ForensicsWiki will continue to operate as it has before and will not be shutting down. Thank you for your continued support of ForensicsWiki.

Live CD

From ForensicsWiki
Revision as of 09:56, 28 July 2012 by Joachim Metz (Talk | contribs) (See Also)

Jump to: navigation, search

Information icon.png

Please help to improve this article by expanding it.
Further information might be found on the discussion page.

A live CD is a CD containing a bootable computer operating system. Live CDs are widely used in computer forensics and incident response.

Advantages

  • Physical memory of a computer can be imaged by performing cold boot attack without running tools on an untrusted OS;
  • Acquisition over a network connection without running tools on an untrusted OS;
  • No need to reconstruct RAID arrays;
  • etc.

Disadvantages

  • Out-of-date software;
  • No simple way to reconfigure Live CD: you cannot easily rebuild foo to support bar (e.g. rebuild Sleuthkit to support AFF).

See Also