Date: Sun, 3 Aug 2003 17:53:23 +0100 From: David Taylor <davidt@yadt.co.uk> To: freebsd-stable@freebsd.org, freebsd-security@freebsd.org Subject: Re: Forensics CD Toolkit for FreeBSD Message-ID: <20030803165322.GA60646@gattaca.yadt.co.uk> In-Reply-To: <200308030920.45437.rootman22@comcast.net> References: <200308030920.45437.rootman22@comcast.net>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sun, 03 Aug 2003, Joe Warner wrote: > Hi, > > I'd like to build a toolkit CD specifically for conducting > forensics on FreeBSD. I'm not talking about a bootable > CD but rather one that I could pop into a CD ROM drive > and run trusted commands like ps, netstat, ls, etc., from. It would probably need to be a bootable CD-ROM, so that you could trust the kernel wasn't modified to hide information from ps/netstat/ls/etc. > I'd like to build a CD that would work on -RELEASE versions > of FreeBSD like 5.1 and -STABLE versions of FreeBSD too. > > Can anyone give me any pointers about how I might accomplish > this? > > I've spent hours searching Google and only found a few links about > a guy named Joe Magee who was trying to do the same thing but > couldn't find his email addy. I searched the FreeBSD archives but > get: > > None of the archives you requested (freebsd-questions, freebsd-security and > freebsd-stable) are available at this time. > > Please try again later, or return to the search page and select a different > archive. > I think there's other archives of the lists on the mailman site now, but I'm not too sure. -- David Taylor davidt@yadt.co.uk "The future just ain't what it used to be"
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20030803165322.GA60646>