sleuthkit-users

[sleuthkit-users] New Autopsy and The Sleuth Kit Releases

[Brian C. <ca...@sl...>]

I forgot to announce last week that new releases are up.

Autopsy 4.4.1 includes:

   - Beta version of new central repository feature for correlating
   artifacts across cases; results are displayed using an Interesting
   Artifacts branch of the Interesting Items tree and an Other Data Sources
   content viewer. I'll post a blog post about using this later next week.
   - Results viewer (top right area of desktop application) sorts are
   persistent and can be applied to either the table viewer or the thumbnail
   viewer.
   - Assorted performance improvements, enhancements, and bug fixes.

Download here: http://sleuthkit.org/autopsy/download.php

The Sleuth Kit 4.4.2 includes:

   - usnjls tool for NTFS USN log (from noxdafox)
   - Added index to mime type column in DB
   - Use local SQLite3 if it exists (from uckelman-sf)
   - Blackboard Artifacts have a shortDescription metho
   - Fix for highest HFS+ inum lookup (from uckelman-sf)
   - Fix ISO9660 crash
   - various performance fixes and added thread safety checks

Download here: http://sleuthkit.org/sleuthkit/download.php

thanks,
brian

Re: [sleuthkit-users] New Autopsy and The Sleuth Kit Releases

[Greg F. <gre...@gm...>]

Brian,

As you know some CVE's came out after 4.4.2.  Looking at the bug
tracker looks like you have them fixed.

Are you going to do a 4.4.3 soon, or as the openSUSE sleuthkit
maintainer, should I create appropriate patches to 4.4.2?  Or do you
know if Redhat, Ubuntu, Mint has already done it?

Thanks
Greg
--
Greg Freemyer
Advances are made by answering questions. Discoveries are made by
questioning answers.
— Bernard Haisch


On Wed, Aug 16, 2017 at 8:31 PM, Brian Carrier <ca...@sl...> wrote:
> I forgot to announce last week that new releases are up.
>
> Autopsy 4.4.1 includes:
>
> Beta version of new central repository feature for correlating artifacts
> across cases; results are displayed using an Interesting Artifacts branch of
> the Interesting Items tree and an Other Data Sources content viewer. I'll
> post a blog post about using this later next week.
> Results viewer (top right area of desktop application) sorts are persistent
> and can be applied to either the table viewer or the thumbnail viewer.
> Assorted performance improvements, enhancements, and bug fixes.
>
> Download here: http://sleuthkit.org/autopsy/download.php
>
> The Sleuth Kit 4.4.2 includes:
>
> usnjls tool for NTFS USN log (from noxdafox)
> Added index to mime type column in DB
> Use local SQLite3 if it exists (from uckelman-sf)
> Blackboard Artifacts have a shortDescription metho
> Fix for highest HFS+ inum lookup (from uckelman-sf)
> Fix ISO9660 crash
> various performance fixes and added thread safety checks
>
> Download here: http://sleuthkit.org/sleuthkit/download.php
>
> thanks,
> brian
>
>
> ------------------------------------------------------------------------------
> Check out the vibrant tech community on one of the world's most
> engaging tech sites, Slashdot.org! http://sdm.link/slashdot
> _______________________________________________
> sleuthkit-users mailing list
> https://lists.sourceforge.net/lists/listinfo/sleuthkit-users
> http://www.sleuthkit.org
>

Re: [sleuthkit-users] New Autopsy and The Sleuth Kit Releases

[Brian C. <ca...@sl...>]

We're looking to do a 4.5.0 release in early October (along with an Autopsy
release).

On Thu, Sep 14, 2017 at 7:54 PM, Greg Freemyer <gre...@gm...>
wrote:

> Brian,
>
> As you know some CVE's came out after 4.4.2.  Looking at the bug
> tracker looks like you have them fixed.
>
> Are you going to do a 4.4.3 soon, or as the openSUSE sleuthkit
> maintainer, should I create appropriate patches to 4.4.2?  Or do you
> know if Redhat, Ubuntu, Mint has already done it?
>
> Thanks
> Greg
> --
> Greg Freemyer
> Advances are made by answering questions. Discoveries are made by
> questioning answers.
> — Bernard Haisch
>
>
> On Wed, Aug 16, 2017 at 8:31 PM, Brian Carrier <ca...@sl...>
> wrote:
> > I forgot to announce last week that new releases are up.
> >
> > Autopsy 4.4.1 includes:
> >
> > Beta version of new central repository feature for correlating artifacts
> > across cases; results are displayed using an Interesting Artifacts
> branch of
> > the Interesting Items tree and an Other Data Sources content viewer. I'll
> > post a blog post about using this later next week.
> > Results viewer (top right area of desktop application) sorts are
> persistent
> > and can be applied to either the table viewer or the thumbnail viewer.
> > Assorted performance improvements, enhancements, and bug fixes.
> >
> > Download here: http://sleuthkit.org/autopsy/download.php
> >
> > The Sleuth Kit 4.4.2 includes:
> >
> > usnjls tool for NTFS USN log (from noxdafox)
> > Added index to mime type column in DB
> > Use local SQLite3 if it exists (from uckelman-sf)
> > Blackboard Artifacts have a shortDescription metho
> > Fix for highest HFS+ inum lookup (from uckelman-sf)
> > Fix ISO9660 crash
> > various performance fixes and added thread safety checks
> >
> > Download here: http://sleuthkit.org/sleuthkit/download.php
> >
> > thanks,
> > brian
> >
> >
> > ------------------------------------------------------------
> ------------------
> > Check out the vibrant tech community on one of the world's most
> > engaging tech sites, Slashdot.org! http://sdm.link/slashdot
> > _______________________________________________
> > sleuthkit-users mailing list
> > https://lists.sourceforge.net/lists/listinfo/sleuthkit-users
> > http://www.sleuthkit.org
> >
>

Re: [sleuthkit-users] New Autopsy and The Sleuth Kit Releases

[<rco...@ba...>]

Slight clarification: SleuthKit 4.4.3 and Autopsy 4.5.0 in early October.

