Difference between pages "Helix3" and "File:2-BB9780-ScrewRemoval.jpg"

From Forensics Wiki
(Difference between pages)
Jump to: navigation, search
(Added license. Removed irrelevant link. Cosmetic fixes.)
 
 
Line 1: Line 1:
'''Helix''' is a [[live cd]] built on top of [[Knoppix]]. It focuses on [[incident response]] and [[computer forensics]].
 
  
=Features=
 
 
==File Systems Understood==
 
 
==File Search Facilities==
 
 
==Historical Reconstruction==
 
 
Can it build timelines and search by creation date?
 
 
==Searching Abilities==
 
 
Can it search? Does it build an index? Can it focus on file types or particular kinds of metadata?
 
 
==Hash Databases==
 
 
Can it create hashes of files and/or blocks? Can it compare these hash values to any databases?
 
What sort of hash functions does it use?
 
 
==Evidence Collection Features==
 
 
Can it sign files? Does it keep an audit log?
 
 
=History=
 
 
Originally written in (YEAR), it has now developed into a Forensic Edition and an Enterprise Edition.
 
 
==License Notes==
 
 
""''Helix is based off of the original Knoppix distribution and retains all of the original licenses from that distribution. All additions that I have made are covered under GPL or by the licenses of the prospective authors.''" -- [http://www.e-fense.com/helix/faq.php Helix FAQ].
 
 
= External Links =
 
 
* [http://www.e-fense.com/helix/ Official website]
 
 
==External Reviews==
 

Latest revision as of 01:31, 8 August 2013