[Dailydave] hardware based RAM acquisition for forensics?
Joanna Rutkowska
joanna at invisiblethings.org
Sun Nov 5 13:03:26 Local tim 2006
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Hi Guys,
Can anybody point out some products which could be used for hardware
based RAM acquisitions for forensics on x86/x64 architecture?
I'm already aware of how to use firewire for this (as presented by
Maximillian Dornseif and Adam Boileau) and I know that there are some
prototype PCI cards for this, like e.g. Tribble:
http://www.digital-evidence.org/papers/tribble-preprint.pdf
What I'm looking for is are there any commercial products which could be
used in a *real life* forensic analysis out there? You known, something
which would be compatible e.g. with NIST's CFTT requirements, so that it
would be legal to use it against e.g.
Very-Important-Mission-Critical-Servers?
I'm not really interested in any software based solutions, like e.g. dd ;)
Thanks for any links!
joanna.
-----BEGIN PGP SIGNATURE-----
iD8DBQFFTeEdORdkotfEW84RAmtMAJ9IO7Sb3ZW0JVoCQAG4iyKUnipWygCgnznl
J86qcr9KYMmVQ9dywGHTAQM=
=9YbA
-----END PGP SIGNATURE-----
More information about the Dailydave
mailing list