Difference between revisions of "FCCU Gnu/Linux Boot CD"

From ForensicsWiki
Jump to: navigation, search
m
(Current version)
 
(15 intermediate revisions by 7 users not shown)
Line 1: Line 1:
= Features =
+
{{Deprecated Software}}
  
: - [[Sleuthkit]] v2.02
+
{{Infobox_Software |
: - Custom kernel without the slow USB driver - UB
+
  name = FCCU GNU/Linux Forensic Boot CD |
: - NTFS write support removed - too dangerous for forensic purpose
+
  maintainer = [[Christophe Monniez]], [[Geert Van Acker]] |
: - Probe all LUN was added to support most of the USB multi card readers
+
  os = {{Linux}} |
: - mork.pl, a tool to read Firefox history
+
  genre = {{Live CD}} |
: - A PXE boot feature to facilitate searches in large scale networks.
+
  license = {{GPL}}, others |
: - [[mwcollect]] and [[nepenthes]] were added for malware hunting - http://www.shadowserver.org/
+
  website = [http://www.lnx4n6.be/ lnx4n6.be] |
: - grokevt was added to view MS win event log files more efficiently
+
}}
: - reglookup was added to export MS win registry files
+
: - The Advanced Forensic Format is now supported ([[afflib]] 1.3.3) - not the last version
+
  
And a lot of other forensic tools.
+
The '''FCCU GNU/Linux Forensic Boot CD''' is a [[Live CD]] based on [[Debian]]. It focuses on [[Incident Response|incident response]] and [[computer forensics]]. The authors welcome comments and suggestions.
  
= External Links =
+
== Tools included ==
  
LNX4N6 - http://www.lnx4n6.be
+
A list of included tools is available on [http://www.lnx4n6.be/index.php?sec=Documentation&page=bootcdcontent lnx4n6.be].
  
= Remarks =
+
== Current version ==
  
Your comments, suggestions, remarks and articles about the use of FCCU boot CD are welcome.
+
The current version is 12.1, released on 07 Oct 2008
  
Please, feel free to contact us and give some feed back - [[jfbeckers]]
+
This version includes new tools made by [http://www.storm.net.nz/projects/16 MetlStorm] to acquire memory through the Firewire bus.
 +
 
 +
== Forensic Issues ==
 +
 
 +
* FCCU GNU/Linux Forensic Boot CD will automount [[Ext3]] file systems during the boot process and recover them if required (bug in ''initrd'' scripts).

Latest revision as of 08:35, 28 July 2012

40px-Ambox warning pn.png

This tool is deprecated.
The tool that this page describes is deprecated and is no longer under active development.
Further information might be found on the discussion page.

FCCU GNU/Linux Forensic Boot CD
Maintainer: Christophe Monniez, Geert Van Acker
OS: Linux
Genre: Live CD
License: GPL, others
Website: lnx4n6.be

The FCCU GNU/Linux Forensic Boot CD is a Live CD based on Debian. It focuses on incident response and computer forensics. The authors welcome comments and suggestions.

Tools included

A list of included tools is available on lnx4n6.be.

Current version

The current version is 12.1, released on 07 Oct 2008

This version includes new tools made by MetlStorm to acquire memory through the Firewire bus.

Forensic Issues

  • FCCU GNU/Linux Forensic Boot CD will automount Ext3 file systems during the boot process and recover them if required (bug in initrd scripts).