How would one create a dump of the physical memory (RAM) in Linux?
What software if any is available for this purpose?
I have read that one should not write to a local disk but rather send the data over the network. Anyone know the peculiarities here? Would Ethernet work for this purpose, or are there any commands which minimize the amount of caching before sending to disk?
WinHex on Windows has such functionality:
I am looking for something similar on Linux.
Best Answer
Here is a eHow page on How to Dump Linux Memory
That leads to the ForensicsWiki page on Memory Imaging Tools with the Linux/Unix section,
See Also: Linux Memory Analysis.
There is also GDB commonly available on most Linuxes.
And, you are always advised to avoid writing over unknown memory -- it can lead to system corruption.