from the specs of the M5200 that notebook uses an Intel 855GME graphics controller, which is supported by linux it appears. The following howto will let you...
You could use the search term [^\x00] in SMART. ... http://us.click.yahoo.com/Z1wmxD/DREIAA/yQLSAA/M4xqlB/TM ... ===== Regards - Andrew Rosen ASR Data...
I upgraded, errrr, changed from RH9 to RH Enterprise WS 3.x with the latest 2.4 kernal and after many days of configuring I still have one problem. When I put...
... I'm not sure if I completely understand your question, but I would check two places: 1) /etc/fstab - make sure there are no references to your suspect...
Just a reminder that this is the last weekend for those interested in attending this year's Digital Forensic Research Workshop (DFRWS) to pay the early...
Specify the drive in your /etc/fstab and give it the option noauto, this will prevent it being mounted when the mount -a command is given during startup....
Hello, is there any open source application able to read Windows Event files? I can read them quite fine with an unicode editor, but only the text of the...
Thanks Enda. Sorry for the delayed response. I've been out of my office for the last week or so. I appreciate your response, because I'm still playing with...
Luis Salazar
Luis.Salazar@...
Jul 14, 2004 2:16 pm
696
NOTE: Resume Submital has been extended until July 30, 2004. This is a great opportunity to work for a highly motivated organization that impacts Law...
I've searched high and low for just such a beast, and come up empty handed, so I'm going to say no, there sadly is not. Cory Altheide Senior Network Forensics...
... Yes, my search was also unsuccessful. I've been able to recover some deleted Evt files thanks to foremost and finally I've been able to proper examine them...
What about using the Wine project (http://www.winehq.com/) to run Windows executables within Linux? Although not perfect, I have been able to run some of the...
While that is a decent enough workaround, it doesn't meet the original requirement: "is there any open source application able to read Windows Event files?" ...
... PyFLAG is a fantastic tool, but to the best of my knowledge it does not parse Windows event log files, so would not be applicable. Cory Altheide Senior...
... I've just found a little php application to read Evt files, written by Jamie French from whitehats.ca. It also points out some other resources where there...
Be sure to check out the Linux labs being held throughout the conference! The HTCIA Mid-Atlantic Chapter is pleased to host the 2004 International Training...
Hi *, I like Linux as a "forensic tool" but have an unsolved problem with my backups: How do I create a backup on tape & hd simultaniously? Ok, I've heard of ...
... Have a look at tpipe: http://freshmeat.net/projects/tpipe/ I use it to dd and hash a drive at the same time. It basically splits the output stream into...
Hi Dietmar - My name is Andrew Rosen. I'd like to ask if you'd ... You are correct in that SMART is able to provide the functionality you are seeking, but I'm...
We hear alot of great things about Smart but unfortunately we cannot afford it at this time with the non-law enforcement pricing. So right now it's not really...
Hi Andy, my comment had no value. What I ment was that SMART is a great solution for the problem I have, but I want to do it everywhere and at anytime without...
Dietmar, You can tee your output from dd quite easily. The command line looks like this: dd if=/dev/hdX | tee /mnt/location1 | dd of=/dev/tapedevice A second...
Randall Shane
rshane@...
Aug 2, 2004 9:18 am
712
Hi Randall, I know. Thats not the problem. What if the capacity of the tape device is lower than the drive to be imaged? Thats the problem I have. The dd to...
Dietmar, Let me see if I have this correct, you want to image from a single drive to another drive and also to a tape with less capacity that the drive (?)....
Randall Shane
rshane@...
Aug 2, 2004 10:43 am
714
hallo dietmar, have you tried to pipe the output of dd into gzip? for example: # dd if=/dev/hda1 bs=512 | gzip -9 > /safe/place/hda1.dd.gz that results in a...
metax@...
Aug 2, 2004 10:54 am
715
Hi Klemens, hi Randall! Compession is unfortunately not enough and to buy a larger tape is not the most desireable solution. The costs for tapes with 400 GB or...
Is your tape drive a plain old single tape drive or an autochanger? ... From: "Dietmar Mauersberger" <news@...> To: <linux_forensics@yahoogroups.com>...
Having problems with message search?
Fill out this form to ensure your group is one of the first to be migrated to the new message search system.
