Hey all. Or anyone who reads this for that matter. F.I.R.E isn't dead, just went silent for a little too long. The project team just doesn't have the same time to work on it as much as was available in the past. Have pretty much upgraded everything, added a bunch of new tools, added a bit more methodology and automation. But it's still not a tool for dummies. Would love to see FIRE get there, release coming soon. Just want to do a bunch of QA on it before pushing a crappy release.
Hey everyone, the SANS webcast was fun, and things have been busy. I promised I'd have something out by the 14th as I will be out of action for a while... taking a vacation and moving. This is an alpha release to show off the changes, which are tremendous if you are familiar under the hood, but I just didn't get as far as I'd liked with it before release. Some things are fixed, other things are still broken, and due to upgrades, a few things that were fine before are now broken! remember... I'm calling this an alpha release! but it's stable for it's intended purpose... Tools have been upgraded, etc... etc... etc.... I didn't get to incorporate ALL of the recent enhancement requests, but will do so once I get back online.... read more
FIRE will be presented as the topic of the May 2003 SANS WebCast.
Go sign up for it. http://www.sans.org/webcasts/050703.php
So FIRE has turned a year old, which I forgot. Been through alot with it, changed it's name... Learned alot. Screwed up alot. But in the end the improvements outweigh the trouble it's been. So without much fanfare... happy fireday to cd.
Sorry I haven't pushed any releases lately, I've lost a few hard drives recently. (Yes, I have backups), so things have been slow going. I expect to get back on track within the next few weeks, and should get something out there soon.
Check out the latest FIRE release in the files section.
2.4.19 kernel, more module support, new and upgraded apps, improved boot speed and X render time. I... LIKE it!
After spending the last week at the FACT conference http://www.byteoutofcrime.org , have made many enhancements, but as always will NEVER be finished. Can't wait to get this one out there for everyone to test out.
Things are moving right along with v0.2.1b, (not sure when I'll be ready to release though) kind of focusing on interface enhancements and feature automation. added some new tools, and TRYING to get license approval to distribute some windows binaries for Incident Response. Having trouble with pty/tty control when executing processes from blackbox X right click menus... and more importantly I still do not have a solution to enable cut/paste via mouse!!! No I can't seem to enable 3ButtonMouse support in the XVFB implementation. If anyone knows how to enable cut/paste programmatically/etc... please provide details... I can then automate it via bbkeys.... read more
I've pushed the first release since renaming the project. Lots of improvements mostly coming out of work done at the Digital Forensic Research Workshop http://www.dfrws.org .
Most significant is the near full automation of task/Autopsy setup to allow immediate (local or remote) forensic analysis of local drives (thanks to Brian Carrier for helping me on this).
Addition of many tools, version upgrades, etc..
Enabled the image to load entirely into RAMDISK for speedier response. etc... try it... you'll like it... read more
Thanks to Mark (fat) for pointing out and providing corrections and updates to the package listing for FIRE! I've also been busy adding tools as well.
After spending last week at the Digital Forensic Research Workshop in Syracuse NY - http://www.dfrws.org , have finally come to the logical conclusion that the project name had to change. It will now be distributed as F.I.R.E, the Forensic and Incident Response Environment.
thanks to Dave Dittrich and Brian Carrier for assistance.
The distribution made some significant improvements over the last week as well. Brian Carrier showed me some things about Autopsy that I wasn't aware of (i.e. pointing Autopsy to raw devices!!!) so the cd is a great way to try out task and Autopsy.... read more
BiatchUX-Lite version .0.1.0.7a-45 has been released. Quite a few items have been fixed and many new items have been added.
A listing of tools available through biatchux is starting to be compiled. Visit http://biatchux.dmzs.com/?section=tools for more information.
Good news... PCMCIA and wireless support seems to be working in my development versions(not released yet), but it will be a while before I can figure out why I'm not building successful wlan-ng support for prism cards to enable monitor modes.
Biatchux and new BiatchuxLite v.0.1.0.6b released
Cool changes, added lots of tools, including a new forensic tool previously unreleased to the public ("foremost").
Thanks to VMware Inc, http://www.vmware.com for the donation of a few licenses to facilitate our development of Biatchux!
I'm expecting to release v.0.1.0.6b of Biatchux next week some time, which should include many new items.
Bug fixes, LOTS of new tools, possibly some brand new (previously unreleased) tools for the for forensic community, Added/Improved procedures in forensic methodology.
Full Audit logging.
New features release! Remote vnc console, cramfs, and more!!
Notes: Some things are still broken, but hey... it's beta... test it for me. Coolest thing for me about this release was finding cramfs! And I'm totally into the Xvnc remote session... lots of neat little features in this one... you'll have to find em for yourself though... my docs aren't complete. NOTE: SourceForge has file size wrong..~60M dl...... read more
A development mailing list has been created, join and participate so we can ensure to have all the features you need/want in Biatchux!
Help us determine what we need to work on with Biatchux. http://sourceforge.net/survey/?group_id=46038
We are finally getting to the minor details on the project. Our new web page is now getting together and can also be found though sponsor companies domain: http://biatchux.dmzs.com
02-12-2002 - First Beta Release available