Ftk Imager Handling: Unterschied zwischen den Versionen
Zur Navigation springen
Zur Suche springen
| Zeile 6: | Zeile 6: | ||
*ftkimager /dev/sdb /share/forensic/win10 --e01 --case-number 01 --evidence-number 01 --description secure.local.forensic --examiner tw,ng --notes first-run | *ftkimager /dev/sdb /share/forensic/win10 --e01 --case-number 01 --evidence-number 01 --description secure.local.forensic --examiner tw,ng --notes first-run | ||
=Beschreibung= | =Beschreibung= | ||
| − | |||
| − | |||
| − | |||
{| class="wikitable" | {| class="wikitable" | ||
|+Optionen | |+Optionen | ||
| Zeile 28: | Zeile 25: | ||
|- | |- | ||
|<nowiki></nowiki> | |<nowiki></nowiki> | ||
| − | |||
|- | |- | ||
|<nowiki>--description secure.local.forensic</nowiki> | |<nowiki>--description secure.local.forensic</nowiki> | ||
Version vom 3. August 2021, 19:19 Uhr
Download
Install
- tar -C /usr/local/sbin -xvzf ftkimager.3.1.1_ubuntu64.tar.gz
Image erstellen
- ftkimager /dev/sdb /share/forensic/win10 --e01 --case-number 01 --evidence-number 01 --description secure.local.forensic --examiner tw,ng --notes first-run
Beschreibung
| /dev/sdb | Quelle |
| /share/forensic/win10 | Ziel |
| --e01 | Format |
| --case-number 01 | Fallnummer |
| --evidence-number 01 | Beweisnummer |
| --description secure.local.forensic | Beschreibung |
| --examiner tw,ng | Ermittler |
| --notes first-run | Notizen |