Difference between revisions of "Helix3 Pro"

From Forensics Wiki
Jump to: navigation, search
m
(One intermediate revision by one user not shown)
Line 13: Line 13:
  
 
* Live side for [[Mac OS X]], [[Windows]] and [[Linux]]
 
* Live side for [[Mac OS X]], [[Windows]] and [[Linux]]
* A bootable forensically sound environment (based on Ubuntu)
+
* A bootable forensically sound environment based on [[Ubuntu]]
  
 
Open source forensic tools include:
 
Open source forensic tools include:
Line 29: Line 29:
 
== Forensic Issues ==
 
== Forensic Issues ==
  
* Helix3 Pro will automount [[Ext3]] / [[Ext4]] file systems during the boot process and recover them if required (bug in ''initrd'' scripts);
 
 
* Helix3 Pro can automount some storage devices like firewire devices and MMC in read/write mode;
 
* Helix3 Pro can automount some storage devices like firewire devices and MMC in read/write mode;
 
* Helix3 Pro relies on file system drivers to provide write protection, mounting some file system types (e.g. [[XFS]]) will result in several data writes to the original media.  
 
* Helix3 Pro relies on file system drivers to provide write protection, mounting some file system types (e.g. [[XFS]]) will result in several data writes to the original media.  

Revision as of 06:26, 28 July 2012

Helix3 Pro
Maintainer: e-fense
OS: Linux,Windows,Mac OS X
Genre: Live CD
License: GPL, others
Website: e-fense.com

Helix3 Pro is a Live CD built on top of Ubuntu. It focuses on incident response and computer forensics.

Tools Included

Open source forensic tools include:

Other tools include:

Forensic Issues

  • Helix3 Pro can automount some storage devices like firewire devices and MMC in read/write mode;
  • Helix3 Pro relies on file system drivers to provide write protection, mounting some file system types (e.g. XFS) will result in several data writes to the original media.

See Also

Free version: Helix3