Ftk Imager Handling: Unterschied zwischen den Versionen
Zur Navigation springen
Zur Suche springen
| Zeile 20: | Zeile 20: | ||
|<nowiki>--e01</nowiki> | |<nowiki>--e01</nowiki> | ||
|Format | |Format | ||
| + | |- | ||
| + | |<nowiki>--case-number 01</nowiki> | ||
| + | |Fallnummer | ||
| + | |- | ||
| + | |<nowiki>--evidence-number 01</nowiki> | ||
| + | |Beweisnummer | ||
| + | |- | ||
| + | |<nowiki></nowiki> | ||
| + | | | ||
| + | |- | ||
| + | |<nowiki>--description secure.local.forensic</nowiki> | ||
| + | |Beschreibung | ||
| + | |- | ||
| + | |<nowiki>--examiner tw,ng</nowiki> | ||
| + | |Ermittler | ||
| + | |- | ||
| + | |<nowiki>--notes first-run</nowiki> | ||
| + | |Notizen | ||
|} | |} | ||
=Quelle= | =Quelle= | ||
*https://it-dad.de/2019/03/13/ftk-imager-und-autopsy-unter-linux-nutzen/ | *https://it-dad.de/2019/03/13/ftk-imager-und-autopsy-unter-linux-nutzen/ | ||
Version vom 3. August 2021, 19:19 Uhr
Download
Install
- tar -C /usr/local/sbin -xvzf ftkimager.3.1.1_ubuntu64.tar.gz
Image erstellen
- ftkimager /dev/sdb /share/forensic/win10 --e01 --case-number 01 --evidence-number 01 --description secure.local.forensic --examiner tw,ng --notes first-run
Beschreibung
Sie schreiben Sie erhalten
| /dev/sdb | Quelle |
| /share/forensic/win10 | Ziel |
| --e01 | Format |
| --case-number 01 | Fallnummer |
| --evidence-number 01 | Beweisnummer |
| --description secure.local.forensic | Beschreibung |
| --examiner tw,ng | Ermittler |
| --notes first-run | Notizen |