Sent from my iPhone

> On Sep 14, 2017, at 11:06 PM, Brian Carrier <ca...@sl...> wrote:
> 
> We're looking to do a 4.5.0 release in early October (along with an Autopsy release). 
> 
>> On Thu, Sep 14, 2017 at 7:54 PM, Greg Freemyer <gre...@gm...> wrote:
>> Brian,
>> 
>> As you know some CVE's came out after 4.4.2.  Looking at the bug
>> tracker looks like you have them fixed.
>> 
>> Are you going to do a 4.4.3 soon, or as the openSUSE sleuthkit
>> maintainer, should I create appropriate patches to 4.4.2?  Or do you
>> know if Redhat, Ubuntu, Mint has already done it?
>> 
>> Thanks
>> Greg
>> --
>> Greg Freemyer
>> Advances are made by answering questions. Discoveries are made by
>> questioning answers.
>> — Bernard Haisch
>> 
>> 
>> On Wed, Aug 16, 2017 at 8:31 PM, Brian Carrier <ca...@sl...> wrote:
>> > I forgot to announce last week that new releases are up.
>> >
>> > Autopsy 4.4.1 includes:
>> >
>> > Beta version of new central repository feature for correlating artifacts
>> > across cases; results are displayed using an Interesting Artifacts branch of
>> > the Interesting Items tree and an Other Data Sources content viewer. I'll
>> > post a blog post about using this later next week.
>> > Results viewer (top right area of desktop application) sorts are persistent
>> > and can be applied to either the table viewer or the thumbnail viewer.
>> > Assorted performance improvements, enhancements, and bug fixes.
>> >
>> > Download here: http://sleuthkit.org/autopsy/download.php
>> >
>> > The Sleuth Kit 4.4.2 includes:
>> >
>> > usnjls tool for NTFS USN log (from noxdafox)
>> > Added index to mime type column in DB
>> > Use local SQLite3 if it exists (from uckelman-sf)
>> > Blackboard Artifacts have a shortDescription metho
>> > Fix for highest HFS+ inum lookup (from uckelman-sf)
>> > Fix ISO9660 crash
>> > various performance fixes and added thread safety checks
>> >
>> > Download here: http://sleuthkit.org/sleuthkit/download.php
>> >
>> > thanks,
>> > brian
>> >
>> >
>> > ------------------------------------------------------------------------------
>> > Check out the vibrant tech community on one of the world's most
>> > engaging tech sites, Slashdot.org! http://sdm.link/slashdot
>> > _______________________________________________
>> > sleuthkit-users mailing list
>> > https://lists.sourceforge.net/lists/listinfo/sleuthkit-users
>> > http://www.sleuthkit.org
>> >
> 
> ------------------------------------------------------------------------------
> Check out the vibrant tech community on one of the world's most
> engaging tech sites, Slashdot.org! http://sdm.link/slashdot
> _______________________________________________
> sleuthkit-users mailing list
> https://lists.sourceforge.net/lists/listinfo/sleuthkit-users
> http://www.sleuthkit.org

Re: [sleuthkit-users] New Autopsy and The Sleuth Kit Releases

[Richard C. <rco...@ba...>]

Scratch that, we have indeed decided to do a 4.5.0 release in early October.

On Fri, Sep 15, 2017 at 6:42 AM, <rco...@ba...> wrote:

