FCCU Gnu/Linux Boot CD

From ForensicsWiki
Revision as of 16:57, 17 March 2006 by Jfbeckers (Talk | contribs)

Jump to: navigation, search

Features

- Sleuthkit v2.02
- Custom kernel without the slow USB driver - UB
- NTFS write support removed - too dangerous for forensic purpose
- Probe all LUN was added to support most of the USB multi card readers
- mork.pl, a tool to read Firefox history
- A PXE boot feature to facilitate searches in large scale networks.
- mwcollect and nepenthes were added for malware hunting - http://www.shadowserver.org/
- grokevt was added to view MS win event log files more efficiently
- reglookup was added to export MS win registry files
- The Advanced Forensic Format is now supported (afflib 1.3.3) - not the last version

And a lot of other forensic tools.

External Links

LNX4N6 - http://www.lnx4n6.be

Remarks

Your comments, suggestions, remarks and articles about the use of FCCU boot CD are welcome.

Please, feel free to contact us and give some feed back.