Features:Forensics workstation/Data Recovery
Instantly deploy a forensics workstation with tct, tctutils, mac-robber, and autopsy
also provides perl 5.6.1 compiled with Large File Support.
Live System Incident Response
Binaries are available for Incident Response on a live machine.
Utilizing F-Prot 3.11beta http://www.f-prot.com you can scan for virii, worms, trojans, and all around harmful code.
Just mount the filesystems that you want to scan and execute 'f-prot . '
Any filesystem you can mount, you can scan. mount and scan fat/ntfs/ext2/ext3/reiserfs partitions
Scan your windows machines offline for virii that may not be detected with an "after the fact" anti-virus
I should NOT have to explain this portion:
If the tools you would like to use are not in the distribution please make a request!
Downloading version 0.3.5 is recommended.
Things I'm into:
The Deep Rants of William Salusky
Handler with The Internet Storm Center
Member of The Honeynet Project
Sleuthkit and Autopsy
Friends of FIRE:
History Store - The Aurora History Boutique
Feed the FIRE with donations!