Windows Incident Forensics with Knoppix Helix

Daehenoc writes "After finding Windows Forensics and Incident Recovery while looking around for forensics tools, I found this instead: Helix Incident Response and Forensics. It's a customized version of Knoppix which you can use in an online or offline style - put it in when Windows is running and you can retrieve a stack of useful information and send it to a network share. Or boot a suspect system with the CD and get access to useful forensics tools like sleuthkit!"

Re:To those that matter, don't mind.

[sglider]

No 'troll' at all, Dorothy. While you two IT guys may be the token Slashdot readers and real movers and shakers among your group, the sad truth is that Windows IT as a whole is based not around expertise, but by cost. After having played support monkey for IT people, helping them because they have no clue about anything other than the recovery console in XP, I can say with certainty that while this solution is a real help, it won't have widespread acceptance for two reasons, the first being that Windows IT'rs as a whole do not use linux, and the second being that a far easier solution in the learning curve is for them to recover using the 'old' methods, instead of something as hip as Knoppix. Great sig, btw.

Who cares

[nurb432]

Who really cares if its stolen or not. If you release your code, live with the risks and stop whining.

Be happy someone cared enough about your work to do it.

Re:Who cares

[nurb432]

Welcome to the real world..

You *do* still get a check when someone else gets credit.. you still get paid the same if you try or not..

So the statement stands..