Am 19. Apr, 2005 schwätzte Technomage so:
> google is feeding me pages and pages and pages of mostly windows (sic) stuff.
> anyone happen to know a few good places for a linux based forensics suite
> similar to the capabilities of Encase (tm)?
Don't know Encase, but
http://www.linux-forensics.com/ ( local project )
and
http://www.knoppix-std.org/ are bootable distros doing specializing in
security and forensics.
There's also the Coroner's Toolkit from Dan Farmer and Wietse Venema.
http://www.porcupine.org/forensics/
Here are some links I ran into while looking for CTK.
http://staff.washington.edu/dittrich/misc/forensics/
http://www.opensourceforensics.org/tools/unix.html
I'm interested in finding out which tools will help in recovering deleted
files on an ext3 filesystem.
ciao,
der.hans
--
# https://www.LuftHans.com/ http://www.AZOTO.org/
# I chose to use the kernel sources as my documentation. ;-)
# -- Kevin Buettner
---------------------------------------------------
PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us
To subscribe, unsubscribe, or to change you mail settings:
http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
(text/plain)