| 
  • If you are citizen of an European Union member nation, you may not use this service unless you are at least 16 years old.

  • Work with all your cloud files (Drive, Dropbox, and Slack and Gmail attachments) and documents (Google Docs, Sheets, and Notion) in one place. Try Dokkio (from the makers of PBworks) for free. Now available on the web, Mac, Windows, and as a Chrome extension!

View
 

Linux dd

Page history last edited by Patrick 2 years, 9 months ago

Sample of Tools for Forensic Examination - Video 3 (20 minutes)

Linux dd

 

Lecture Overview:

 

  • How to image and verify a drive using Linux. Use dd to image a drive in Linux, obtain file information with file, and multiple methods to create and view hashes.:

 

    • Disable Automount - (1:40)
    • Image a drive - (5:40)
    • file command - (7:52)
    • Hash the image file - (8:37)
    • Create a MD5 of a device - (13:02)
    • Verify hash in FTK Imager - (15:45)
    • Verify has in ProDiscover - (16:26) 

 

Download:

 

 

Additional Supporting Material:

 

All Course Lectures  

 

 

Comments (0)

You don't have permission to comment on this page.