linux forensics and recovery
eric.
plug-discuss@lists.plug.phoenix.az.us
Fri, 21 Feb 2003 13:30:59 -0800
Hi,
I want to be able to boot a system from a Linux bootable cd, attach an
external 1394 drive to the system, mount the 1394 and the internal drives,
and use dd to image the internal drive (NTFS AND FAT16/32) onto the external
drive(FAT32). This seems like it should be relatively simple. However, I
have not achieved success:
1. Knoppix gets a kernel panic whenever I try to boot from it on several
systems. I have used both
KNOPPIX_V3.1-2003-01-20-EN.iso, and
KNOPPIX_V3.1-2003-01-01-EN.iso
2. I cannot get the PLAC cd to be recognized as a bootable cd at all!
(http://sourceforge.net/projects/plac/)
3. F.I.R.E. will not boot properly: just an infinite set of "cat
/tmp/test...495..no such file or directory" messages scroll across the
screen. I have tried this on two different systems. (http://fire.dmzs.com/)
Moreover,
4. I am not paying this guy $100 for a linux forensic cd: http://all.net/
5. I am not interested at this point in making my own bootable cd.
I just want to burn the iso and roll from there without any problems. Isn't
this how it is supposed to work? Can anyone offer some suggestions how to
accomplish this?
Thank you very much