Results 1 to 2 of 2

Thread: Forensics boot mode

  1. #1
    Just burned his ISO
    Join Date
    Sep 2012
    Posts
    2

    Default Forensics boot mode

    Hi,

    I am booting BT5R3-GNOME-32 in ofrensics mode to avoid automount drives asn swap partitions.
    After booting the operating system (run level 2), the USB driver are not automounted, however after executing startx command, when a USB driver is plugged is automatically mounted.

    I have seen in the /root/.profile script the following a specific "if" clause to execute when the hostname is equal to "bt5-forensics". In this if-clause is set up thinks like "/usr/bin/gconftool-2 --set /apps/nautilus/preferences/media_automount --type bool false 2> /dev/null", however I think there are not executed as the current hostname is "bt".

    So my understanding is if you want to have disabled automount option in the X-window, it is required to change the hostname previous to execute "startx" command. Is that right? Is there are document where I could find extra info about this issue?

    Thanks,
    Jose

  2. #2
    Just burned his ISO
    Join Date
    Sep 2012
    Posts
    2

    Default Re: Forensics boot mode

    Hi,

    I have found a way to disable automount in X-system:

    Boot BT by using forensics mode
    Execute "hostname bt5-forensics; exit" as root
    As the system is setup to perform auto-login, after executing the exit command, the system will perform automatically a log in using the root user executing the /root/.profile script and in this case the if-clause for the forensics mode is executed (as it can showed in the console).
    Finally when execute startx command to work with X-system, the USB driver are no automounted.

    Is this the "normal" way to do it?
    Thanks,
    Jose



    Quote Originally Posted by korba View Post
    Hi,

    I am booting BT5R3-GNOME-32 in ofrensics mode to avoid automount drives asn swap partitions.
    After booting the operating system (run level 2), the USB driver are not automounted, however after executing startx command, when a USB driver is plugged is automatically mounted.

    I have seen in the /root/.profile script the following a specific "if" clause to execute when the hostname is equal to "bt5-forensics". In this if-clause is set up thinks like "/usr/bin/gconftool-2 --set /apps/nautilus/preferences/media_automount --type bool false 2> /dev/null", however I think there are not executed as the current hostname is "bt".

    So my understanding is if you want to have disabled automount option in the X-window, it is required to change the hostname previous to execute "startx" command. Is that right? Is there are document where I could find extra info about this issue?

    Thanks,
    Jose

Similar Threads

  1. Why does BT5-KDE-64 not boot into graphical mode?
    By mOCo1 in forum BackTrack 5 Beginners Section
    Replies: 0
    Last Post: 06-01-2011, 09:20 AM
  2. Darik's Boot And Nuke (Anti-Forensics)
    By firebits in forum Tool Requests
    Replies: 4
    Last Post: 02-01-2011, 07:12 AM
  3. ISO Upgrade to 2.6.34 breaks Forensics boot
    By chrisbdaemon in forum BackTrack Bugs
    Replies: 1
    Last Post: 08-23-2010, 07:05 PM
  4. BackTrack 4 Pre Release is not forensically safe in "forensics" mode
    By thefuf1 in forum OLD BackTrack 4 Bugs and Fixes
    Replies: 0
    Last Post: 10-12-2009, 04:26 PM
  5. wicd-client + Forensics Mode Error
    By jtesta in forum OLD BackTrack 4 Bugs and Fixes
    Replies: 4
    Last Post: 06-21-2009, 12:06 AM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •