El sáb, 08 de feb de 2003, a las 23:49 +0100,
Christian decía que:
What about
cp /dev/sdx /dev/sdy
cp, dd and every command use the system calls, and system calls use
the drivers, and i am not sure the drivers don't modify structure.
example:
step 1) you read a block of data from one
On Mon, 10 Feb 2003 at 01:24:29PM +0100, Alberto Cort?s wrote:
cp, dd and every command use the system calls, and system calls use
the drivers, and i am not sure the drivers don't modify structure.
dd, cat, etc. do modify the structure. One common way I rip an ISO is:
cat /dev/cdrom
On Mon, Feb 10, 2003 at 08:43:22AM -0500, Phillip Hofmeister wrote:
On Mon, 10 Feb 2003 at 01:24:29PM +0100, Alberto Cort?s wrote:
cp, dd and every command use the system calls, and system calls use
the drivers, and i am not sure the drivers don't modify structure.
dd, cat, etc. do modify
El sáb, 08 de feb de 2003, a las 23:49 +0100,
Christian decía que:
What about
cp /dev/sdx /dev/sdy
cp, dd and every command use the system calls, and system calls use
the drivers, and i am not sure the drivers don't modify structure.
example:
step 1) you read a block of data from one
On Mon, Feb 10, 2003 at 08:43:22AM -0500, Phillip Hofmeister wrote:
On Mon, 10 Feb 2003 at 01:24:29PM +0100, Alberto Cort?s wrote:
cp, dd and every command use the system calls, and system calls use
the drivers, and i am not sure the drivers don't modify structure.
dd, cat, etc. do modify
On Sábado, 8 de Febrero de 2003 23:49, Christian Storch wrote:
What about
cp /dev/sdx /dev/sdy
It works very well on two identical drives -
- perhaps when the second one is larger, too.
You don't need any permissions. The result is really a clone
including partition table!
I used this
On Sábado, 8 de Febrero de 2003 23:49, Christian Storch wrote:
What about
cp /dev/sdx /dev/sdy
It works very well on two identical drives -
- perhaps when the second one is larger, too.
You don't need any permissions. The result is really a clone
including partition table!
I used this
El mar, 07 de ene de 2003, a las 19:51 -0800,
Blars decía que:
In article [EMAIL PROTECTED] [EMAIL PROTECTED] writes:
i am looking for forensics tools that can be used in computer
crime investigations, and am particularly interesting in a tool
that provides raw drive (hard,
El mar, 07 de ene de 2003, a las 19:51 -0800,
Blars decía que:
In article [EMAIL PROTECTED] [EMAIL PROTECTED] writes:
i am looking for forensics tools that can be used in computer
crime investigations, and am particularly interesting in a tool
that provides raw drive (hard,
Message -
From: Alberto Cortés [EMAIL PROTECTED]
To: Debian-security debian-security@lists.debian.org
Sent: Saturday, February 08, 2003 12:43 PM
Subject: Re: raw disk access
El mar, 07 de ene de 2003, a las 19:51 -0800,
Blars decía que:
In article [EMAIL PROTECTED] [EMAIL PROTECTED] writes
yes you can :)
On Sun, Jan 12, 2003 at 07:50:38PM +0100, Joshua SS Miller wrote:
Just a thought, but could one just use cat? I know that you can write
disk image to a floppy with cat, so why should one not be able to cat
/dev/hda1 imagefile
Any ideas?
Thank you,
Joshua SS Miller
yes you can :)
On Sun, Jan 12, 2003 at 07:50:38PM +0100, Joshua SS Miller wrote:
Just a thought, but could one just use cat? I know that you can write
disk image to a floppy with cat, so why should one not be able to cat
/dev/hda1 imagefile
Any ideas?
Thank you,
Joshua SS Miller
Hi!
