ForensicsWiki will continue to operate as it has before and will not be shutting down. Thank you for your continued support of ForensicsWiki.

Difference between pages "Libewf" and "VizSec"

From ForensicsWiki
(Difference between pages)
Jump to: navigation, search
m
 
m (Created page with "VizSec is a conference for Security Visualization. ==See Also== * [http://www.vizsec2010.org/ VizSec 2010] * [http://www.vizsec.org/vizsec-2009/ VizSec 2009]")
 
Line 1: Line 1:
{{Infobox_Software |
+
VizSec is a conference for Security Visualization.
  name = libewf |
+
  maintainer = [[Joachim Metz]], [[David Loveall]] |
+
  os = [[Linux]], [[FreeBSD]], [[NetBSD]], [[OpenBSD]], [[Mac OS X]], [[Windows]] |
+
  genre = {{Disk imaging}} |
+
  license = {{LGPL}} |
+
  website = [http://libewf.sourceforge.net libewf.sourceforge.net] |
+
}}
+
  
The '''libewf''' package contains [[Linux]] based library and applications to read and write EnCase E0* and SMART s0* storage media bitstream copies.
+
==See Also==
 
+
* [http://www.vizsec2010.org/ VizSec 2010]
It has been ported to other platforms like [[FreeBSD]] [[NetBSD]] [[OpenBSD]] [[Mac OS X]] and [[Windows]] as well.
+
* [http://www.vizsec.org/vizsec-2009/ VizSec 2009]
 
+
== History ==  
+
 
+
Libewf was created by [[Joachim Metz]] in 2006, while working for [http://en.hoffmannbv.nl/ Hoffmann Investigations].
+
 
+
Libewf is a rewrite of earlier work on the EnCase 4 file format by [[Michael Cohen]] part of [[PyFlag]] and the [http://www.asrdata.com/SMART/whitepaper.html Expert Witness Compression Format Specification] by [[Andrew Rosen]]. It has been updated to read and write EnCase version 1 to 6 E01 files and SMART s01 files (EWF files). Libewf has initiated an Extended EWF (EWF-X) specifications to bypass limitations on the format imposed by EnCase.
+
 
+
Currently libewf partially supports the EnCase L01 format but this functionality has been disabled.
+
 
+
In 2007 [[David Loveall]] contributed mount_ewf.py to the libewf project. This application allows a [[fuse]] based mount of the storage media data in the EWF files to be mounted.
+
 
+
== Tools ==
+
The '''libewf''' package contains the following tools:
+
* '''ewfacquire''' and '''ewfacquire''', which writes storage media data from a device handle EWF files.
+
* '''ewfexport''', which exports storage media data in a set of E01 or s01 files to raw (dd) format or a specific version of EWF files.
+
* '''ewfinfo''', which shows the metadata in EWF files.
+
* '''ewfverify''', which verifies the storage media data in EWF files.
+
* '''mount_ewf.py''', which allows the storage media data in a EWF files to be mounted.
+
 
+
[[Dennis Schreiber]] created a menu based interface for ewfacquirestream called pyEWF. However this seems currently not to be maintained.
+
 
+
== External Links ==
+
 
+
* [http://libewf.sourceforge.net libewf project site]
+
* [https://www.uitwisselplatform.nl/projects/libewf/ old libewf project site]
+

Revision as of 02:08, 18 July 2011

VizSec is a conference for Security Visualization.

See Also