> Slight clarification: SleuthKit 4.4.3 and Autopsy 4.5.0 in early October.
>
> Sent from my iPhone
>
> On Sep 14, 2017, at 11:06 PM, Brian Carrier <ca...@sl...> wrote:
>
> We're looking to do a 4.5.0 release in early October (along with an
> Autopsy release).
>
> On Thu, Sep 14, 2017 at 7:54 PM, Greg Freemyer <gre...@gm...>
> wrote:
>
>> Brian,
>>
>> As you know some CVE's came out after 4.4.2.  Looking at the bug
>> tracker looks like you have them fixed.
>>
>> Are you going to do a 4.4.3 soon, or as the openSUSE sleuthkit
>> maintainer, should I create appropriate patches to 4.4.2?  Or do you
>> know if Redhat, Ubuntu, Mint has already done it?
>>
>> Thanks
>> Greg
>> --
>> Greg Freemyer
>> Advances are made by answering questions. Discoveries are made by
>> questioning answers.
>> — Bernard Haisch
>>
>>
>> On Wed, Aug 16, 2017 at 8:31 PM, Brian Carrier <ca...@sl...>
>> wrote:
>> > I forgot to announce last week that new releases are up.
>> >
>> > Autopsy 4.4.1 includes:
>> >
>> > Beta version of new central repository feature for correlating artifacts
>> > across cases; results are displayed using an Interesting Artifacts
>> branch of
>> > the Interesting Items tree and an Other Data Sources content viewer.
>> I'll
>> > post a blog post about using this later next week.
>> > Results viewer (top right area of desktop application) sorts are
>> persistent
>> > and can be applied to either the table viewer or the thumbnail viewer.
>> > Assorted performance improvements, enhancements, and bug fixes.
>> >
>> > Download here: http://sleuthkit.org/autopsy/download.php
>> >
>> > The Sleuth Kit 4.4.2 includes:
>> >
>> > usnjls tool for NTFS USN log (from noxdafox)
>> > Added index to mime type column in DB
>> > Use local SQLite3 if it exists (from uckelman-sf)
>> > Blackboard Artifacts have a shortDescription metho
>> > Fix for highest HFS+ inum lookup (from uckelman-sf)
>> > Fix ISO9660 crash
>> > various performance fixes and added thread safety checks
>> >
>> > Download here: http://sleuthkit.org/sleuthkit/download.php
>> >
>> > thanks,
>> > brian
>> >
>> >
>> > ------------------------------------------------------------
>> ------------------
>> > Check out the vibrant tech community on one of the world's most
>> > engaging tech sites, Slashdot.org! http://sdm.link/slashdot
>> > _______________________________________________
>> > sleuthkit-users mailing list
>> > https://lists.sourceforge.net/lists/listinfo/sleuthkit-users
>> > http://www.sleuthkit.org
>> >
>>
>
> ------------------------------------------------------------
> ------------------
> Check out the vibrant tech community on one of the world's most
> engaging tech sites, Slashdot.org! http://sdm.link/slashdot
>
> _______________________________________________
> sleuthkit-users mailing list
> https://lists.sourceforge.net/lists/listinfo/sleuthkit-users
> http://www.sleuthkit.org
>
>

Re: [sleuthkit-users] New Autopsy and The Sleuth Kit Releases

[Hoyt H. <hoy...@gm...>]

I may have missed it, but will the upcoming Sleuth Kit release include the
AFF4 patches? If not, is there any idea when we might see this? I apologize
if I have indeed missed it.

Hoyt


On Fri, Sep 15, 2017 at 12:18 PM, Richard Cordovano <
rco...@ba...> wrote:

> Scratch that, we have indeed decided to do a 4.5.0 release in early
> October.
>
> On Fri, Sep 15, 2017 at 6:42 AM, <rco...@ba...> wrote:
>
>> Slight clarification: SleuthKit 4.4.3 and Autopsy 4.5.0 in early October.
>>
>> Sent from my iPhone
>>
>> On Sep 14, 2017, at 11:06 PM, Brian Carrier <ca...@sl...>
>> wrote:
>>
>> We're looking to do a 4.5.0 release in early October (along with an
>> Autopsy release).
>>
>> On Thu, Sep 14, 2017 at 7:54 PM, Greg Freemyer <gre...@gm...>
>> wrote:
>>
>>> Brian,
>>>
>>> As you know some CVE's came out after 4.4.2.  Looking at the bug
>>> tracker looks like you have them fixed.
>>>
>>> Are you going to do a 4.4.3 soon, or as the openSUSE sleuthkit
>>> maintainer, should I create appropriate patches to 4.4.2?  Or do you
>>> know if Redhat, Ubuntu, Mint has already done it?
>>>
>>> Thanks
>>> Greg
>>> --
>>> Greg Freemyer
>>> Advances are made by answering questions. Discoveries are made by
>>> questioning answers.
>>> — Bernard Haisch
>>>
>>>
>>> On Wed, Aug 16, 2017 at 8:31 PM, Brian Carrier <ca...@sl...>
>>> wrote:
>>> > I forgot to announce last week that new releases are up.
>>> >
>>> > Autopsy 4.4.1 includes:
>>> >
>>> > Beta version of new central repository feature for correlating
>>> artifacts
>>> > across cases; results are displayed using an Interesting Artifacts
>>> branch of
>>> > the Interesting Items tree and an Other Data Sources content viewer.
>>> I'll
>>> > post a blog post about using this later next week.
>>> > Results viewer (top right area of desktop application) sorts are
>>> persistent
>>> > and can be applied to either the table viewer or the thumbnail viewer.
>>> > Assorted performance improvements, enhancements, and bug fixes.
>>> >
>>> > Download here: http://sleuthkit.org/autopsy/download.php
>>> >
>>> > The Sleuth Kit 4.4.2 includes:
>>> >
>>> > usnjls tool for NTFS USN log (from noxdafox)
>>> > Added index to mime type column in DB
>>> > Use local SQLite3 if it exists (from uckelman-sf)
>>> > Blackboard Artifacts have a shortDescription metho
>>> > Fix for highest HFS+ inum lookup (from uckelman-sf)
>>> > Fix ISO9660 crash
>>> > various performance fixes and added thread safety checks
>>> >
>>> > Download here: http://sleuthkit.org/sleuthkit/download.php
>>> >
>>> > thanks,
>>> > brian
>>> >
>>> >
>>> > ------------------------------------------------------------
>>> ------------------
>>> > Check out the vibrant tech community on one of the world's most
>>> > engaging tech sites, Slashdot.org! http://sdm.link/slashdot
>>> > _______________________________________________
>>> > sleuthkit-users mailing list
>>> > https://lists.sourceforge.net/lists/listinfo/sleuthkit-users
>>> > http://www.sleuthkit.org
>>> >
>>>
>>
>> ------------------------------------------------------------
>> ------------------
>> Check out the vibrant tech community on one of the world's most
>> engaging tech sites, Slashdot.org! http://sdm.link/slashdot
>>
>> _______________________________________________
>> sleuthkit-users mailing list
>> https://lists.sourceforge.net/lists/listinfo/sleuthkit-users
>> http://www.sleuthkit.org
>>
>>
>
> ------------------------------------------------------------
> ------------------
> Check out the vibrant tech community on one of the world's most
> engaging tech sites, Slashdot.org! http://sdm.link/slashdot
> _______________________________________________
> sleuthkit-users mailing list
> https://lists.sourceforge.net/lists/listinfo/sleuthkit-users
> http://www.sleuthkit.org
>
>