* Hubert Chan [EMAIL PROTECTED] [20030115 04:20]:
Rolf == Rolf Kutz [EMAIL PROTECTED] writes:
Rolf * Quoting Joshua SS Miller ([EMAIL PROTECTED]):
Cryptoswap? Hmm sound like something I was thinking about earlier
today. Do you have a good resource for this?
Rolf
* Quoting Hubert Chan ([EMAIL PROTECTED]):
Do the kerneli modules (officially) work with encrypted swap? I know
It works for me.
encryption, which may allocate new memory, ad infinitum. loop-AES takes
care of that explicitly, by preallocating memory, but I don't think
cryptoapi/cryptoloop
Andreas == Andreas Kotes [EMAIL PROTECTED] writes:
[...]
Andreas FUD alert! I like loop-AES, too, and would REALLY love general
Andreas inclusion into Debian kernels, but this doesn't mean the
Andreas authors of alternatives are/may be idiots.
Andreas Please don't spread Fear, Uncertainty and
Hi!
* Hubert Chan [EMAIL PROTECTED] [20030115 21:33]:
Andreas == Andreas Kotes [EMAIL PROTECTED] writes:
Andreas FUD alert! I like loop-AES, too, and would REALLY love general
Andreas inclusion into Debian kernels, but this doesn't mean the
Andreas authors of alternatives are/may be idiots.
Andreas == Andreas Kotes [EMAIL PROTECTED] writes:
[...]
Andreas have a look at the sourcecode in e.g.
Andreas
http://www.kernel.org/pub/linux/kernel/people/hvr/testing/patch-int-2.4.20.1.bz2
Thanks. I'll take a look at that. If you don't mind clarifying
something for me, what is the
Andreas == Andreas Kotes [EMAIL PROTECTED] writes:
[...]
Andreas here's how I understand it:
[...]
Andreas patch-int is all of the above combined, for (optional)
Andreas compilation into the kernel.
That would have been my guess too.
BTW, I've also grepped through the cryptoapi and
Hi!
* Martin Hermanowski [EMAIL PROTECTED] [20030116 01:18]:
On Wed, Jan 15, 2003 at 06:26:32PM -0500, Hubert Chan wrote:
Andreas == Andreas Kotes [EMAIL PROTECTED] writes:
Andreas patch-int is all of the above combined, for (optional)
Andreas compilation into the kernel.
That would
Hi!
* Hubert Chan [EMAIL PROTECTED] [20030115 04:20]:
Rolf == Rolf Kutz [EMAIL PROTECTED] writes:
Rolf * Quoting Joshua SS Miller ([EMAIL PROTECTED]):
Cryptoswap? Hmm sound like something I was thinking about earlier
today. Do you have a good resource for this?
Rolf
On Tue, Jan 14, 2003 at 10:08:22PM -0500, Hubert Chan wrote:
Rolf == Rolf Kutz [EMAIL PROTECTED] writes:
Rolf * Quoting Joshua SS Miller ([EMAIL PROTECTED]):
Cryptoswap? Hmm sound like something I was thinking about earlier
today. Do you have a good resource for this?
Rolf
* Quoting Hubert Chan ([EMAIL PROTECTED]):
Do the kerneli modules (officially) work with encrypted swap? I know
It works for me.
encryption, which may allocate new memory, ad infinitum. loop-AES takes
care of that explicitly, by preallocating memory, but I don't think
cryptoapi/cryptoloop
Andreas == Andreas Kotes [EMAIL PROTECTED] writes:
[...]
Andreas FUD alert! I like loop-AES, too, and would REALLY love general
Andreas inclusion into Debian kernels, but this doesn't mean the
Andreas authors of alternatives are/may be idiots.
Andreas Please don't spread Fear, Uncertainty and
Hi!
* Hubert Chan [EMAIL PROTECTED] [20030115 21:33]:
Andreas == Andreas Kotes [EMAIL PROTECTED] writes:
Andreas FUD alert! I like loop-AES, too, and would REALLY love general
Andreas inclusion into Debian kernels, but this doesn't mean the
Andreas authors of alternatives are/may be idiots.
