Re: [sleuthkit-users] New Autopsy and The Sleuth Kit Releases
Brought to you by:
carrier
Menu
▾
▴
Re: [sleuthkit-users] New Autopsy and The Sleuth Kit Releases
|
From: Pasquale R. <pjr...@gm...> - 2018-05-29 02:38:14
|
<html><head></head><body lang="en-US" link="blue" vlink="purple" style="background-color: rgb(255, 255, 255); line-height: initial;"> <div style="width: 100%; font-size: initial; font-family: Calibri, 'Slate Pro', sans-serif, sans-serif; color: rgb(31, 73, 125); text-align: initial; background-color: rgb(255, 255, 255);">I am interested in and waiting for aff4 integration to use it.</div> <div style="width: 100%; font-size: initial; font-family: Calibri, 'Slate Pro', sans-serif, sans-serif; color: rgb(31, 73, 125); text-align: initial; background-color: rgb(255, 255, 255);"><br></div> <div style="font-size: initial; font-family: Calibri, 'Slate Pro', sans-serif, sans-serif; color: rgb(31, 73, 125); text-align: initial; background-color: rgb(255, 255, 255);"></div> <table width="100%" style="background-color:white;border-spacing:0px;"> <tbody><tr><td colspan="2" style="font-size: initial; text-align: initial; background-color: rgb(255, 255, 255);"> <div style="border-style: solid none none; border-top-color: rgb(181, 196, 223); border-top-width: 1pt; padding: 3pt 0in 0in; font-family: Tahoma, 'BB Alpha Sans', 'Slate Pro'; font-size: 10pt;"> <div><b>From: </b>Suman Beros</div><div><b>Sent: </b>Monday, May 28, 2018 9:38 PM</div><div><b>To: </b>'Adam Witt'; 'sleuthkit-users'</div><div><b>Subject: </b>Re: [sleuthkit-users] New Autopsy and The Sleuth Kit Releases</div></div></td></tr></tbody></table><div style="border-style: solid none none; border-top-color: rgb(186, 188, 209); border-top-width: 1pt; font-size: initial; text-align: initial; background-color: rgb(255, 255, 255);"></div><br><div id="_originalContent" style=""><meta http-equiv="Content-Type" content="text/html; charset=utf-8"><meta name="Generator" content="Microsoft Word 14 (filtered medium)"><style><!--
/* Font Definitions */
@font-face
{font-family:Calibri;
panose-1:2 15 5 2 2 2 4 3 2 4;}
@font-face
{font-family:Tahoma;
panose-1:2 11 6 4 3 5 4 4 2 4;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
{margin:0in;
margin-bottom:.0001pt;
font-size:12.0pt;
font-family:"Times New Roman","serif";}
a:link, span.MsoHyperlink
{mso-style-priority:99;
color:blue;
text-decoration:underline;}
a:visited, span.MsoHyperlinkFollowed
{mso-style-priority:99;
color:purple;
text-decoration:underline;}
span.hoenzb
{mso-style-name:hoenzb;}
span.EmailStyle18
{mso-style-type:personal-reply;
font-family:"Arial","sans-serif";
color:#0070C0;}
.MsoChpDefault
{mso-style-type:export-only;
font-family:"Calibri","sans-serif";}
@page WordSection1
{size:8.5in 11.0in;
margin:1.0in 1.0in 1.0in 1.0in;}
div.WordSection1
{page:WordSection1;}
--></style><!--[if gte mso 9]><xml>
<o:shapedefaults v:ext="edit" spidmax="1026" />
</xml><![endif]--><!--[if gte mso 9]><xml>
<o:shapelayout v:ext="edit">
<o:idmap v:ext="edit" data="1" />
