Differences
This shows you the differences between two versions of the page.
Both sides previous revision Previous revision Next revision | Previous revision Next revisionBoth sides next revision | ||
todo:removable-flash-media [2022/05/10 13:57] – [Introduction] hiccup | todo:removable-flash-media [2022/06/18 21:29] – hiccup | ||
---|---|---|---|
Line 2: | Line 2: | ||
===== Introduction ===== | ===== Introduction ===== | ||
- | |||
{{wst> | {{wst> | ||
There is a risk when plugging USB devices or other writeable storage media into a conventional operating system that the OS will write to the device, meaning a clean dump of the original media cannot subsequently be made. To enable as clean as possible a dump to be preserved - even in the case of used devices it is good to avoid making any further changes. | There is a risk when plugging USB devices or other writeable storage media into a conventional operating system that the OS will write to the device, meaning a clean dump of the original media cannot subsequently be made. To enable as clean as possible a dump to be preserved - even in the case of used devices it is good to avoid making any further changes. | ||
- | This method uses a forensics-oriented Linux distribution which defaults to blocking all devices in read-only mode to ensure as secure as possible an environment for imaging of writeable storage media. | + | This method uses a forensics-oriented Linux distribution which defaults to blocking all devices in read-only mode to ensure as secure as possible an environment |
===== Methods ===== | ===== Methods ===== | ||
Line 63: | Line 62: | ||
{{: | {{: | ||
{{: | {{: | ||
- | * Open the console and dump the USB using the following command 'sudo dd if=/dev/sdX/ of=/ | + | * Open the console and dump the USB using the following command 'sudo dd if=/dev/sdX of=/ |
{{: | {{: | ||
===== Gathering and Submitting Dump Info ===== | ===== Gathering and Submitting Dump Info ===== | ||
See [[submission: | See [[submission: |