Full Disclosure mailing list archives

RE: Imaging Operating Systems

From: "Williams Jon" <WilliamsJonathan () JohnDeere com>
Date: Thu, 27 May 2004 13:16:21 -0500

While not specifically designed for backups, you could use the Helix cd
(http://www.e-fense.com/helix/), which has netcat and dd, which make a
great combination for grabbing the contents of a file (or partition, or
drive) and dumping them across the network to another computer.  Since
Helix is Knoppix-based, this might do what I think you're looking for.

Jon 

-----Original Message-----
From: full-disclosure-admin () lists netsys com
[mailto:full-disclosure-admin () lists netsys com] On Behalf Of Maarten
Sent: Thursday, May 27, 2004 11:59 AM
To: Full-Disclosure
Subject: Re: [Full-disclosure] Imaging Operating Systems

On Thursday 27 May 2004 18:30, Kevin Connolly wrote:

Maarten wrote:

This is an interesting thread...  But out of curiosity, is it also 
possible to do backup / restores using readily available linux

tools?

I'd like to be able to do something like running dd over a network 
connection, or tar, or whatever other tool.  In that case, a 
bootable CD is all you need. But I'm unsure how to do that...

Maarten


one suggestion
make the PC dual boot: Windows and Linux with the Linux partition 
larger.


Yes, I know.  I did that at the time when I still needed dual-boot.

No, what I want is more generic (and it is slightly offtopic since it is
not specifically meant to tryout malware).
Suppose I visit a friend who has a botched system, and I carry with me
my linux laptop and a knoppix CD.  Now if there would be a way to backup
his entire HDD with just the tools on the CD (and the laptop as
receiving host) that would be fantastic. 

I was thinking of something like using {tar | dd | cpio} and netcat but
I'm unsure if it can be done, much less how to proceed.

boot Linux and dd the raw Windows partition to a Linux file boot 
Windows and play with malware boot Linux and dd the file back out to 
the Windows partition rince and repeat...


This works just fine for one or two drawbacks: You need to plan this in
advance, and malicious code that randomly overwrites disks will kill
linux + imagefile then, too.

Maarten

--
Yes of course I'm sure it's the red cable. I guarante[^%!/+)F#0c|'NO
CARRIER

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html



_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

Current thread:

Re: Imaging Operating Systems, (continued)
- - - Re: Imaging Operating Systems Ondrej Krajicek (May 27)
    - Re: Imaging Operating Systems Maarten (May 27)
    - Re: Imaging Operating Systems Volker Tanger (May 28)
    - RE: Imaging Operating Systems Phillip R. Paradis (May 28)
    - Re: Imaging Operating Systems Nick FitzGerald (May 28)
- RE: Imaging Operating Systems Perrymon, Josh L. (May 26)
- RE: Imaging Operating Systems Lachniet, Mark (May 26)
- RE: Imaging Operating Systems Zach Forsyth (May 26)
- RE: Imaging Operating Systems Chmielarski TOM-ATC090 (May 27)
- RE: Imaging Operating Systems Glenn_Everhart (May 27)
- RE: Imaging Operating Systems Williams Jon (May 27)