-- 
Hoyt
-----------------
There are 11 kinds of people - those who think binary jokes are funny,
those who don't, ...and those who don't know binary.

Re: [sleuthkit-users] New Autopsy and The Sleuth Kit Releases

[Brian C. <ca...@sl...>]

Hi Hoyt,

It is not scheduled to include it.  We didn't get a chance to look at the
code.  We prioritize things based on user interest and we haven't received
requests for it.

Who here is using AFF4 or is waiting to use AFF4 until Autopsy/TSK
incorporate it?

brian


On Mon, Sep 25, 2017 at 11:34 AM, Hoyt Harness <hoy...@gm...>
wrote:

> I may have missed it, but will the upcoming Sleuth Kit release include the
> AFF4 patches? If not, is there any idea when we might see this? I apologize
> if I have indeed missed it.
>
> Hoyt
>
>
> On Fri, Sep 15, 2017 at 12:18 PM, Richard Cordovano <
> rco...@ba...> wrote:
>
>> Scratch that, we have indeed decided to do a 4.5.0 release in early
>> October.
>>
>> On Fri, Sep 15, 2017 at 6:42 AM, <rco...@ba...> wrote:
>>
>>> Slight clarification: SleuthKit 4.4.3 and Autopsy 4.5.0 in early October.
>>>
>>> Sent from my iPhone
>>>
>>> On Sep 14, 2017, at 11:06 PM, Brian Carrier <ca...@sl...>
>>> wrote:
>>>
>>> We're looking to do a 4.5.0 release in early October (along with an
>>> Autopsy release).
>>>
>>> On Thu, Sep 14, 2017 at 7:54 PM, Greg Freemyer <gre...@gm...>
>>> wrote:
>>>
>>>> Brian,
>>>>
>>>> As you know some CVE's came out after 4.4.2.  Looking at the bug
>>>> tracker looks like you have them fixed.
>>>>
>>>> Are you going to do a 4.4.3 soon, or as the openSUSE sleuthkit
>>>> maintainer, should I create appropriate patches to 4.4.2?  Or do you
>>>> know if Redhat, Ubuntu, Mint has already done it?
>>>>
>>>> Thanks
>>>> Greg
>>>> --
>>>> Greg Freemyer
>>>> Advances are made by answering questions. Discoveries are made by
>>>> questioning answers.
>>>> — Bernard Haisch
>>>>
>>>>
>>>> On Wed, Aug 16, 2017 at 8:31 PM, Brian Carrier <ca...@sl...>
>>>> wrote:
>>>> > I forgot to announce last week that new releases are up.
>>>> >
>>>> > Autopsy 4.4.1 includes:
>>>> >
>>>> > Beta version of new central repository feature for correlating
>>>> artifacts
>>>> > across cases; results are displayed using an Interesting Artifacts
>>>> branch of
>>>> > the Interesting Items tree and an Other Data Sources content viewer.
>>>> I'll
>>>> > post a blog post about using this later next week.
>>>> > Results viewer (top right area of desktop application) sorts are
>>>> persistent
>>>> > and can be applied to either the table viewer or the thumbnail viewer.
>>>> > Assorted performance improvements, enhancements, and bug fixes.
>>>> >
>>>> > Download here: http://sleuthkit.org/autopsy/download.php
>>>> >
>>>> > The Sleuth Kit 4.4.2 includes:
>>>> >
>>>> > usnjls tool for NTFS USN log (from noxdafox)
>>>> > Added index to mime type column in DB
>>>> > Use local SQLite3 if it exists (from uckelman-sf)
>>>> > Blackboard Artifacts have a shortDescription metho
>>>> > Fix for highest HFS+ inum lookup (from uckelman-sf)
>>>> > Fix ISO9660 crash
>>>> > various performance fixes and added thread safety checks
>>>> >
>>>> > Download here: http://sleuthkit.org/sleuthkit/download.php
>>>> >
>>>> > thanks,
>>>> > brian
>>>> >
>>>> >
>>>> > ------------------------------------------------------------
>>>> ------------------
>>>> > Check out the vibrant tech community on one of the world's most
>>>> > engaging tech sites, Slashdot.org! http://sdm.link/slashdot
>>>> > _______________________________________________
>>>> > sleuthkit-users mailing list
>>>> > https://lists.sourceforge.net/lists/listinfo/sleuthkit-users
>>>> > http://www.sleuthkit.org
>>>> >
>>>>
>>>
>>> ------------------------------------------------------------
>>> ------------------
>>> Check out the vibrant tech community on one of the world's most
>>> engaging tech sites, Slashdot.org! http://sdm.link/slashdot
>>>
>>> _______________________________________________
>>> sleuthkit-users mailing list
>>> https://lists.sourceforge.net/lists/listinfo/sleuthkit-users
>>> http://www.sleuthkit.org
>>>
>>>
>>
>> ------------------------------------------------------------
>> ------------------
>> Check out the vibrant tech community on one of the world's most
>> engaging tech sites, Slashdot.org! http://sdm.link/slashdot
>> _______________________________________________
>> sleuthkit-users mailing list
>> https://lists.sourceforge.net/lists/listinfo/sleuthkit-users
>> http://www.sleuthkit.org
>>
>>
>
>
> --
> Hoyt
> -----------------
> There are 11 kinds of people - those who think binary jokes are funny,
> those who don't, ...and those who don't know binary.
>
> ------------------------------------------------------------
> ------------------
> Check out the vibrant tech community on one of the world's most
> engaging tech sites, Slashdot.org! http://sdm.link/slashdot
> _______________________________________________
> sleuthkit-users mailing list
> https://lists.sourceforge.net/lists/listinfo/sleuthkit-users
> http://www.sleuthkit.org
>
>

