ANN: forensic acquisition utilities-1.0.0.1029(beta1) posted.

From: George M. Garner Jr. (gmgarnerat_private)
Date: Tue Apr 23 2002 - 13:09:46 PDT

Next message: Tom Trelvik: ""ls: File too large""

Previous message: Burnette, Michael: "Desktop files enumerated in windows user.dat?"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

The beta 1 release (build 1.0.0.1029) of the Forensic Acquisition
Utilities is available for download from
http://users.erols.com/gmgarner/forensics.  Follow this link for further
information and download instructions.

What is the Forensic Acquisition Utilities package?

This is a collection of utilities and libraries intended for forensic or
forensic-related investigative use in a modern Microsoft Windows
environment.  The components in this collection are intended to permit
the investigator to sterilize media for forensic duplication, discover
where logical volume information is located and to collect the evidence
from a running system while at the same time guaranteeing data integrity
(e.g. with a cryptographic checksum) and while minimizing changes to the
subject system.

What's included in the Forensic Acquisition Utilities package?

Included in this release are the following modules:

	1. dd.exe:  A modified version of the popular GNU dd utility
program
	2. md5lib.dll: A modified version of Ulrich Drepper's MD5
checksum implementation in Windows DLL format.
	3. md5sum.exe:  A modified version of Ulrich Drepper's MD5sum
utility.
	4. Volume_dump.exe: An original utility to dump volume
information 
	5. wipe.exe:  An original utility to sterilize media prior to
forensic duplication.
	6. zlibU.dll:  A modified version of Jean-loup Gailly and Mark
Adler's zlib library based on zlib-1.1.4.
	7. nc.exe:  A modified version of the netcat utility by Hobbit.
	8. getopt.dll:  An implementation of the POSIX getopt function
in a Windows DLL format.

What does this software require? 

This software requires Microsoft Windows 5.0 (Windows 2000) or later.
Versions of Microsoft Windows prior to Windows 2000 will not be
supported.  The software has been tested on Microsoft Windows 2000 Gold,
Microsoft Windows 2000 SP1, Microsoft Windows XP Gold and Microsoft .Net
Server Beta 3.

Where should I report bugs?

Report bugs to gmgarnerat_private


Regards,

George.



-----------------------------------------------------------------
This list is provided by the SecurityFocus ARIS analyzer service.
For more information on this free incident handling, management 
and tracking system please see: http://aris.securityfocus.com

Next message: Tom Trelvik: ""ls: File too large""
Previous message: Burnette, Michael: "Desktop files enumerated in windows user.dat?"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Tue Apr 23 2002 - 20:43:27 PDT