[sleuthkit-users] The Sleuth Kit 1.62 and Autopsy 1.72 Release
Brought to you by:
carrier
Menu
▾
▴
[sleuthkit-users] The Sleuth Kit 1.62 and Autopsy 1.72 Release
|
From: Brian C. <ca...@sl...> - 2003-06-10 06:32:16
|
The Sleuth Kit v1.62 and Autopsy v1.72 are now available. Overview: The Sleuth Kit has a few bug fixes and a few updates. Autopsy also has a few bug fixes and two new features. brian THE SLEUTH KIT 1.62 MD5: sleuthkit-1.62.tar.gz = 98947fb65b41aa5ba600422bd8390062 Updates: - Added the '-d' flag to 'mactime' to output the timeline in comma delimited format so that it can be imported into spread sheets for report generation or graphing. - 'mactime' can create summary index files in a daily or hourly basis. These are useful with the -d flag to import the summary files into a spread sheet and graph a histogram of activity. Bug Fixes: - In 'fsstat', the last group in an FFS file system could have reported an incorrect last fragment. - The last fragments in an FFS file system can be read when there are not enough fragments for the block. - The 'file' output is sanitized in 'sorter' to reduce UTF-8 messages. - 'sorter' now accepts linux-ext3 as a file system type. http://www.sleuthkit.org/sleuthkit/index.php http://sleuthkit.sourceforge.net/sleuthkit/index.php AUTOPSY 1.72 MD5: autopsy-1.72.tar.gz = f8a74270ced5c302c04b5f17f4643827 New Features / Updates: - The new Event Sequencer mode allows one to create time-based events for file activity and other logs. This allows one to easily sort a sequence of events during the investigation. - The results of keyword searches are saved to a file and can be quickly recalled. Bug Fixes: - calc_md5() would error if it was called more than once (Paul Bakker) - Added 'LANG=C LC_ALL=C' to sorter and mactime to reduce the UTF-8 warning messages (debugging help from Daniel Schwartzer). - The timeline view now allows multiple users for a UID (reported by Cathy Buckman). http://www.sleuthkit.org/autopsy/index.php http://sleuthkit.sourceforge.net/autopsy/index.php |
