First let me address Nihil concern........Look for posts from me over the last week and you will discover that I am just a guy trying to do his job. I have been reading information off this board for a while now and know the brain trust that exists here is AWESOME and sometimes paranoid. If you are concerned I am trying to trick you into revealing something that you shouldn't then maybe research some of the other posts the user makes before you make the accusation in their thread.......As a senior member of this site your "opinions " carry weight and you should consider that. Now I feel I have to spend time defending the validity of this thread. Enough said, no hard feelings....Like I said sometimes paranoid.

THE Drive:
The hard drive belonged to the previous security person. The concern is that he was into things that he had no business in and while that will be easy to look at on the NT partition (corporate install) the linux partition will be more of a challenge for me (his install).
The company does not want to pay for a $30k tool or to hire a consultant to do the legwork on the drive. I am it.....It is my job because I am the "network security guy" so I am supposed to know it all........Sound familiar
There is a corporate legal team and so they are holding the original drive which was imaged from Ghost.
The point is if I find something then the company will decide how to proceed and if they want to prosecute they will take my findings and send them to a "expert" with the original drive who will go to court.....not me

Thanks for the information especially from Devprn, TigerShark, and CHSH......Great resources thanks again!!!!

If anyone has anything else I am all ears...........