Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security FullDisclosure
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

RE: [Full-Disclosure] Imaging Operating Systems

from [Williams Jon] Network Security [Permanent Link]
Subject: RE: [Full-Disclosure] Imaging Operating Systems
Date: Thu, 27 May 2004 13:16:21 -0500 
While not specifically designed for backups, you could use the Helix cd
(http://www.e-fense.com/helix/), which has netcat and dd, which make a
great combination for grabbing the contents of a file (or partition, or
drive) and dumping them across the network to another computer.  Since
Helix is Knoppix-based, this might do what I think you're looking for.

Jon 

-----Original Message-----
From: full-disclosure-admin@lists.netsys.com
[mailto:full-disclosure-admin@lists.netsys.com] On Behalf Of Maarten
Sent: Thursday, May 27, 2004 11:59 AM
To: Full-Disclosure
Subject: Re: [Full-Disclosure] Imaging Operating Systems

On Thursday 27 May 2004 18:30, Kevin Connolly wrote:

Maarten wrote:

This is an interesting thread...  But out of curiosity, is it also 
possible to do backup / restores using readily available linux

tools?

I'd like to be able to do something like running dd over a network 
connection, or tar, or whatever other tool.  In that case, a 
bootable CD is all you need. But I'm unsure how to do that...

Maarten


one suggestion
make the PC dual boot: Windows and Linux with the Linux partition 
larger.


Yes, I know.  I did that at the time when I still needed dual-boot.

No, what I want is more generic (and it is slightly offtopic since it is
not specifically meant to tryout malware).
Suppose I visit a friend who has a botched system, and I carry with me
my linux laptop and a knoppix CD.  Now if there would be a way to backup
his entire HDD with just the tools on the CD (and the laptop as
receiving host) that would be fantastic. 

I was thinking of something like using {tar | dd | cpio} and netcat but
I'm unsure if it can be done, much less how to proceed.


boot Linux and dd the raw Windows partition to a Linux file boot 
Windows and play with malware boot Linux and dd the file back out to 
the Windows partition rince and repeat...


This works just fine for one or two drawbacks: You need to plan this in
advance, and malicious code that randomly overwrites disks will kill
linux + imagefile then, too.

Maarten

--
Yes of course I'm sure it's the red cable. I guarante[^%!/+)F#0c|'NO
CARRIER

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: [Full-Disclosure] Odd packet?, Valentino Squilloni - Ouz
Next by Date:  RE: [Full-Disclosure] IDS WIth TCP Reset and SPAN, Robert MacDonald
Previous by Thread:  RE: [Full-Disclosure] Imaging Operating Systems, Glenn_Everhart
Next by Thread:  [Full-Disclosure] The author of the Randex Worm family Busted !!, ElviS .de
Indexes:  [Date] [Thread] [Top] [All Lists]