Creating a live cd

Viewing 5 reply threads
  • Author
    Posts
    • #6950
      jbscarva
      Participant

      I work in computer forensics and I am newbie in Linux, (despite search and study a lot).
      However in my Office, we want to develop a “Live CD” – Ubuntu based – for forensic purposes.
      One of the main objectives of the CD is to be “forensically sound”, eg, none of the devices on the target system should be mounted RW, RO instead.

      My question is:
      -Can we start from “Ububtu Live CD”, install on it some forensic apps, change the boot system and burn all with changes to a new CD?
      If so, what we must change in order to ensure that the CD will be “forensically sound”?
      Will be that there are batch scripts for this purpose?

      Any help is welcome

      Thanks in advance and best regards,

    • #43173
      n3r
      Participant

      I’ve never tried but you can try http://www.linux-live.org/
      Just install the apps and make an iso with linux live

    • #43174
      rattis
      Participant

      It’s called remastering, I know the Knoppix Hacks book had a section on how to remaster Knoppix for your needs. It was Debain based at the time like Ubuntu, so the theory should carry you.

      There are several other options to do that too…

      Examples of Remastered versions of Ububuntu:

      Backtrack
      Xubuntu
      Kubuntu
      EDUbuntu

      I’m sure there are others.

    • #43175
      tturner
      Participant

      You will need to mount the filesystem as read only. Any write operations will compromise your evidence.

      Maybe start with options that are already forensically sound and customize from there and then remaster. http://www.forensicswiki.org/wiki/Tools

    • #43176
      idr0p
      Participant

      Do you need to make one specifically or can you just use one already out there, there are many.

      SIFT Kit
      Helix
      Sleuth kit
      Backtrack
      etc…

    • #43177
      p0et
      Participant

      I’ve heard good things about Sleuth Kit and Helix3.  That would sure save you a ton of time if you could just use one of those!

Viewing 5 reply threads
  • You must be logged in to reply to this topic.

Copyright ©2021 Caendra, Inc.

Contact Us

Thoughts, suggestions, issues? Send us an email, and we'll get back to you.

Sending

Sign in with Caendra

Forgot password?Sign up

Forgot your details?