Andreas == Andreas Kotes [EMAIL PROTECTED] writes:
[...]
Andreas have a look at the sourcecode in e.g.
Andreas
http://www.kernel.org/pub/linux/kernel/people/hvr/testing/patch-int-2.4.20.1.bz2
Thanks. I'll take a look at that. If you don't mind clarifying
something for me, what is the
Hi!
* Hubert Chan [EMAIL PROTECTED] [20030115 22:55]:
Andreas == Andreas Kotes [EMAIL PROTECTED] writes:
Andreas have a look at the sourcecode in e.g.
Andreas
http://www.kernel.org/pub/linux/kernel/people/hvr/testing/patch-int-2.4.20.1.bz2
Thanks. I'll take a look at that. If you don't
Andreas == Andreas Kotes [EMAIL PROTECTED] writes:
[...]
Andreas here's how I understand it:
[...]
Andreas patch-int is all of the above combined, for (optional)
Andreas compilation into the kernel.
That would have been my guess too.
BTW, I've also grepped through the cryptoapi and
On Wed, Jan 15, 2003 at 06:26:32PM -0500, Hubert Chan wrote:
Andreas == Andreas Kotes [EMAIL PROTECTED] writes:
[...]
Andreas here's how I understand it:
[...]
Andreas patch-int is all of the above combined, for (optional)
Andreas compilation into the kernel.
That would have been
Hi!
* Martin Hermanowski [EMAIL PROTECTED] [20030116 01:18]:
On Wed, Jan 15, 2003 at 06:26:32PM -0500, Hubert Chan wrote:
Andreas == Andreas Kotes [EMAIL PROTECTED] writes:
Andreas patch-int is all of the above combined, for (optional)
Andreas compilation into the kernel.
That would
On Wed, Jan 08, 2003 at 04:16:58AM +, Andrew Sayers wrote:
Or search a floppy disk for intelligible-looking strings:
strings /dev/fd0 | less
Precisely why one should always use cryptoswap.
--
--
Nuke bin Laden: Dale
Cryptoswap? Hmm sound like something I was thinking about earlier
today. Do you have a good resource for this?
Thank you,
Joshua SS Miller
On Tue, 2003-01-14 at 16:15, Dale Amon wrote:
On Wed, Jan 08, 2003 at 04:16:58AM +, Andrew Sayers wrote:
Or search a floppy disk for
* Quoting Joshua SS Miller ([EMAIL PROTECTED]):
Cryptoswap? Hmm sound like something I was thinking about earlier
today. Do you have a good resource for this?
http://www.kerneli.org/index.php
- rk
--
Ahahahahaha! Ahahahaha! Aahahaha!
BEWARE!
Yrs sincerely
The Opera Ghost
Rolf == Rolf Kutz [EMAIL PROTECTED] writes:
Rolf * Quoting Joshua SS Miller ([EMAIL PROTECTED]):
Cryptoswap? Hmm sound like something I was thinking about earlier
today. Do you have a good resource for this?
Rolf http://www.kerneli.org/index.php
Do the kerneli modules (officially) work
already answered but dd | nc (to send it to another box) is a classical.
Otherwise, some other tools can give you as well memory dumps which may
sometimes be very usefull.
JeF
On Tue, Jan 07, 2003 at 10:08:22PM -0500, viv wrote:
Hi.
As a Debian user, i am posting to this list
already answered but dd | nc (to send it to another box) is a classical.
Otherwise, some other tools can give you as well memory dumps which may
sometimes be very usefull.
JeF
On Tue, Jan 07, 2003 at 10:08:22PM -0500, viv wrote:
Hi.
As a Debian user, i am posting to this list
Just a thought, but could one just use cat? I know that you can write
disk image to a floppy with cat, so why should one not be able to cat
/dev/hda1 imagefile
Any ideas?