Re: [sleuthkit-users] New Autopsy and The Sleuth Kit Releases

[Adam W. <acc...@gm...>]

+1 I use AFF4 and would like to see it integrated into the project.

--
Adam

On Mon, Sep 25, 2017 at 7:16 PM, Brian Carrier <ca...@sl...>
wrote:

> Hi Hoyt,
>
> It is not scheduled to include it.  We didn't get a chance to look at the
> code.  We prioritize things based on user interest and we haven't received
> requests for it.
>
> Who here is using AFF4 or is waiting to use AFF4 until Autopsy/TSK
> incorporate it?
>
> brian
>
>
> On Mon, Sep 25, 2017 at 11:34 AM, Hoyt Harness <hoy...@gm...>
> wrote:
>
>> I may have missed it, but will the upcoming Sleuth Kit release include
>> the AFF4 patches? If not, is there any idea when we might see this? I
>> apologize if I have indeed missed it.
>>
>> Hoyt
>>
>>
>> On Fri, Sep 15, 2017 at 12:18 PM, Richard Cordovano <
>> rco...@ba...> wrote:
>>
>>> Scratch that, we have indeed decided to do a 4.5.0 release in early
>>> October.
>>>
>>> On Fri, Sep 15, 2017 at 6:42 AM, <rco...@ba...> wrote:
>>>
>>>> Slight clarification: SleuthKit 4.4.3 and Autopsy 4.5.0 in early
>>>> October.
>>>>
>>>> Sent from my iPhone
>>>>
>>>> On Sep 14, 2017, at 11:06 PM, Brian Carrier <ca...@sl...>
>>>> wrote:
>>>>
>>>> We're looking to do a 4.5.0 release in early October (along with an
>>>> Autopsy release).
>>>>
>>>> On Thu, Sep 14, 2017 at 7:54 PM, Greg Freemyer <gre...@gm...
>>>> > wrote:
>>>>
>>>>> Brian,
>>>>>
>>>>> As you know some CVE's came out after 4.4.2.  Looking at the bug
>>>>> tracker looks like you have them fixed.
>>>>>
>>>>> Are you going to do a 4.4.3 soon, or as the openSUSE sleuthkit
>>>>> maintainer, should I create appropriate patches to 4.4.2?  Or do you
>>>>> know if Redhat, Ubuntu, Mint has already done it?
>>>>>
>>>>> Thanks
>>>>> Greg
>>>>> --
>>>>> Greg Freemyer
>>>>> Advances are made by answering questions. Discoveries are made by
>>>>> questioning answers.
>>>>> — Bernard Haisch
>>>>>
>>>>>
>>>>> On Wed, Aug 16, 2017 at 8:31 PM, Brian Carrier <ca...@sl...>
>>>>> wrote:
>>>>> > I forgot to announce last week that new releases are up.
>>>>> >
>>>>> > Autopsy 4.4.1 includes:
>>>>> >
>>>>> > Beta version of new central repository feature for correlating
>>>>> artifacts
>>>>> > across cases; results are displayed using an Interesting Artifacts
>>>>> branch of
>>>>> > the Interesting Items tree and an Other Data Sources content viewer.
>>>>> I'll
>>>>> > post a blog post about using this later next week.
>>>>> > Results viewer (top right area of desktop application) sorts are
>>>>> persistent
>>>>> > and can be applied to either the table viewer or the thumbnail
>>>>> viewer.
>>>>> > Assorted performance improvements, enhancements, and bug fixes.
>>>>> >
>>>>> > Download here: http://sleuthkit.org/autopsy/download.php
>>>>> >
>>>>> > The Sleuth Kit 4.4.2 includes:
>>>>> >
>>>>> > usnjls tool for NTFS USN log (from noxdafox)
>>>>> > Added index to mime type column in DB
>>>>> > Use local SQLite3 if it exists (from uckelman-sf)
>>>>> > Blackboard Artifacts have a shortDescription metho
>>>>> > Fix for highest HFS+ inum lookup (from uckelman-sf)
>>>>> > Fix ISO9660 crash
>>>>> > various performance fixes and added thread safety checks
>>>>> >
>>>>> > Download here: http://sleuthkit.org/sleuthkit/download.php
>>>>> >
>>>>> > thanks,
>>>>> > brian
>>>>> >
>>>>> >
>>>>> > ------------------------------------------------------------
>>>>> ------------------
>>>>> > Check out the vibrant tech community on one of the world's most
>>>>> > engaging tech sites, Slashdot.org! http://sdm.link/slashdot
>>>>> > _______________________________________________
>>>>> > sleuthkit-users mailing list
>>>>> > https://lists.sourceforge.net/lists/listinfo/sleuthkit-users
>>>>> > http://www.sleuthkit.org
>>>>> >
>>>>>
>>>>
>>>> ------------------------------------------------------------
>>>> ------------------
>>>> Check out the vibrant tech community on one of the world's most
>>>> engaging tech sites, Slashdot.org! http://sdm.link/slashdot
>>>>
>>>> _______________________________________________
>>>> sleuthkit-users mailing list
>>>> https://lists.sourceforge.net/lists/listinfo/sleuthkit-users
>>>> http://www.sleuthkit.org
>>>>
>>>>
>>>
>>> ------------------------------------------------------------
>>> ------------------
>>> Check out the vibrant tech community on one of the world's most
>>> engaging tech sites, Slashdot.org! http://sdm.link/slashdot
>>> _______________________________________________
>>> sleuthkit-users mailing list
>>> https://lists.sourceforge.net/lists/listinfo/sleuthkit-users
>>> http://www.sleuthkit.org
>>>
>>>
>>
>>
>> --
>> Hoyt
>> -----------------
>> There are 11 kinds of people - those who think binary jokes are funny,
>> those who don't, ...and those who don't know binary.
>>
>> ------------------------------------------------------------
>> ------------------
>> Check out the vibrant tech community on one of the world's most
>> engaging tech sites, Slashdot.org! http://sdm.link/slashdot
>> _______________________________________________
>> sleuthkit-users mailing list
>> https://lists.sourceforge.net/lists/listinfo/sleuthkit-users
>> http://www.sleuthkit.org
>>
>>
>
> ------------------------------------------------------------
> ------------------
> Check out the vibrant tech community on one of the world's most
> engaging tech sites, Slashdot.org! http://sdm.link/slashdot
> _______________________________________________
> sleuthkit-users mailing list
> https://lists.sourceforge.net/lists/listinfo/sleuthkit-users
> http://www.sleuthkit.org
>
>

