Difference between revisions of "Helix3 Pro"
From Forensics Wiki
m |
m (fixed) |
||
| Line 29: | Line 29: | ||
== Forensic Issues == | == Forensic Issues == | ||
| − | |||
* Helix3 Pro can automount some storage devices like firewire devices and MMC in read/write mode; | * Helix3 Pro can automount some storage devices like firewire devices and MMC in read/write mode; | ||
* Helix3 Pro relies on file system drivers to provide write protection, mounting some file system types (e.g. [[XFS]]) will result in several data writes to the original media. | * Helix3 Pro relies on file system drivers to provide write protection, mounting some file system types (e.g. [[XFS]]) will result in several data writes to the original media. | ||
Revision as of 14:44, 23 December 2009
| Helix3 Pro | |
|---|---|
| Maintainer: | e-fense |
| OS: | Linux,Windows,Mac OS X |
| Genre: | Live CD |
| License: | GPL, others |
| Website: | e-fense.com |
Helix3 Pro is a Live CD built on top of Ubuntu. It focuses on incident response and computer forensics.
Tools Included
- Live side for Mac OS X, Windows and Linux
- A bootable forensically sound environment (based on Ubuntu)
Open source forensic tools include:
- dc3dd
- aimage
- The Sleuth Kit (3.0.1, with "light" version of Autopsy, with libewf support)
- foremost
- Volatility
- Several tools for mobile phone forensics
Other tools include:
Forensic Issues
- Helix3 Pro can automount some storage devices like firewire devices and MMC in read/write mode;
- Helix3 Pro relies on file system drivers to provide write protection, mounting some file system types (e.g. XFS) will result in several data writes to the original media.
See Also
Free version: Helix3