Thank you,
Joshua SS Miller
On Mon, 2003-01-13 at 03:19, Jean-Francois Dive wrote:
already answered but dd | nc (to send
The best that can be achieved is via 'dd'.
however it is actually impossible to get _real_ raw disk access due to the
disk IO controllers. As far as I know, all disk IO controllers have
automatic data correction etc and so do hard disks. An accurate copy of the
surface of the disk cannot
start to finish, or does it skip / miss something
somewhere?
Thanks again.
On Wed, 2003-01-08 at 11:29, Colin Ellis wrote:
The best that can be achieved is via 'dd'.
however it is actually impossible to get _real_ raw disk access due to the
disk IO controllers. As far as I
.
Good Luck :)
Colin
http://www.solution-city.com
-Original Message-
From: viv [mailto:[EMAIL PROTECTED]]
Sent: 08 January 2003 07:19
To: DebianSecurity
Cc: Colin Ellis
Subject: RE: raw disk access
Thanks to all for your quick replies.
i thought originally that dd would
viv [EMAIL PROTECTED] writes:
i thought originally that dd would work and tried to 'image'
a couple of CDs, but they came out to different sizes although
both were 650MB CDs. The disk sizes differed by about 3 MB,
so i assumed dd was missing something. Imaging 2
The best that can be achieved is via 'dd'.
however it is actually impossible to get _real_ raw disk access due to the
disk IO controllers. As far as I know, all disk IO controllers have
automatic data correction etc and so do hard disks. An accurate copy of the
surface of the disk cannot
start to finish, or does it skip / miss something
somewhere?
Thanks again.
On Wed, 2003-01-08 at 11:29, Colin Ellis wrote:
The best that can be achieved is via 'dd'.
however it is actually impossible to get _real_ raw disk access due to the
disk IO controllers. As far as I
.
Good Luck :)
Colin
http://www.solution-city.com
-Original Message-
From: viv [mailto:[EMAIL PROTECTED]
Sent: 08 January 2003 07:19
To: DebianSecurity
Cc: Colin Ellis
Subject: RE: raw disk access
Thanks to all for your quick replies.
i thought originally that dd would
viv [EMAIL PROTECTED] writes:
i thought originally that dd would work and tried to 'image'
a couple of CDs, but they came out to different sizes although
both were 650MB CDs. The disk sizes differed by about 3 MB,
so i assumed dd was missing something. Imaging 2
In article [EMAIL PROTECTED] [EMAIL PROTECTED] writes:
i am looking for forensics tools that can be used in computer
crime investigations, and am particularly interesting in a tool
that provides raw drive (hard, floppy, CD, DVD, etc.) access in
order to create complete
What you're asking for is trivially available on all Linux systems.
Through the /dev filesystem, the kernel makes many hardware devices
available to ordinary programs. For example, if you had mounted your
target disk as the secondary master hard drive, you could create an
image of the disk by
Hi.
As a Debian user, i am posting to this list first in the hopes
that what i am looking for can be found as a Debian package.
i am looking for forensics tools that can be used in computer
crime investigations, and am particularly interesting in a tool
man dd
On Tue, 7 Jan 2003, viv wrote:
Hi.
As a Debian user, i am posting to this list first in the hopes
that what i am looking for can be found as a Debian package.
i am looking for forensics tools that can be used in computer
crime investigations, and am
Is the `dd` command what you are looking for (in combination with
/dev/loop?), or is there some requirement that wasn't mentioned in
your message?
viv [EMAIL PROTECTED] writes:
i am looking for forensics tools that can be used in computer
crime investigations, and am
In article [EMAIL PROTECTED] [EMAIL PROTECTED] writes:
i am looking for forensics tools that can be used in computer
crime investigations, and am particularly interesting in a tool
that provides raw drive (hard, floppy, CD, DVD, etc.) access in
order to create complete
What you're asking for is trivially available on all Linux systems.
Through the /dev filesystem, the kernel makes many hardware devices
available to ordinary programs. For example, if you had mounted your
target disk as the secondary master hard drive, you could create an
image of the disk by
51 matches
Mail list logo
