Difference between pages "Libewf" and "VizSec"

From ForensicsWiki
(Difference between pages)
Jump to: navigation, search
m
 
m (Created page with "VizSec is a conference for Security Visualization. ==See Also== * [http://www.vizsec2010.org/ VizSec 2010] * [http://www.vizsec.org/vizsec-2009/ VizSec 2009]")
 
Line 1: Line 1:
{{Infobox_Software |
+
VizSec is a conference for Security Visualization.
  name = libewf |
+
  maintainer = [[Joachim Metz]], [[David Loveall]] |
+
  os = [[Linux]], [[FreeBSD]], [[NetBSD]], [[OpenBSD]], [[Mac OS X]], [[Windows]] |
+
  genre = {{Disk imaging}} |
+
  license = {{LGPL}} |
+
  website = [http://libewf.sourceforge.net libewf.sourceforge.net] |
+
}}
+
  
The '''libewf''' package contains [[Linux]] based library and applications to read and write EnCase E0* and SMART s0* storage media bitstream copies.
+
==See Also==
 
+
* [http://www.vizsec2010.org/ VizSec 2010]
It has been ported to other platforms like [[FreeBSD]] [[NetBSD]] [[OpenBSD]] [[Mac OS X]] and [[Windows]] as well.
+
* [http://www.vizsec.org/vizsec-2009/ VizSec 2009]
 
+
== History ==  
+
 
+
Libewf was created by [[Joachim Metz]] in 2006, while working for [http://en.hoffmannbv.nl/ Hoffmann Investigations].
+
 
+
Libewf is a rewrite of earlier work on the EnCase 4 file format by [[Michael Cohen]] part of [[PyFlag]] and the [http://www.asrdata.com/SMART/whitepaper.html Expert Witness Compression Format Specification] by [[Andrew Rosen]]. It has been updated to read and write EnCase version 1 to 6 E01 files and SMART s01 files (EWF files). Libewf has initiated an Extended EWF (EWF-X) specifications to bypass limitations on the format imposed by EnCase.
+
 
+
Currently libewf partially supports the EnCase L01 format but this functionality has been disabled.
+
 
+
In 2007 [[David Loveall]] contributed mount_ewf.py to the libewf project. This application allows a [[fuse]] based mount of the storage media data in the EWF files to be mounted.
+
 
+
== Tools ==
+
The '''libewf''' package contains the following tools:
+
* '''ewfacquire''' and '''ewfacquire''', which writes storage media data from a device handle EWF files.
+
* '''ewfexport''', which exports storage media data in a set of E01 or s01 files to raw (dd) format or a specific version of EWF files.
+
* '''ewfinfo''', which shows the metadata in EWF files.
+
* '''ewfverify''', which verifies the storage media data in EWF files.
+
* '''mount_ewf.py''', which allows the storage media data in a EWF files to be mounted.
+
 
+
[[Dennis Schreiber]] created a menu based interface for ewfacquirestream called pyEWF. However this seems currently not to be maintained.
+
 
+
== External Links ==
+
 
+
* [http://libewf.sourceforge.net libewf project site]
+
* [https://www.uitwisselplatform.nl/projects/libewf/ old libewf project site]
+

Revision as of 21:08, 17 July 2011

VizSec is a conference for Security Visualization.

See Also