:: Re: [DNG] rc.local removed from Deb…
Top Page
This message is part of the following thread:
M+\the complete thread tree sorted by date
MMMKatolaZ at <-
MMM\John Hughes at ->
Delete this message
Reply to this message
Author: John Hughes
Date:  
To: dng
New-Topics: [DNG] ..forensics on systemd or journald logs, was: rc.local removed from Debian 9, rly?
Subject: Re: [DNG] rc.local removed from Debian 9, rly?


On 22/11/17 02:59, Arnt Karlsen wrote:
> On Tue, 21 Nov 2017 18:21:14 +0100, John wrote in message
> <c5185954-4be2-5389-4cfa-9266eed9f4fc@???>:
>
>> (Damn but the systemd journal is great :-))
> ..is there a way to decode and read those binary systemd journal logs
> on classic POSIX/Unix etc forensic systems _not_ running systemd?

Is there any way to read a file in format X without a program that reads
format X?

I suppose you could scatter iron filings on the disk the use a scanning
electron microscope to examine their positions and, using paper, pencil
and a copy of the systemd doc work out the contents by hand.

Or, being endowed with the minimum level of foresight necessary for
survival have a forensic system that includes tools for reading the file
formats you're likely to find  on the system you want to post-mortem.



This message was posted to the following mailing lists:
dng
Mailing List Info | Nearby Messages		<-Re: [DNG] rc.local removed from Debian 9, rly?Re: [DNG] rc.local removed from Debian 9, rly?->

Donate to Dyne.org

dyne.org open discussions
administrated by dyne.org hackers		Lurker (version 2.3)