Difference between pages "Masterkey Linux" and "Department of Justice, Computer Crime and Intellectual Property Section"

From ForensicsWiki
(Difference between pages)
Jump to: navigation, search
(Created page with '{{Infobox_Software | name = Masterkey Linux | maintainer = Dr. Q. Zhou - Coventry University | os = {{Linux}} | genre = {{Live CD}} | license = {{GPL}} | website = [h…')
 
(Initial stub)
 
Line 1: Line 1:
{{Infobox_Software |
+
{{expand}}
  name = Masterkey Linux |
+
  maintainer = Dr. Q. Zhou - Coventry University |
+
  os = {{Linux}} |
+
  genre = {{Live CD}} |
+
  license = {{GPL}} |
+
  website = [http://masterkeylinux.com http://masterkeylinux.com]
+
}}
+
  
'''Masterkey Linux''' (or simply Masterkey) is a [[Live CD]] built on top of [[Slackware]] developed by Dr. Qin Zhou of Coventry University. It focuses on [[Incident Response|incident response]] and [[computer forensics]].
+
The '''Computer Crime and Intellectual Property Section''' of the '''United States Department of Justice (CCIPS)''' is responsible for implementing the Department's national strategies in combating computer and intellectual property crimes worldwide. The Computer Crime Initiative is a comprehensive program designed to combat electronic penetrations, data thefts, and cyberattacks on critical information systems. CCIPS prevents, investigates, and prosecutes computer crimes by working with other government agencies, the private sector, academic institutions, and foreign counterparts. Section attorneys work to improve the domestic and international infrastructure-legal, technological, and operational-to pursue network criminals most effectively. The Section's enforcement responsibilities against intellectual property crimes are similarly multi-faceted. Intellectual Property (IP) has become one of the principal U.S. economic engines, and the nation is a target of choice for thieves of material protected by copyright, trademark, or trade-secret designation. In pursuing all these goals, CCIPS attorneys regularly run complex investigations, resolve unique legal and investigative issues raised by emerging computer and telecommunications technologies; litigate cases; provide litigation support to other prosecutors; train federal, state, and local law enforcement personnel; comment on and propose legislation; and initiate and participate in international efforts to combat computer and intellectual property crime.  
  
Whilst designed for use by students entering the field of Computer Forensics, Masterkey contains a diverse range of free and open source tools that both students, computer forensics professionals and system administrators alike can use.
+
The Cybercrime lab is responsible for providing computer forensic and other technical support to CCIPS attorneys as it applies to implementing the Department's national strategies in combating computer and intellectual property crimes worldwide.
  
== Tools Included ==
+
The Cybercrime lab supports the CCIPS comprehensive program designed to combat electronic penetrations, data thefts, and cyber attacks on critical information systems.   The Cybercrime lab also provides technical support and training to improve the domestic and international infrastructure-legal, technological, and operational-to pursue network criminals most effectively. The Section's enforcement responsibilities against intellectual property crimes are similarly multi-faceted. Intellectual Property (IP) has become one of the principal U.S. economic engines, and the nation is a target of choice for thieves of material protected by copyright, trademark, or trade-secret designation.
 
+
In addition to standard unix/linux tools, a suite of editors, office applications and multimedia tools have been included, as well as the following specialised tools in the Masterkey Linux distribution:
+
 
+
* '''[[AIR]]''' 1.2.8
+
 
+
AIR is a GUI front-end to dd/dcfldd designed for easily creating forensic bit images.
+
 
+
* '''[[Autopsy]]''' 2.21
+
 
+
The Autopsy Forensic Browser is a graphical interface to the command line digital investigation tools in The Sleuth Kit.
+
 
+
* '''[[ClamAV]]''' for Unix 0.91.2
+
 
+
Clam AntiVirus is an anti-virus toolkit for UNIX
+
 
+
* '''[[chkrootkit]]''' 0.47
+
 
+
chkrootkit is a tool to locally check for signs of a rootkit.
+
 
+
* '''[[chntpw]]''' 070923
+
 
+
chntpw is an Offline password and Registry Editor
+
 
+
* '''[[dcfldd]]''' 1.3.4-1
+
 
+
dcfldd is an enhanced version of GNU dd (also included in this distribution) with features useful for forensics and security
+
 
+
* '''[[dd_rescue]]''' 1.14
+
 
+
dd_rescue copies data from one file or block device to another. It is intended for error recovery.
+
 
+
* '''[[GParted]]''' 0.3.3
+
 
+
GParted is the Gnome Partition Editor application
+
 
+
* '''[[Foremost]]''' 1.5
+
 
+
Foremost is a console program to recover files based on their headers, footers, and internal data structures. It is a data carving tool.
+
 
