#13 Backup/Recovery/Forensic version
Suppose you Windows or Linux/Unix box get somehow compromised by a hacker. First, you have to restart the system from a clean system. Second, you have to make an image of your disk into a NFS/Samba shared directory or a CD-W for further analysis and for backup.
Trinux would be perfect for this task because:
- it does not touch your hard disk in any way
- it can read FAT16/32, NTFS, ext2, ReiserFS and other FS (almost any system on the market)
- it can communicate with other systems through ethernet and PPP
- it can even use a CD-Burner
- it has DD (for creating disk images)
- it supports NFS
Unfortunately, you have to face a few problems:
- in many cases, Trinux, like any Linux, will not be able to recognise your (windows-aimed) network card (in particular if your NIC is an "integrated" chip set on your motherboard)
- Trinux does not really support PPP (at least, this is my case: Trinux 0.80 RC2 with IDE boot image + PPP.tgz)
- you have to load ext2.o by hand ("insmod ext2.o") to see your ext2 file system
- (I do not know if the "IDE" kernel really supports a CD-burner)
Hence, most likely, you can read your hard disk but you cannot copy its contents to another media (my current situation..).
With a little bug-fixing and feature-tuning, Trinux could be the best tool in town for system recovery, emergency backup and forensic applications. I hope Matthew (and possibly other developers) will take this possibility into consideration.