Re: [sleuthkit-users] New Autopsy and The Sleuth Kit Releases

[Suman B. <sb...@be...>]

For me, Autopsy/AFF4 integration would be a significant additional reason to use Autopsy.

 

Best regards,

Suman

 

--

Suman Beros

sb...@be...

 

 

From: Adam Witt [mailto:acc...@gm...] 
Sent: Friday, April 20, 2018 10:41
To: sleuthkit-users
Subject: Re: [sleuthkit-users] New Autopsy and The Sleuth Kit Releases

 

+1 I use AFF4 and would like to see it integrated into the project.

 

--

Adam

 

On Mon, Sep 25, 2017 at 7:16 PM, Brian Carrier <ca...@sl...> wrote:

Hi Hoyt,

It is not scheduled to include it.  We didn't get a chance to look at the code.  We prioritize things based on user interest and we haven't received requests for it. 

Who here is using AFF4 or is waiting to use AFF4 until Autopsy/TSK incorporate it?

brian

 

On Mon, Sep 25, 2017 at 11:34 AM, Hoyt Harness <hoy...@gm...> wrote:

I may have missed it, but will the upcoming Sleuth Kit release include the AFF4 patches? If not, is there any idea when we might see this? I apologize if I have indeed missed it.

 

Hoyt

 

 

On Fri, Sep 15, 2017 at 12:18 PM, Richard Cordovano <rco...@ba...> wrote:

Scratch that, we have indeed decided to do a 4.5.0 release in early October.

 

On Fri, Sep 15, 2017 at 6:42 AM, <rco...@ba...> wrote:

Slight clarification: SleuthKit 4.4.3 and Autopsy 4.5.0 in early October.

Sent from my iPhone


On Sep 14, 2017, at 11:06 PM, Brian Carrier <ca...@sl...> wrote:

We're looking to do a 4.5.0 release in early October (along with an Autopsy release). 

 

On Thu, Sep 14, 2017 at 7:54 PM, Greg Freemyer <gre...@gm...> wrote:

Brian,

As you know some CVE's came out after 4.4.2.  Looking at the bug
tracker looks like you have them fixed.

Are you going to do a 4.4.3 soon, or as the openSUSE sleuthkit
maintainer, should I create appropriate patches to 4.4.2?  Or do you
know if Redhat, Ubuntu, Mint has already done it?

