[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Bare Metal Backups & Restorations





On Sat, Jan 10, 2009 at 7:20 AM, Robert G. (Doc) Savage <dsavage@peaknet.net> wrote:
Matt Wehland's mention of his Gateway laptop without install disks
prompts me to release to this group the attached draft of a document
I've been working on. It's still in the "polishing" and "what about
such-and-such" stage, so comments & questions are welcome. (It's in
OpenOffice.org Writer v2.3 format.)

In this document I've borrowed many of the techniques I learned in a
SANS Security 508 course, "Computer Forensics, Investigation, and
Response" that I took about three years ago. For those of you who can
finagle your employer to send you to such a course at an upcomig event
like SANS 2009 at Orlando, I highly recommend it. You'll learn how to
employ GNU/Linux tools to do some amazing things.

--Doc


-
To unsubscribe, send email to majordomo@silug.org with
"unsubscribe silug-discuss" in the body.


Doc,

I'm not privy to what the "gateway laptop" is that prompted you to send this email, but I'd like to offer an option to the group.  The clonezilla project, http://clonezilla.org/ is a very nice, very active project that makes backing up any system fairly painless.

It uses either ntfsclone, partclone, or dd (if it really doesn't know the fstype) to make a fast image copying only the data needed, unlike dd. It gets the mbr and partition table as well.  It can save everything to an image file or copy it to another disk.

It saves locally or over a network.

It's probably not forensically sound, but for making backups for the purpose of bare metal restore, I've not found a free/libre tool that's any better.

Even if the name is kinda dumb.

GS