+
* '''[[mac-robber]]''' 1.00
+
 
+
mac-robber is a digital investigation tool that collects data from allocated files in a mounted file system.
+
 
+
* '''[[md5deep]]''' 1.12
+
 
+
md5deep is a cross-platform set of programs to compute MD5, SHA-1, SHA-256, Tiger, or Whirlpool message digests on an arbitrary number of files.
+
 
+
* '''[[memdump]]''' 1.01
+
 
+
memory dumper for UNIX-like systems
+
 
+
* '''[[Rootkit Hunter]]''' 1.3.0
+
 
+
Rootkit Hunter is a rootkit scanner.
+
 
+
* '''[[Scalpel]]''' 1.60
+
 
+
Scalpel is a fast file carver that reads a database of header and footer definitions and extracts matching files from a set of image files or raw device files.
+
 
+
* '''[[The Sleuth Kit]]''' 3.01
+
 
+
The Sleuth Kit (previously known as TASK) is a collection of UNIX-based command line file and volume system forensic analysis tools.
+
 
+
* '''[[Stegdetect]]''' 0.6-4
+
 
+
Stegdetect is an automated tool for detecting steganographic content in images.
+
 
+
* '''[[Wipe]]''' 2005-05-09
+
 
+
Wipe is a file and block device wiping utility.
+
 
+
* '''[[Wireshark]]''' 0.99.6
+
 
+
Wireshark is a network protocol analyzer.
+
 
+
== Forensic Features ==
+
 
+
* Disk partitions and USB storage devices found by Masterkey are mounted read-only automatically. Icons for these mounted devices are displayed on the user's Desktop. This facilitates access and prevents a user from accidentally writing to the devices and contaminating evidence.
+
 
+
* Mounting and use of swap partitions is not allowed. This prevents a user from destroying any evidence present on swap partitions.
+
 
+
* Root privilege. The user works with the system as a super user (administrator) so that tools requiring root privilege can be used straightaway.
+
 
+
* Console login. The Desktop environment (graphic user interface) does not start automatically during bootup. This makes it possible to work with Masterkey on older computers. The user can choose to start either the KDE or Fluxbox desktops if they wish.
+
 
+
== See Also ==
+
 
+
* [[Live Forensic Toolkit]] - [http://masterkeylinux.com/index.php/lft]
+
  
 
== External Links ==
 
== External Links ==
 
+
* [http://www.cybercrime.gov/ Official web site]
* [http://masterkeylinux.com Masterkey Web Site]
+
* [http://masterkeylinux.com/community Masterkey Community Forum]
+
[[Category:Incident response tools]]
+

Revision as of 20:44, 9 November 2009

Information icon.png

Please help to improve this article by expanding it.
Further information might be found on the discussion page.

The Computer Crime and Intellectual Property Section of the United States Department of Justice (CCIPS) is responsible for implementing the Department's national strategies in combating computer and intellectual property crimes worldwide. The Computer Crime Initiative is a comprehensive program designed to combat electronic penetrations, data thefts, and cyberattacks on critical information systems. CCIPS prevents, investigates, and prosecutes computer crimes by working with other government agencies, the private sector, academic institutions, and foreign counterparts. Section attorneys work to improve the domestic and international infrastructure-legal, technological, and operational-to pursue network criminals most effectively. The Section's enforcement responsibilities against intellectual property crimes are similarly multi-faceted. Intellectual Property (IP) has become one of the principal U.S. economic engines, and the nation is a target of choice for thieves of material protected by copyright, trademark, or trade-secret designation. In pursuing all these goals, CCIPS attorneys regularly run complex investigations, resolve unique legal and investigative issues raised by emerging computer and telecommunications technologies; litigate cases; provide litigation support to other prosecutors; train federal, state, and local law enforcement personnel; comment on and propose legislation; and initiate and participate in international efforts to combat computer and intellectual property crime.

The Cybercrime lab is responsible for providing computer forensic and other technical support to CCIPS attorneys as it applies to implementing the Department's national strategies in combating computer and intellectual property crimes worldwide.

The Cybercrime lab supports the CCIPS comprehensive program designed to combat electronic penetrations, data thefts, and cyber attacks on critical information systems. The Cybercrime lab also provides technical support and training to improve the domestic and international infrastructure-legal, technological, and operational-to pursue network criminals most effectively. The Section's enforcement responsibilities against intellectual property crimes are similarly multi-faceted. Intellectual Property (IP) has become one of the principal U.S. economic engines, and the nation is a target of choice for thieves of material protected by copyright, trademark, or trade-secret designation.

External Links