Difference between revisions of "FCCU Gnu/Linux Boot CD"

From Forensics Wiki
Jump to: navigation, search
m
 
m
Line 1: Line 1:
 
= Features =
 
= Features =
  
: - Sleuthkit v2.02
+
: - [[Sleuthkit]] v2.02
 
: - Custom kernel without the slow USB driver - UB
 
: - Custom kernel without the slow USB driver - UB
 
: - NTFS write support removed - too dangerous for forensic purpose
 
: - NTFS write support removed - too dangerous for forensic purpose
Line 7: Line 7:
 
: - mork.pl, a tool to read Firefox history
 
: - mork.pl, a tool to read Firefox history
 
: - A PXE boot feature to facilitate searches in large scale networks.
 
: - A PXE boot feature to facilitate searches in large scale networks.
: - mwcollect and nepenthes were added for malware hunting - http://www.shadowserver.org/
+
: - [[mwcollect]] and [[nepenthes]] were added for malware hunting - http://www.shadowserver.org/
 
: - grokevt was added to view MS win event log files more efficiently
 
: - grokevt was added to view MS win event log files more efficiently
 
: - reglookup was added to export MS win registry files
 
: - reglookup was added to export MS win registry files
: - The Advanced Forensic Format is now supported (afflib 1.3.3) - not the last version
+
: - The Advanced Forensic Format is now supported ([[afflib]] 1.3.3) - not the last version
  
 
And a lot of other forensic tools.
 
And a lot of other forensic tools.
Line 20: Line 20:
 
= Remarks =
 
= Remarks =
  
Your comments, remarks and articles about the use of FCCU boot CD are welcome.
+
Your comments, suggestions, remarks and articles about the use of FCCU boot CD are welcome.
  
Please, feel free to contact us.
+
Please, feel free to contact us and give some feed back - [[jfbeckers]]

Revision as of 15:56, 17 March 2006

Features

- Sleuthkit v2.02
- Custom kernel without the slow USB driver - UB
- NTFS write support removed - too dangerous for forensic purpose
- Probe all LUN was added to support most of the USB multi card readers
- mork.pl, a tool to read Firefox history
- A PXE boot feature to facilitate searches in large scale networks.
- mwcollect and nepenthes were added for malware hunting - http://www.shadowserver.org/
- grokevt was added to view MS win event log files more efficiently
- reglookup was added to export MS win registry files
- The Advanced Forensic Format is now supported (afflib 1.3.3) - not the last version

And a lot of other forensic tools.

External Links

LNX4N6 - http://www.lnx4n6.be

Remarks

Your comments, suggestions, remarks and articles about the use of FCCU boot CD are welcome.

Please, feel free to contact us and give some feed back - jfbeckers