|
|
| Line 1: |
Line 1: |
| − | {{Infobox_Software |
| + | VizSec is a conference for Security Visualization. |
| − | name = libewf |
| + | |
| − | maintainer = [[Joachim Metz]], [[David Loveall]] |
| + | |
| − | os = [[Linux]], [[FreeBSD]], [[NetBSD]], [[OpenBSD]], [[Mac OS X]], [[Windows]] |
| + | |
| − | genre = {{Disk imaging}} |
| + | |
| − | license = {{LGPL}} |
| + | |
| − | website = [http://libewf.sourceforge.net libewf.sourceforge.net] |
| + | |
| − | }}
| + | |
| | | | |
| − | The '''libewf''' package contains [[Linux]] based library and applications to read and write EnCase E0* and SMART s0* storage media bitstream copies.
| + | ==See Also== |
| − | | + | * [http://www.vizsec2010.org/ VizSec 2010] |
| − | It has been ported to other platforms like [[FreeBSD]] [[NetBSD]] [[OpenBSD]] [[Mac OS X]] and [[Windows]] as well.
| + | * [http://www.vizsec.org/vizsec-2009/ VizSec 2009] |
| − | | + | |
| − | == History == | + | |
| − | | + | |
| − | Libewf was created by [[Joachim Metz]] in 2006, while working for [http://en.hoffmannbv.nl/ Hoffmann Investigations].
| + | |
| − | | + | |
| − | Libewf is a rewrite of earlier work on the EnCase 4 file format by [[Michael Cohen]] part of [[PyFlag]] and the [http://www.asrdata.com/SMART/whitepaper.html Expert Witness Compression Format Specification] by [[Andrew Rosen]]. It has been updated to read and write EnCase version 1 to 6 E01 files and SMART s01 files (EWF files). Libewf has initiated an Extended EWF (EWF-X) specifications to bypass limitations on the format imposed by EnCase.
| + | |
| − | | + | |
| − | Currently libewf partially supports the EnCase L01 format but this functionality has been disabled.
| + | |
| − | | + | |
| − | In 2007 [[David Loveall]] contributed mount_ewf.py to the libewf project. This application allows a [[fuse]] based mount of the storage media data in the EWF files to be mounted.
| + | |
| − | | + | |
| − | == Tools ==
| + | |
| − | The '''libewf''' package contains the following tools:
| + | |
| − | * '''ewfacquire''' and '''ewfacquire''', which writes storage media data from a device handle EWF files.
| + | |
| − | * '''ewfexport''', which exports storage media data in a set of E01 or s01 files to raw (dd) format or a specific version of EWF files.
| + | |
| − | * '''ewfinfo''', which shows the metadata in EWF files.
| + | |
| − | * '''ewfverify''', which verifies the storage media data in EWF files.
| + | |
| − | * '''mount_ewf.py''', which allows the storage media data in a EWF files to be mounted.
| + | |
| − | | + | |
| − | [[Dennis Schreiber]] created a menu based interface for ewfacquirestream called pyEWF. However this seems currently not to be maintained.
| + | |
| − | | + | |
| − | == External Links ==
| + | |
| − | | + | |
| − | * [http://libewf.sourceforge.net libewf project site] | + | |
| − | * [https://www.uitwisselplatform.nl/projects/libewf/ old libewf project site]
| + | |
