O'Reilly logo

Computer Evidence: Collection and Preservation, Second Edition by Christopher L. T. Brown

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Live Boot CD-ROMs

The utility CD-ROMs discussed to this point have two things in common: they require the suspect system to be up and running, and they normally work in a client-server fashion or export data to removable media. In addition, any application running under the local operating system runs the risk of returning faulty data if function calls are made to a compromised system. Bootable disks, commonly referred to as live boot CD-ROMs, are becoming popular in the forensics community. A live boot CD-ROM consists of a bootable CD-ROM (one that adheres to the El Torito Standard [ElTorito01]) complete with its own operating system and preinstalled forensics and security utilities.

Note

Bootable disks containing a clean operating system ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required