Ethical Hacker Community Forums

Does anyone have any recommendations for free/open-source drive imaging software?

I have come across Clonezilla (http://www.clonezilla.org) and FOG (http://sourceforge.net/projects/freeghost/?abmode=1).

I've yet to try out FOG, but Clonezilla is ridiculously unstable and doesn't seem to work properly.

Anyone have suggestions?

I'm going to try out FOG later today too, but figured I'd ask around to see what all everyone had to offer.

Thanks.

Bill

I was for a long time using a product that I believe was called CloneEZ or EZClone.  However, when I consulted the great, wise oracle (http://www.google.com), I kept getting links for pot plant cloning products.  :o

If FOG disappoints, you might consider just trolling the dealdump sites for awhile. This year I saw a Symantec bundle with Ghost for like 29.99. Yeah it sucks to pay, but your getting a reliable product.

Depends what your requirements are and what platform your using. There are simple command line tools like dd (and varients like ddrescue and dcfldd), forensic duplication tools like FTK imager, the ever popular Norton Ghost and many more.

Let me know what you need and I can make a suggestion.

Jimbob

I just tried out the Trinity Rescue Kit (http://trinityhome.org/Home/index.php?wpid=1&front_id=12) which actually has some really neat features that I'm going to need to explore a little more. It seemed pretty stable, but it doesn't do local disk-to-disk backups (that I could find). It does, however, have an option for disk-to-disk over the network and requires 2 CDs and a different boot option in the receiving system. I'm going to try that out when I get a chance.

For now I'm still looking for something that will clone to a drive I have connected via USB. My next try is going to be with PING (http://ping.windowsdream.com/).

Jimbob, specifically I'm looking for something that has the ability to clone a drive (completely.. programs, registry, etc). I would like to be able to plug-in an external drive (or drive-to-usb device) and be able to clone the local drive. Then obviously have the ability to boot this new clone. Exactly what Clonezilla says it does, but something that works ;)

Try FTK Imager. It's part of the Forensic Tool Kit suite, and while it's not open source it is free as in beer.

http://www.accessdata.com/downloads.html

Cheers,
Jimbob

If you go the dd or dcfldd route, check the free tool from cert/cc for booting a dd image

http://liveview.sourceforge.net/

Working in forensics, I can tell you that there are few things out there faster then dd/dcfldd.   FTK Imager is a great tool (although windows only) that also support compression.   Linen is another tool from Guidance Software.   Again, it's slower then dd.   There are tons of front ends to dd, including Adelpto and Air.   We use a Helix boot cd for imaging with dd.

In our forensic lab at work we use the dcfldd tool form the Helix live cd for imaging an entire drive. Using dcfldd works fine for cloning a drive to an external USB hard drive.

We also use what oleDB mentioned, liveview for booting the image.

All these tools are free so that's why we use it. Our budget is limited.

Is there a switch to show "time remaining"? I thought I saw this somewhere, but by default with no switches it just shows data copied.

That's pretty much the route I've chosen to go after testing with dd once already. Unfortunately, I am unable to even boot my laptop with any Live CD so I will have to figure something else out (probably open up my desktop and connect both drives via SATA then boot up that computer with a Live CD).

Thanks for all of the replies. I think I've downloaded and played with everything recommended, but it looks like something simple like dd is going to do the trick. The only other thing I've yet to try is Acronis.

BillV