.

OpenSource tool to image a machine across the network?

<<

dalepearson

Sr. Member
Sr. Member

Posts: 357

Joined: Thu Nov 09, 2006 10:03 am

Post Wed Jan 28, 2009 8:16 am

OpenSource tool to image a machine across the network?

Hiya Guys,

is anyone aware of an opensource tool, that can be used to take an image of a machine across the network.

I know EnCase has some tools, but obviously there are cost associated.

It doesnt specifically need to be forensically sound, but it would be ideal incase the investigation was to go further.

Thanks in advance.
Dale
<<

blackazarro

User avatar

Sr. Member
Sr. Member

Posts: 368

Joined: Sun Aug 13, 2006 5:31 pm

Post Wed Jan 28, 2009 10:48 am

Re: OpenSource tool to image a machine across the network?

You can use dd and netcat which both tools are opensource to image and send it to a remote host. Check out the following article for a complete example.

http://digiassn.blogspot.com/2006/01/dd ... ghost.html
Security+, OSCP, CEH
<<

jadyason

Newbie
Newbie

Posts: 7

Joined: Tue Feb 10, 2009 9:50 pm

Post Sun Feb 15, 2009 11:00 pm

Re: OpenSource tool to image a machine across the network?

There are a few projects on SourceForge:
http://sourceforge.net/search/?type_of_ ... sk+imaging

I haven't used any of them, so can't vouch for how good they are. But this would be a good starting point.
<<

dalepearson

Sr. Member
Sr. Member

Posts: 357

Joined: Thu Nov 09, 2006 10:03 am

Post Mon Feb 16, 2009 5:38 am

Re: OpenSource tool to image a machine across the network?

Cheers guys I will have a look.
<<

r_mizell@hotmail.com

Newbie
Newbie

Posts: 2

Joined: Tue May 05, 2009 2:09 am

Post Tue May 05, 2009 2:31 am

Re: OpenSource tool to image a machine across the network?

Look into Helix3 at efense.com
They are giving away the Helix2009R1 again.
dd and netcat are on the iso. Capture live or dead
Last edited by r_mizell@hotmail.com on Tue May 05, 2009 2:38 am, edited 1 time in total.
<<

jimbob

Post Tue May 05, 2009 8:21 am

Re: OpenSource tool to image a machine across the network?

It's not open source but I believe LinEn can do imaging over a network. It's the Linux version of the EnCase DOS image acquisition tool. I'm not certain if you need to use EnCase on the remote end to grab the image over the network, I've only ever used it to create images to a local disk.

Jimbob
<<

vijay2

Full Member
Full Member

Posts: 220

Joined: Wed Mar 28, 2007 6:22 am

Post Tue May 05, 2009 8:50 am

Re: OpenSource tool to image a machine across the network?

The easiest way as mentioned earlier is Helix and netcat.exe. The netcat is included in Helix distro. For exact commands contact me I would be glad to help you out.

VJ
GPEN GCFA GCIH CISSP CISA GSEC OSCP C|EH Security+
<<

former33t

Full Member
Full Member

Posts: 226

Joined: Sat Feb 14, 2009 12:33 am

Post Tue May 05, 2009 10:49 am

Re: OpenSource tool to image a machine across the network?

If this is windows, I'll put my vote in for Helix.  It's easy to use and gets the job done.
Certifications: CREA, MCSE: Security, CCNA, Security+, other junk
<<

timmedin

User avatar

Sr. Member
Sr. Member

Posts: 469

Joined: Thu Feb 05, 2009 11:18 pm

Post Tue May 05, 2009 11:07 pm

Re: OpenSource tool to image a machine across the network?

Do you have to do a live machine (not powered down)? If not, then dd and netcat.
twitter.com/timmedin | http://blog.securitywhole.com
<<

Ketchup

User avatar

Hero Member
Hero Member

Posts: 1021

Joined: Fri Jul 04, 2008 7:44 pm

Location: Philadelphia, PA

Post Thu May 07, 2009 7:12 pm

Re: OpenSource tool to image a machine across the network?

Has anyone actually had much luck with imagine the HDD live from a Windows session?  Whenever I have done this, it's bit-shifting galore.
~~~~~~~~~~~~~~
Ketchup

Return to Forensics

Who is online

Users browsing this forum: No registered users and 2 guests

cron
.
Powered by phpBB® Forum Software © phpBB Group.
Designed by ST Software