Thanks
Greg
--
Greg Freemyer
Advances are made by answering questions. Discoveries are made by
questioning answers.
— Bernard Haisch



On Wed, Aug 16, 2017 at 8:31 PM, Brian Carrier <ca...@sl...> wrote:
> I forgot to announce last week that new releases are up.
>
> Autopsy 4.4.1 includes:
>
> Beta version of new central repository feature for correlating artifacts
> across cases; results are displayed using an Interesting Artifacts branch of
> the Interesting Items tree and an Other Data Sources content viewer. I'll
> post a blog post about using this later next week.
> Results viewer (top right area of desktop application) sorts are persistent
> and can be applied to either the table viewer or the thumbnail viewer.
> Assorted performance improvements, enhancements, and bug fixes.
>
> Download here: http://sleuthkit.org/autopsy/download.php
>
> The Sleuth Kit 4.4.2 includes:
>
> usnjls tool for NTFS USN log (from noxdafox)
> Added index to mime type column in DB
> Use local SQLite3 if it exists (from uckelman-sf)
> Blackboard Artifacts have a shortDescription metho
> Fix for highest HFS+ inum lookup (from uckelman-sf)
> Fix ISO9660 crash
> various performance fixes and added thread safety checks
>
> Download here: http://sleuthkit.org/sleuthkit/download.php
>
> thanks,
> brian
>
>

> ------------------------------------------------------------------------------
> Check out the vibrant tech community on one of the world's most
> engaging tech sites, Slashdot.org! http://sdm.link/slashdot
> _______________________________________________
> sleuthkit-users mailing list
> https://lists.sourceforge.net/lists/listinfo/sleuthkit-users
> http://www.sleuthkit.org
>

 

------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot

_______________________________________________
sleuthkit-users mailing list
https://lists.sourceforge.net/lists/listinfo/sleuthkit-users
http://www.sleuthkit.org

 


------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________
sleuthkit-users mailing list
https://lists.sourceforge.net/lists/listinfo/sleuthkit-users
http://www.sleuthkit.org





 

-- 

Hoyt
-----------------
There are 11 kinds of people - those who think binary jokes are funny, those who don't, ...and those who don't know binary.


------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________
sleuthkit-users mailing list
https://lists.sourceforge.net/lists/listinfo/sleuthkit-users
http://www.sleuthkit.org

 


------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________
sleuthkit-users mailing list
https://lists.sourceforge.net/lists/listinfo/sleuthkit-users
http://www.sleuthkit.org

 

Re: [sleuthkit-users] New Autopsy and The Sleuth Kit Releases

[Pasquale R. <pjr...@gm...>]