</o:shapelayout></xml><![endif]--><div class="WordSection1"><p class="MsoNormal"><span style="font-family:"Arial","sans-serif";color:#0070C0">For me, Autopsy/AFF4 integration would be a significant additional reason to use Autopsy.<o:p></o:p></span></p><p class="MsoNormal"><span style="font-family:"Arial","sans-serif";color:#0070C0"><o:p> </o:p></span></p><p class="MsoNormal"><span style="font-family:"Arial","sans-serif";color:#0070C0">Best regards,<o:p></o:p></span></p><p class="MsoNormal"><span style="font-family:"Arial","sans-serif";color:#0070C0">Suman<o:p></o:p></span></p><p class="MsoNormal"><span style="font-family:"Arial","sans-serif";color:#0070C0"><o:p> </o:p></span></p><p class="MsoNormal"><span style="font-size:10.0pt;font-family:"Arial","sans-serif";color:#1F497D">--<o:p></o:p></span></p><p class="MsoNormal"><span style="font-size:10.0pt;font-family:"Arial","sans-serif";color:#1F497D">Suman Beros<o:p></o:p></span></p><p class="MsoNormal"><span style="font-size:10.0pt;font-family:"Arial","sans-serif";color:#1F497D">sb...@be...<o:p></o:p></span></p><p class="MsoNormal"><span style="font-family:"Arial","sans-serif";color:#0070C0"><o:p> </o:p></span></p><p class="MsoNormal"><span style="font-family:"Arial","sans-serif";color:#0070C0"><o:p> </o:p></span></p><p class="MsoNormal"><b><span style="font-size:10.0pt;font-family:"Tahoma","sans-serif"">From:</span></b><span style="font-size:10.0pt;font-family:"Tahoma","sans-serif""> Adam Witt [mailto:acc...@gm...] <br><b>Sent:</b> Friday, April 20, 2018 10:41<br><b>To:</b> sleuthkit-users<br><b>Subject:</b> Re: [sleuthkit-users] New Autopsy and The Sleuth Kit Releases<o:p></o:p></span></p><p class="MsoNormal"><o:p> </o:p></p><div><p class="MsoNormal">+1 I use AFF4 and would like to see it integrated into the project.<o:p></o:p></p><div><p class="MsoNormal"><o:p> </o:p></p></div><div><p class="MsoNormal">--<o:p></o:p></p></div><div><p class="MsoNormal">Adam<o:p></o:p></p></div></div><div><p class="MsoNormal"><o:p> </o:p></p><div><p class="MsoNormal">On Mon, Sep 25, 2017 at 7:16 PM, Brian Carrier <<a href="mailto:ca...@sl..." target="_blank">ca...@sl...</a>> wrote:<o:p></o:p></p><div><div><div><div><p class="MsoNormal" style="margin-bottom:12.0pt">Hi Hoyt,<o:p></o:p></p></div><p class="MsoNormal" style="margin-bottom:12.0pt">It is not scheduled to include it. We didn't get a chance to look at the code. We prioritize things based on user interest and we haven't received requests for it. <o:p></o:p></p></div><p class="MsoNormal" style="margin-bottom:12.0pt">Who here is using AFF4 or is waiting to use AFF4 until Autopsy/TSK incorporate it?<o:p></o:p></p></div><p class="MsoNormal" style="margin-bottom:12.0pt"><span class="hoenzb"><span style="color:#888888">brian</span></span><o:p></o:p></p></div><div><div><div><p class="MsoNormal"><o:p> </o:p></p><div><p class="MsoNormal">On Mon, Sep 25, 2017 at 11:34 AM, Hoyt Harness <<a href="mailto:hoy...@gm..." target="_blank">hoy...@gm...</a>> wrote:<o:p></o:p></p><div><p class="MsoNormal">I may have missed it, but will the upcoming Sleuth Kit release include the AFF4 patches? If not, is there any idea when we might see this? I apologize if I have indeed missed it.<o:p></o:p></p><div><p class="MsoNormal"><o:p> </o:p></p></div><div><p class="MsoNormal">Hoyt<o:p></o:p></p></div><div><p class="MsoNormal"><o:p> </o:p></p></div></div><div><div><div><p class="MsoNormal"><o:p> </o:p></p><div><p class="MsoNormal">On Fri, Sep 15, 2017 at 12:18 PM, Richard Cordovano <<a href="mailto:rco...@ba..." target="_blank">rco...@ba...</a>> wrote:<o:p></o:p></p><div><p class="MsoNormal">Scratch that, we have indeed decided to do a 4.5.0 release in early October.<o:p></o:p></p></div><div><div><div><p class="MsoNormal"><o:p> </o:p></p><div><p class="MsoNormal">On Fri, Sep 15, 2017 at 6:42 AM, <<a href="mailto:rco...@ba..." target="_blank">rco...@ba...