Am 19. Apr, 2005 schwätzte Technomage so:

> google is feeding me pages and pages and pages of mostly windows (sic) stuff.
> anyone happen to know a few good places for a linux based forensics suite
> similar to the capabilities of Encase (tm)?

Don't know Encase, but http://www.linux-forensics.com/ ( local project )
and http://www.knoppix-std.org/ are bootable distros doing specializing in
security and forensics.

There's also the Coroner's Toolkit from Dan Farmer and Wietse Venema.

http://www.porcupine.org/forensics/

Here are some links I ran into while looking for CTK.

http://staff.washington.edu/dittrich/misc/forensics/

http://www.opensourceforensics.org/tools/unix.html

I'm interested in finding out which tools will help in recovering deleted
files on an ext3 filesystem.

ciao,

der.hans
-- 
#  https://www.LuftHans.com/    http://www.AZOTO.org/
#  I chose to use the kernel sources as my documentation.  ;-)
#  -- Kevin Buettner
---------------------------------------------------
PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us
To subscribe, unsubscribe, or to change  you mail settings:
http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss