|
|
| Applications |
| Mailing Lists |
| Miscellaneous |
| Operating Systems |
| Programming |
Use of Backup tapes in forensics investigation
From: Ricci Ieong <ricci(at)cs.ust.hk>
Date: Thu Dec 26 2002 - 22:53:49 EST
('binary' encoding is not supported, stored as-is)
This list is provided by the SecurityFocus ARIS analyzer service. For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com Received on Sun Dec 29 13:26:57 2002
Date: Thu Dec 26 2002 - 22:53:49 EST
('binary' encoding is not supported, stored as-is)
Hello All,
In current investigation process, it is very likely that we need to search for some information from the victim machine. However, cloning of machines especially the mainframe machine is very difficult. Is it possible that backup tape be used as the data source in forensics investigation?
- Is there any difficulty or issues if we use backup tape instead of directly cloning the hard disk? I understand that there may be chances that the attacker can place some hiddening information in the hard disk which can't be cloned, but other than that, is there any issues?
- Among the backup media and solution, is there any common scheme for backup across different Unix platform?
- Where can we find any useful information about various backup utilities?
Thanks.
Ricci
This list is provided by the SecurityFocus ARIS analyzer service. For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com Received on Sun Dec 29 13:26:57 2002
This archive was generated by hypermail 2.1.8 : Wed Aug 23 2006 - 14:01:42 EDT
|
Contact Us Legal Notices Order Services Online Pantek Home Privacy Policy IT news Site Map Pantek Library |