Send the link below via email or IMCopy
Present to your audienceStart remote presentation
- Invited audience members will follow you as you navigate and present
- People invited to a presentation do not need a Prezi account
- This link expires 10 minutes after you close the presentation
- A maximum of 30 users can follow your presentation
- Learn more about this feature in our knowledge base article
Transcript of Opensource Writeblocker
"dcfldd is an enhanced version of GNU dd with features useful for forensics and security."
LIO SCSI Target
Linux BLOCK device as a backstore
SCSI access over FireWire
Backstore viewable over FireWire
Initialised via FIREBrick menu
Can be accessed over writeblocked FireWire
Automatically detected from SATA port configuration
"LUKS is the standard for Linux hard disk encryption"
Could be SHA-1, SHA-2...
"ewfacquire is a utility to acquire media data from a source and store it in EWF format"
"coreboot is a Free Software project aimed at replacing the proprietary BIOS (firmware) found in most computers"
Form factor development
Drive hot swapping
Mobile device acquisition
Writeblocking over ethernet (iSCSI)
...also file searching, hash searching...
...should I image this drive?
...save a report of disk contents
Less chance to change OS
Storage can be encrypted!
Tried and tested tool
Q & A
Expert Witness Format - Encase
Not a competitor to commercial write-blockers
(IEEE, ISO, NIST etc)
Well tested, however test as you develop.
Remote FIREBrick (v2)
Use your phone to control the FIREBrick
Acts as a wireless access point
Smaller, no LCD screen required
Motherboard - ASRock E350M1
RAM - 1GB DDR3 (1333 or 1066)
Firewire card - Dynamode PCIX3FW 3-Port
Case + power supply
Download the FIREBrick BIOS file
Boot the system from a USB key
Flash the stock BIOS with the FIREBrick BIOS
Open source write-blocker/imager