Difference between revisions of "Helix3 Pro"
From Forensics Wiki
m |
Joachim Metz (Talk | contribs) |
||
| (5 intermediate revisions by one user not shown) | |||
| Line 13: | Line 13: | ||
* Live side for [[Mac OS X]], [[Windows]] and [[Linux]] | * Live side for [[Mac OS X]], [[Windows]] and [[Linux]] | ||
| − | * A bootable forensically sound environment | + | * A bootable forensically sound environment based on [[Ubuntu]] |
Open source forensic tools include: | Open source forensic tools include: | ||
| Line 27: | Line 27: | ||
* [[LinEn]] | * [[LinEn]] | ||
| − | == | + | == Forensic Issues == |
| − | Helix3 Pro | + | * Helix3 Pro can automount some storage devices like firewire devices and MMC in read/write mode; |
| − | + | * Helix3 Pro relies on file system drivers to provide write protection, mounting some file system types (e.g. [[XFS]]) will result in several data writes to the original media. | |
| − | + | ||
| − | + | ||
| − | * | + | |
| − | + | ||
== See Also == | == See Also == | ||
Latest revision as of 06:26, 28 July 2012
| Helix3 Pro | |
|---|---|
| Maintainer: | e-fense |
| OS: | Linux,Windows,Mac OS X |
| Genre: | Live CD |
| License: | GPL, others |
| Website: | e-fense.com |
Helix3 Pro is a Live CD built on top of Ubuntu. It focuses on incident response and computer forensics.
[edit] Tools Included
Open source forensic tools include:
- dc3dd
- aimage
- The Sleuth Kit (3.0.1, with "light" version of Autopsy, with libewf support)
- foremost
- Volatility
- Several tools for mobile phone forensics
Other tools include:
[edit] Forensic Issues
- Helix3 Pro can automount some storage devices like firewire devices and MMC in read/write mode;
- Helix3 Pro relies on file system drivers to provide write protection, mounting some file system types (e.g. XFS) will result in several data writes to the original media.
[edit] See Also
Free version: Helix3
