Blare is people going off topic and wasting the time and energy of list users with irrelevant questions. Someone...
Harry Duncan
usr.src.linux@...
Mar 10, 2006 2:06 am
1973
... Having reviewed all your previous contributions to the list, I see that this particular contribution contains as more linux knowledge than all the previous...
Harry Duncan
usr.src.linux@...
Mar 10, 2006 2:09 am
1974
Need more rolaids Harry? How about some Midol? :-) _______________________________ Raymond Smith, M.A., EnCE Vice President - SEHS Investigative Services ...
you know, I came in on the tail end of this (no pun intended)....however... anyone who cares to call Ian down, is a bone-fide dickhead. I know this thread is...
Having problems with message search?
Fill out this form to ensure your group is one of the first to be migrated to the new message search system.