</a>> wrote:<o:p></o:p></p><div><div><p class="MsoNormal">Slight clarification: SleuthKit 4.4.3 and Autopsy 4.5.0 in early October.<br><br>Sent from my iPhone<o:p></o:p></p></div><div><div><div><p class="MsoNormal" style="margin-bottom:12.0pt"><br>On Sep 14, 2017, at 11:06 PM, Brian Carrier <<a href="mailto:ca...@sl..." target="_blank">ca...@sl...</a>> wrote:<o:p></o:p></p></div><blockquote style="margin-top:5.0pt;margin-bottom:5.0pt"><div><div><p class="MsoNormal">We're looking to do a 4.5.0 release in early October (along with an Autopsy release). <o:p></o:p></p></div><div><p class="MsoNormal"><o:p> </o:p></p><div><p class="MsoNormal">On Thu, Sep 14, 2017 at 7:54 PM, Greg Freemyer <<a href="mailto:gre...@gm..." target="_blank">gre...@gm...</a>> wrote:<o:p></o:p></p><p class="MsoNormal">Brian,<br><br>As you know some CVE's came out after 4.4.2. Looking at the bug<br>tracker looks like you have them fixed.<br><br>Are you going to do a 4.4.3 soon, or as the openSUSE sleuthkit<br>maintainer, should I create appropriate patches to 4.4.2? Or do you<br>know if Redhat, Ubuntu, Mint has already done it?<br><br>Thanks<br>Greg<br>--<br>Greg Freemyer<br>Advances are made by answering questions. Discoveries are made by<br>questioning answers.<br>— Bernard Haisch<o:p></o:p></p><div><div><p class="MsoNormal"><br><br>On Wed, Aug 16, 2017 at 8:31 PM, Brian Carrier <<a href="mailto:ca...@sl..." target="_blank">ca...@sl...</a>> wrote:<br>> I forgot to announce last week that new releases are up.<br>><br>> Autopsy 4.4.1 includes:<br>><br>> Beta version of new central repository feature for correlating artifacts<br>> across cases; results are displayed using an Interesting Artifacts branch of<br>> the Interesting Items tree and an Other Data Sources content viewer. I'll<br>> post a blog post about using this later next week.<br>> Results viewer (top right area of desktop application) sorts are persistent<br>> and can be applied to either the table viewer or the thumbnail viewer.<br>> Assorted performance improvements, enhancements, and bug fixes.<br>><br>> Download here: <a href="http://sleuthkit.org/autopsy/download.php" target="_blank">http://sleuthkit.org/autopsy/download.php</a><br>><br>> The Sleuth Kit 4.4.2 includes:<br>><br>> usnjls tool for NTFS USN log (from noxdafox)<br>> Added index to mime type column in DB<br>> Use local SQLite3 if it exists (from uckelman-sf)<br>> Blackboard Artifacts have a shortDescription metho<br>> Fix for highest HFS+ inum lookup (from uckelman-sf)<br>> Fix ISO9660 crash<br>> various performance fixes and added thread safety checks<br>><br>> Download here: <a href="http://sleuthkit.org/sleuthkit/download.php" target="_blank">http://sleuthkit.org/sleuthkit/download.php</a><br>><br>> thanks,<br>> brian<br>><br>><o:p></o:p></p></div></div><p class="MsoNormal">> ------------------------------------------------------------------------------<br>> Check out the vibrant tech community on one of the world's most<br>> engaging tech sites, <a href="http://Slashdot.org" target="_blank">Slashdot.org</a>! <a href="http://sdm.link/slashdot" target="_blank">http://sdm.link/slashdot</a><br>> _______________________________________________<br>> sleuthkit-users mailing list<br>> <a href="https://lists.sourceforge.net/lists/listinfo/sleuthkit-users" target="_blank">https://lists.sourceforge.net/lists/listinfo/sleuthkit-users</a><br>> <a href="http://www.sleuthkit.org" target="_blank">http://www.sleuthkit.org</a><br>><o:p></o:p></p></div><p