ATTENTION: The new home of the Digital Forensics Wiki is at https://forensicswiki.xyz/. Yeah, it's a silly name, but it was cheap.
This wiki will be going offline permanently in the near future. An exact date will be announced soon. Thank you for being a part of this community.
If you wish to work on the new forensicswiki, please join the Google Group forensicswiki-reborn

Difference between revisions of "Live CD"

From ForensicsWiki
Jump to: navigation, search
(See Also)
m (See Also: there are advantages, disadvantages and issues)
 
Line 18: Line 18:
  
 
* [[:Category:Live CD|Forensics Live CDs]]
 
* [[:Category:Live CD|Forensics Live CDs]]
 +
* [[Forensic Live CD issues]]

Latest revision as of 12:17, 23 April 2014

Information icon.png

Please help to improve this article by expanding it.
Further information might be found on the discussion page.

A live CD is a CD containing a bootable computer operating system. Live CDs are widely used in computer forensics and incident response.

Advantages

  • Physical memory of a computer can be imaged by performing cold boot attack without running tools on an untrusted OS;
  • Acquisition over a network connection without running tools on an untrusted OS;
  • No need to reconstruct RAID arrays;
  • etc.

Disadvantages

  • Out-of-date software;
  • No simple way to reconfigure Live CD: you cannot easily rebuild foo to support bar (e.g. rebuild Sleuthkit to support AFF).

See Also