[ale] linux old timers question (late 1990s)

Jerry Yu jjj863 at gmail.com
Fri Nov 3 16:27:57 EST 2006 

greg, did this work? I guess this is not a lot different from poping the
drive into a generic old pc to try boot with the drive.

On 11/1/06, Jerry Yu <jjj863 at gmail.com> wrote:
>
> can you try to boot with it, using /usr/lib/syslinux/memdisk under a
> working Linux box?  Not from experience, but from RTFM.
> Basically you'll need to do the following on a working Linux box:
>
>    - cp /usr/lib/syslinux/memdisk to /boot
>    - cp the disk image to /boot (assume named oldpc.img)
>    - add a GRUB entry like something below:
>
> Title  old PC image could be a 2.0 linux
>                kernel /memdisk
>                initrd /oldie.img
>
>    - boot and select "old PC image could be a 2.0 linux"
>
>
> On 11/1/06, Greg Freemyer <greg.freemyer at gmail.com> wrote:
> >
> > All,
> >
> > I have an old 80 MB disk I need to figure out/review.  Appears to be
> > from the late 1990s.
> >
> > I've used dd to make a copy of it.
> >
> > It does not seem to have a traditional partition table and running
> > file against it tells me:
> >
> > dd-image: Linux/x86 Kernel, Setup Version 0x201, zImage, RO-rootFS,
> > root_dev 0xFF, Normal VGA
> >
> > Which is very close to what I get if I run file against a current
> > kernel in /boot.
> >
> > So it looks like the the first portion of this 80 MB disk is a linux
> > kernel.  Running strings against it I see:
> >
> > >>
> > 4rz6
> > C9m{
> > 8;R~
> > gP~IA~q
> > olh~
> > t0DO
> > ~c-f9
> > 4*{&j
> > ca)m
> > ]ZF*
> > sY>L
> > E]xb
> > RQSP
> > Loading
> > $HdrS
> > ZZuC
> > PQ0
> > No setup signature found ...
> > Wrong loader, giving up...
> > 2.0.29 (source at alyshia) #51 Mon Apr 7 02:49:06 PDT 1997
> > INT15 refuses to access high mem, giving up...
> > <<
> >
> > Which makes me think that this is a 2.0.29 kernel from 1997.  (I don't
> > know if those dates are consistent or not.)
> >
> > Can anyone tell me how I can find a filesystem on this image?  ie.
> > What is the offset to the start of any and all filesystems.
> >
> > I assume if I knew the offset I could do a mount -o loop  to mount it
> > and take a look around at the filesystem.
> >
> > Thanks
> > Greg
> > --
> > Greg Freemyer
> > The Norcross Group
> > Forensics for the 21st Century
> > _______________________________________________
> > Ale mailing list
> > Ale at ale.org
> > http://www.ale.org/mailman/listinfo/ale
> >
>
>
-------------- next part --------------
An HTML attachment was scrubbed...

More information about the Ale mailing list