hardware based RAM acquisition for forensics?

[Joanna Rutkowska <joanna () invisiblethings org>]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Hi Guys,

Can anybody point out some products which could be used for hardware
based RAM acquisitions for forensics on x86/x64 architecture?

I'm already aware of how to use firewire for this (as presented by
Maximillian Dornseif and Adam Boileau) and I know that there are some
prototype PCI cards for this, like e.g. Tribble:
http://www.digital-evidence.org/papers/tribble-preprint.pdf

What I'm looking for is are there any commercial products which could be
used in a *real life* forensic analysis out there? You known, something
which would be compatible e.g. with NIST's CFTT requirements, so that it
would be legal to use it against e.g.
Very-Important-Mission-Critical-Servers?

I'm not really interested in any software based solutions, like e.g. dd ;)

Thanks for any links!
joanna.


-----BEGIN PGP SIGNATURE-----

iD8DBQFFTeEdORdkotfEW84RAmtMAJ9IO7Sb3ZW0JVoCQAG4iyKUnipWygCgnznl
J86qcr9KYMmVQ9dywGHTAQM=
=9YbA
-----END PGP SIGNATURE-----
_______________________________________________
Dailydave mailing list
Dailydave () lists immunitysec com
http://lists.immunitysec.com/mailman/listinfo/dailydave