2:47 p.m.
Dear all,
sorry, I'm using webmail only and couldn't set an in reply-to header to my last
message.
Libvmi seems a bit complicated to install, at least compared to the vboxmanage debugvm
command. Is libvmi required for KVM or is it possible to use virsh dump?
Thank you in advance.
- Chris
1:07 a.m.
2013/10/3 <chris-2012(a)arcor.de>
Dear all,
sorry, I'm using webmail only and couldn't set an in reply-to header to my
last message.
Libvmi seems a bit complicated to install, at least compared to the
vboxmanage debugvm command. Is libvmi required for KVM or is it possible to
use virsh dump?
Hi Chris,
You should use LibVMI just for "online live" forensics over a virtual
machine.
If you merely need an offline memory dump of a KVM virtual machine, feel
free to use virsh dump without LibVMI.
However, just FYI, LibVMI is evolving drastically to be a great VM-oriented
address space for Volatility.
Thanks,
Guanglin
Thank you in advance.
- Chris
_______________________________________________
Vol-users mailing list
Vol-users(a)volatilityfoundation.org
http://lists.volatilityfoundation.org/mailman/listinfo/vol-users
4059
days inactive
4060
days old
vol-users@lists.volatilityfoundation.org
1 comments
2 participants
participants (2)
-
chris-2012@arcor.de -
Guanglin Xu