ForensicsWiki will continue to operate as it has before and will not be shutting down. Thank you for your continued support of ForensicsWiki.

Difference between revisions of "Helix3 Pro"

From ForensicsWiki
Jump to: navigation, search
m
m
Line 38: Line 38:
 
== See Also ==
 
== See Also ==
  
Free version: [[Helix]]
+
Free version: [[Helix3]]
  
 
[[Category:Incident response tools]]
 
[[Category:Incident response tools]]

Revision as of 08:04, 18 September 2009

Helix3 Pro
Maintainer: e-fense
OS: Linux,Windows,Mac OS X
Genre: Live CD
License: GPL, others
Website: e-fense.com

Helix3 Pro is a Live CD built on top of Ubuntu. It focuses on incident response and computer forensics.

Tools Included

  • Live side for Mac OS X, Windows and Linux
  • A bootable forensically sound environment (based on Ubuntu)

Open source forensic tools include:

Other tools include:

Helix3 Pro Forensic Issues

Helix3 Pro has several major forensic issues that forensic examiners should be aware of:

  • Helix recovers ext3 filesystems during the boot process;
  • Media in some card readers and firewire devices can be automounted in r/w mode;
  • Live side may collect wrong uptime values from some Windows systems;
  • Live side has preliminary support for "foreign languages". For example, cyrillic characters are not supported in PDF reports; cyrillic characters in TXT reports are stored in both cp-1251 and Unicode encodings.

See Also

Free version: Helix3