Difference between revisions of "Helix3"
Uwe Hermann (Talk | contribs) (Added license. Removed irrelevant link. Cosmetic fixes.) |
|||
| Line 1: | Line 1: | ||
| + | '''Helix''' is a [[live cd]] built on top of [[Knoppix]]. It focuses on [[incident response]] and [[computer forensics]]. | ||
=Features= | =Features= | ||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
==File Systems Understood== | ==File Systems Understood== | ||
| Line 34: | Line 30: | ||
==License Notes== | ==License Notes== | ||
| − | + | ""''Helix is based off of the original Knoppix distribution and retains all of the original licenses from that distribution. All additions that I have made are covered under GPL or by the licenses of the prospective authors.''" -- [http://www.e-fense.com/helix/faq.php Helix FAQ]. | |
= External Links = | = External Links = | ||
| − | + | * [http://www.e-fense.com/helix/ Official website] | |
==External Reviews== | ==External Reviews== | ||
Revision as of 15:40, 21 March 2006
Helix is a live cd built on top of Knoppix. It focuses on incident response and computer forensics.
Contents |
Features
File Systems Understood
File Search Facilities
Historical Reconstruction
Can it build timelines and search by creation date?
Searching Abilities
Can it search? Does it build an index? Can it focus on file types or particular kinds of metadata?
Hash Databases
Can it create hashes of files and/or blocks? Can it compare these hash values to any databases? What sort of hash functions does it use?
Evidence Collection Features
Can it sign files? Does it keep an audit log?
History
Originally written in (YEAR), it has now developed into a Forensic Edition and an Enterprise Edition.
License Notes
""Helix is based off of the original Knoppix distribution and retains all of the original licenses from that distribution. All additions that I have made are covered under GPL or by the licenses of the prospective authors." -- Helix FAQ.
