The df command will report all the available space on the disk , in other words it will report the number of blocks in the "free" list. The du command gives...
Thanks for that, I understand it now. Stu ... From: swinginscott <swinginscott@...> To: linux_forensics@yahoogroups.com Sent: Thursday, 3 January, 2008...
Good afternoon! I'm getting ready to examine a hard drive that has been imaged into segmented DD images. I'd like to mount said images into Linux and run ...
... By ".e01 format images", I assume you mean Expert Witness Format (Encase)? If so, Google "mount-ewf". It appears to be included in the Helix distribution. ...
Greetings, LiveView has limited support for Linux images. You could try that, boot the suspect OS, and run ClamAV from within it. Not forensically sound,...
Hello Friends, Can anybody help me in getting Forensic Digest or Guides published by Red Hat or Sun or GNU Open Source Community as a Fundamental Computer...
Hi, i need some information about the ppl that I will write below. I need full name information and jobs or departement, cause I will include them on my thesis...
Pak tedi, saya sebenarnya mahasiswa s1 yang pernah meminta masukan dari milis ini dan dari Mr. Barry J Grundy secara personal untuk skripsi saya. kalo boleh...
Hi all, I need some info about the relation between tax fraud with computer forensics, does anyone has a paper or article, about how we can solve the tax fraud...
further more, how we could implement computer forensics on taxes departement :D does anyone can help me? Mada R Perdhana <mrp_bpp@...> wrote: Hi all, I...
Is there an application in Linux to monitor an application's actions much like ProcMon does in MS Windows (where it monitors registry activity, file activity,...
Hi All I have using "afflib" (for the first time) using Ubuntu 7.10 on a troublesome 1 GiB thumb drive. Part of the package (aimage) allows you to make a copy...
Fuse is utlilised as a Kernel Module if support is not compiled in the kernel. Have you tried "lsmod | grep fuse" to see if you have the module available, if...
FUSE support is disabled if you do not have the FUSE developer libraries and fuse.h installed when AFFLIB is compiled. This has come up before, so I'll...
... Hash: SHA1 ... It's available as a module in Ubuntu 7.10 so that should work. Jon. ... Version: GnuPG v1.4.7 (GNU/Linux) Comment: Using GnuPG with Mozilla...
as far as i knew, usually every linux distro include this tools as default. maybe you can check it first, or if it is still not there you can download it from...
Simson Thank you, everything is now working correctly. Stu ... From: simsongarfinkel <simsong@...> To: linux_forensics@yahoogroups.com Sent: Friday, 1...
... I wasn't sure if you meant the standard lsof with any Linux distro. Yes I'm familiar with that one. I'll re-examine it but it doesn't appear to be what...
... Hash: SHA1 Stuart, Just to clarify what was it that you did to resolve this issue on your Ubuntu 7.10? Regards, Jon. ... Version: GnuPG v1.4.7 (GNU/Linux) ...
Jacques, When I've needed to understand exactly what a process does on linux I've used the standard strace command. Check it out and let me know if you have...
... Thanks. I'll re-examine that one as well. Perhaps between a combination of a few of them I'll be able to do in Linux what I can do in Windows with...
Hi Jon I installed the fuse dev packages using: #apt-get install libfuse-dev (I already had fuse-utils, fuse-source and libfuse2 installed). I then recompiled...
Hi, does anyone here knows, how can we read a formatted / deleted file on Win partition from Linux (beside using grep), not using recovery tools, just like if...
... It does a lot more that I gave it credit (just had a look at it in my Linux In A Nutshell manual). But I don't see where it will do what I'm hoping to do....
I don't think that anyone on the planet actually knows all of the options for the "ps" command. ... [Non-text portions of this message have been removed]...
Having problems with message search?
Fill out this form to ensure your group is one of the first to be migrated to the new message search system.
