Tip: Create a Boot CD or USB Drive to Save Your System

There have been dozens of times over the years where I’ve had to boot a dead system or break into a suspect’s system to recover data or restore the functionality of a system.  It used to be pretty tough – often I had to remove the hard disk and mount it on another system to do this.  Now, it’s much easier.  Today there are several tools that will allow you to create a Boot CD or USB drive that you can insert into a system and boot the computer without having to boot off of the hard drive.  The plus is, if the system has a virus or malfunction, you are not running off of the infected hard drive – but off of the CD or USB drive.  You also keep from modifying the contents of the hard disk so that you can maintain a forensic path to data discovery.  There are two boot CD’s and USB Drives that I carry with me today:

The first one is an Ultimate Boot CD I created with BartPE that has your basic disk imaging, virus scanning, and other operating system tools installed on it.  BartPE allows a user to boot Windows, even if a hardware or software fault has disabled the installed operating systems on the internal hard drive — for instance, to recover files. It can also be used to scan for and remove rootkits, viruses and spyware (that have infected boot files), or to reset a lost administrator password.  Here’s a tutorial on installing BartPE



The second one is a Knoppix based CD that has tons of capabilities for data retrieval, system interrogation, and a number of tools that will allow me to perform a security check of the network I’m in.  The particular CD I use is the BackTrack live CD distribution.  It contains over 300 tools for network penetration testing (both wired and wireless), system imaging, remote network monitoring, packet capturing (like Network Miner), and forensic system analysis.  It is very useful and the interface is easier than I was expecting.  Here’s a video on installing BackTrack onto a USB thumb drive.

Here's an intro video to Backtrack


I find these tools very useful and use them often to solve all sorts of problems.  I always find that I am creating new ones because I keep giving them away.