class="MsoNormal"><o:p> </o:p></p></div></div></blockquote><blockquote style="margin-top:5.0pt;margin-bottom:5.0pt"><div><p class="MsoNormal">------------------------------------------------------------------------------<br>Check out the vibrant tech community on one of the world's most<br>engaging tech sites, <a href="http://Slashdot.org" target="_blank">Slashdot.org</a>! <a href="http://sdm.link/slashdot" target="_blank">http://sdm.link/slashdot</a><o:p></o:p></p></div></blockquote><blockquote style="margin-top:5.0pt;margin-bottom:5.0pt"><div><p class="MsoNormal">_______________________________________________<br>sleuthkit-users mailing list<br><a href="https://lists.sourceforge.net/lists/listinfo/sleuthkit-users" target="_blank">https://lists.sourceforge.net/lists/listinfo/sleuthkit-users</a><br><a href="http://www.sleuthkit.org" target="_blank">http://www.sleuthkit.org</a><o:p></o:p></p></div></blockquote></div></div></div></div><p class="MsoNormal"><o:p> </o:p></p></div></div></div><p class="MsoNormal" style="margin-bottom:12.0pt"><br>------------------------------------------------------------------------------<br>Check out the vibrant tech community on one of the world's most<br>engaging tech sites, Slashdot.org! <a href="http://sdm.link/slashdot" target="_blank">http://sdm.link/slashdot</a><br>_______________________________________________<br>sleuthkit-users mailing list<br><a href="https://lists.sourceforge.net/lists/listinfo/sleuthkit-users" target="_blank">https://lists.sourceforge.net/lists/listinfo/sleuthkit-users</a><br><a href="http://www.sleuthkit.org" target="_blank">http://www.sleuthkit.org</a><o:p></o:p></p></div><p class="MsoNormal"><br><br clear="all"><o:p></o:p></p><div><p class="MsoNormal"><o:p> </o:p></p></div><p class="MsoNormal">-- <o:p></o:p></p></div></div><div><p class="MsoNormal">Hoyt<br>-----------------<br>There are 11 kinds of people - those who think binary jokes are funny, those who don't, ...and those who don't know binary.<o:p></o:p></p></div></div><p class="MsoNormal" style="margin-bottom:12.0pt"><br>------------------------------------------------------------------------------<br>Check out the vibrant tech community on one of the world's most<br>engaging tech sites, Slashdot.org! <a href="http://sdm.link/slashdot" target="_blank">http://sdm.link/slashdot</a><br>_______________________________________________<br>sleuthkit-users mailing list<br><a href="https://lists.sourceforge.net/lists/listinfo/sleuthkit-users" target="_blank">https://lists.sourceforge.net/lists/listinfo/sleuthkit-users</a><br><a href="http://www.sleuthkit.org" target="_blank">http://www.sleuthkit.org</a><o:p></o:p></p></div><p class="MsoNormal"><o:p> </o:p></p></div></div></div><p class="MsoNormal" style="margin-bottom:12.0pt"><br>------------------------------------------------------------------------------<br>Check out the vibrant tech community on one of the world's most<br>engaging tech sites, Slashdot.org! <a href="http://sdm.link/slashdot" target="_blank">http://sdm.link/slashdot</a><br>_______________________________________________<br>sleuthkit-users mailing list<br><a href="https://lists.sourceforge.net/lists/listinfo/sleuthkit-users" target="_blank">https://lists.sourceforge.net/lists/listinfo/sleuthkit-users</a><br><a href="http://www.sleuthkit.org" target="_blank">http://www.sleuthkit.org</a><o:p></o:p></p></div><p class="MsoNormal"><o:p> </o:p></p></div></div><br><!--end of _originalContent --></div></body></html>
|
