-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
> -----Original Message-----
> From: [EMAIL PROTECTED]
> [mailto:[EMAIL PROTECTED]] Sent: Friday, April 14, 2000
> 9:19 AM
>
> There are two methods one can utilize to duplicate the data without
> tainting the identified subject's hard drive.
>
> One is by www.dupeit.com, a IDE/SCSI Disk Duplication or the CMS
> Easy Bundle PCMCIA cards, both are capable of doing byte by byte
> copies. Once that is complete, the duplicated disk can be chunked
> up into 650MB chunks then burned onto CD-ROM for impermeable
> storage and evidence.
>
> It gets a little tricky when using different sized drives,
> but it works.
That's why professional software like EnCase is of help. Or use
Norton's Ghost, which handles re-imaging of partitions on different
drive sizes. Since the original drive gets vaulted anyway, you can
restore the image on a larger drive with Ghost and start your
investigation there.
Regards,
Frank
-----BEGIN PGP SIGNATURE-----
Version: PGP Personal Privacy 6.5.1
Comment: PGP or S/MIME (X.509) encrypted email preferred.
iQA/AwUBOPdjCERKym0LjhFcEQJilwCfanG392OdgOJSr4+uZdJq1LKAMPEAnRvU
F4xSicJHs/pnonNkeIZUgh55
=0ffV
-----END PGP SIGNATURE-----
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
