Re: [sleuthkit-users] Tool announcement: Forensic Hash Database
Brought to you by:
carrier
Menu
▾
▴
Re: [sleuthkit-users] Tool announcement: Forensic Hash Database
|
From: Brian C. <ca...@sl...> - 2004-01-07 05:18:15
|
Matthias, This looks promising. Having a single database that can be updated will likely scale better than the current hfind method when using hash keeper (which has tons of small databases) and NSRL. BTW, I've added the "add-on" programs to the download sections of The Sleuth Kit and Autopsy. I included this one, the Indexing patch, the foremost patch, and the Unicode patch. If I forgot any, let me know. brian On Tuesday, January 6, 2004, at 04:42 PM, Matthias Hofherr wrote: > Hello list, > > I just finished the initial release of my new GPL project called > Forensic > Hash Database. The goal of the project is to combine the various > hashsum > sources (NIST NSRL, HashKeeper, KnownGood, Dan Farmer's hashsum archive > etc.) into a single RDBMS (relational database management system). > Currently, the database of choice is PostgreSQL, others may follow. > With an perl-based importer tool, the above mentioned sources may be > imported into the database. By applying a patch to The Sleuth Kit, > hfind > and sorter may be used in conjunction with the database. |
