Another long weekend

By Roger on March 17, 2006 9:37 PM | | Comments (0) | TrackBacks (0)

This weekend I have another project for school due. In it, I must analyze Linux image created using dd. I'll be looking at the image using sleuthkit primarily as well as mounting the image as a read only file system. I need to be able to determine what happened an when. From a cursory glance, it looks like I might be having to recovery deleted files as well. Oh joy.

Right now I'm having some problems with the mounted image. I'm trying to copy a couple files off and I'm not able to do it. I need the password and group files to make mactime display the actual user and group names instead of numbers. Hopefully when I do that I can construct some sort of timeline of activity.

Categories

General

0 TrackBacks

Listed below are links to blogs that reference this entry: Another long weekend.

TrackBack URL for this entry: http://www.infosecblog.org/mt-tb20071121.pl/130

Leave a comment

Powered by Ajax Comments

About this Entry

This page contains a single entry by Roger published on March 17, 2006 9:37 PM.

F-Secure Sanctimony was the previous entry in this blog.

University of Fairfax is the next entry in this blog.

Find recent content on the main index or look in the archives to find all content.

Subscribe to feed Subscribe to this blog's feed
Add to Google
Please contact me by leaving a comment where appropriate. Otherwise, you can click here to reveal an email address for me.
Got Backups? Get Safe Online Remember Rick Rescorla Powered by Movable Type 4.23-en

Search