Difference between pages "Helix3" and "File:2-BB9780-ScrewRemoval.jpg"

From ForensicsWiki
(Difference between pages)
Jump to: navigation, search
(Added license. Removed irrelevant link. Cosmetic fixes.)
Line 1: Line 1:
'''Helix''' is a [[live cd]] built on top of [[Knoppix]]. It focuses on [[incident response]] and [[computer forensics]].
==File Systems Understood==
==File Search Facilities==
==Historical Reconstruction==
Can it build timelines and search by creation date?
==Searching Abilities==
Can it search? Does it build an index? Can it focus on file types or particular kinds of metadata?
==Hash Databases==
Can it create hashes of files and/or blocks? Can it compare these hash values to any databases?
What sort of hash functions does it use?
==Evidence Collection Features==
Can it sign files? Does it keep an audit log?
Originally written in (YEAR), it has now developed into a Forensic Edition and an Enterprise Edition.
==License Notes==
""''Helix is based off of the original Knoppix distribution and retains all of the original licenses from that distribution. All additions that I have made are covered under GPL or by the licenses of the prospective authors.''" -- [http://www.e-fense.com/helix/faq.php Helix FAQ].
= External Links =
* [http://www.e-fense.com/helix/ Official website]
==External Reviews==

Latest revision as of 02:31, 8 August 2013