<html><head></head><body lang="en-US" link="blue" vlink="purple" style="background-color: rgb(255, 255, 255); line-height: initial;">                                                                                      <div style="width: 100%; font-size: initial; font-family: Calibri, 'Slate Pro', sans-serif, sans-serif; color: rgb(31, 73, 125); text-align: initial; background-color: rgb(255, 255, 255);">‎I am interested in and waiting for aff4 integration to use it.</div>                                                                                                                                     <div style="width: 100%; font-size: initial; font-family: Calibri, 'Slate Pro', sans-serif, sans-serif; color: rgb(31, 73, 125); text-align: initial; background-color: rgb(255, 255, 255);"><br></div>                                                                                                                                                                                                   <div style="font-size: initial; font-family: Calibri, 'Slate Pro', sans-serif, sans-serif; color: rgb(31, 73, 125); text-align: initial; background-color: rgb(255, 255, 255);"></div>                                                                                                                                                                                  <table width="100%" style="background-color:white;border-spacing:0px;"> <tbody><tr><td colspan="2" style="font-size: initial; text-align: initial; background-color: rgb(255, 255, 255);">                           <div style="border-style: solid none none; border-top-color: rgb(181, 196, 223); border-top-width: 1pt; padding: 3pt 0in 0in; font-family: Tahoma, 'BB Alpha Sans', 'Slate Pro'; font-size: 10pt;">  <div><b>From: </b>Suman Beros</div><div><b>Sent: </b>Monday, May 28, 2018 9:38 PM</div><div><b>To: </b>'Adam Witt'; 'sleuthkit-users'</div><div><b>Subject: </b>Re: [sleuthkit-users] New Autopsy and The Sleuth Kit Releases</div></div></td></tr></tbody></table><div style="border-style: solid none none; border-top-color: rgb(186, 188, 209); border-top-width: 1pt; font-size: initial; text-align: initial; background-color: rgb(255, 255, 255);"></div><br><div id="_originalContent" style=""><meta http-equiv="Content-Type" content="text/html; charset=utf-8"><meta name="Generator" content="Microsoft Word 14 (filtered medium)"><style><!--
/* Font Definitions */
@font-face
	{font-family:Calibri;
	panose-1:2 15 5 2 2 2 4 3 2 4;}
@font-face
	{font-family:Tahoma;
	panose-1:2 11 6 4 3 5 4 4 2 4;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
	{margin:0in;
	margin-bottom:.0001pt;
	font-size:12.0pt;
	font-family:"Times New Roman","serif";}
a:link, span.MsoHyperlink
	{mso-style-priority:99;
	color:blue;
	text-decoration:underline;}
a:visited, span.MsoHyperlinkFollowed
	{mso-style-priority:99;
	color:purple;
	text-decoration:underline;}
span.hoenzb
	{mso-style-name:hoenzb;}
span.EmailStyle18
	{mso-style-type:personal-reply;
	font-family:"Arial","sans-serif";
	color:#0070C0;}
.MsoChpDefault
	{mso-style-type:export-only;
	font-family:"Calibri","sans-serif";}
@page WordSection1
	{size:8.5in 11.0in;
	margin:1.0in 1.0in 1.0in 1.0in;}
div.WordSection1
	{page:WordSection1;}
--></style><!--[if gte mso 9]><xml>
<o:shapedefaults v:ext="edit" spidmax="1026" />
</xml><![endif]--><!--[if gte mso 9]><xml>
<o:shapelayout v:ext="edit">
<o:idmap v:ext="edit" data="1" />
</o:shapelayout></xml><![endif]--><div class="WordSection1"><p class="MsoNormal"><span style="font-family:&quot;Arial&quot;,&quot;sans-serif&quot;;color:#0070C0">For me, Autopsy/AFF4 integration would be a significant additional reason to use Autopsy.<o:p></o:p></span></p><p class="MsoNormal"><span style="font-family:&quot;Arial&quot;,&quot;sans-serif&quot;;color:#0070C0"><o:p>&nbsp;</o:p></span></p><p class="MsoNormal"><span style="font-family:&quot;Arial&quot;,&quot;sans-serif&quot;;color:#0070C0">Best regards,<o:p></o:p></span></p><p class="MsoNormal"><span style="font-family:&quot;Arial&quot;,&quot;sans-serif&quot;;color:#0070C0">Suman<o:p></o:p></span></p><p class="MsoNormal"><span style="font-family:&quot;Arial&quot;,&quot;sans-serif&quot;;color:#0070C0"><o:p>&nbsp;</o:p></span></p><p class="MsoNormal"><span style="font-size:10.0pt;font-family:&quot;Arial&quot;,&quot;sans-serif&quot;;color:#1F497D">--<o:p></o:p></span></p><p class="MsoNormal"><span style="font-size:10.0pt;font-family:&quot;Arial&quot;,&quot;sans-serif&quot;;color:#1F497D">Suman Beros<o:p></o:p></span></p><p class="MsoNormal"><span style="font-size:10.0pt;font-family:&quot;Arial&quot;,&quot;sans-serif&quot;;color:#1F497D">sb...@be...<o:p></o:p></span></p><p class="MsoNormal"><span style="font-family:&quot;Arial&quot;,&quot;sans-serif&quot;;color:#0070C0"><o:p>&nbsp;</o:p></span></p><p class="MsoNormal"><span style="font-family:&quot;Arial&quot;,&quot;sans-serif&quot;;color:#0070C0"><o:p>&nbsp;</o:p></span></p><p class="MsoNormal"><b><span style="font-size:10.0pt;font-family:&quot;Tahoma&quot;,&quot;sans-serif&quot;">From:</span></b><span style="font-size:10.0pt;font-family:&quot;Tahoma&quot;,&quot;sans-serif&quot;"> Adam Witt [mailto:acc...@gm...] <br><b>Sent:</b> Friday, April 20, 2018 10:41<br><b>To:</b> sleuthkit-users<br><b>Subject:</b> Re: [sleuthkit-users] New Autopsy and The Sleuth Kit Releases<o:p></o:p></span></p><p class="MsoNormal"><o:p>&nbsp;</o:p></p><div><p class="MsoNormal">+1 I use AFF4 and would like to see it integrated into the project.<o:p></o:p></p><div><p class="MsoNormal"><o:p>&nbsp;</o:p></p></div><div><p class="MsoNormal">--<o:p></o:p></p></div><div><p class="MsoNormal">Adam<o:p></o:p></p></div></div><div><p class="MsoNormal"><o:p>&nbsp;</o:p></p><div><p class="MsoNormal">On Mon, Sep 25, 2017 at 7:16 PM, Brian Carrier &lt;<a href="mailto:ca...@sl..." target="_blank">ca...@sl...</a>&gt; wrote:<o:p></o:p></p><div><div><div><div><p class="MsoNormal" style="margin-bottom:12.0pt">Hi Hoyt,<o:p></o:p></p></div><p class="MsoNormal" style="margin-bottom:12.0pt">It is not scheduled to include it.&nbsp; We didn't get a chance to look at the code.&nbsp; We prioritize things based on user interest and we haven't received requests for it. <o:p></o:p></p></div><p class="MsoNormal" style="margin-bottom:12.0pt">Who here is using AFF4 or is waiting to use AFF4 until Autopsy/TSK incorporate it?<o:p></o:p></p></div><p class="MsoNormal" style="margin-bottom:12.0pt"><span class="hoenzb"><span style="color:#888888">brian</span></span><o:p></o:p></p></div><div><div><div><p class="MsoNormal"><o:p>&nbsp;</o:p></p><div><p class="MsoNormal">On Mon, Sep 25, 2017 at 11:34 AM, Hoyt Harness &lt;<a href="mailto:hoy...@gm..." target="_blank">hoy...@gm...</a>&gt; wrote:<o:p></o:p></p><div><p class="MsoNormal">I may have missed it, but will the upcoming Sleuth Kit release include the AFF4 patches? If not, is there any idea when we might see this? I apologize if I have indeed missed it.<o:p></o:p></p><div><p class="MsoNormal"><o:p>&nbsp;</o:p></p></div><div><p class="MsoNormal">Hoyt<o:p></o:p></p></div><div><p class="MsoNormal"><o:p>&nbsp;</o:p></p></div></div><div><div><div><p class="MsoNormal"><o:p>&nbsp;</o:p></p><div><p class="MsoNormal">On Fri, Sep 15, 2017 at 12:18 PM, Richard Cordovano &lt;<a href="mailto:rco...@ba..." target="_blank">rco...@ba...</a>&gt; wrote:<o:p></o:p></p><div><p class="MsoNormal">Scratch that, we have indeed decided to do a 4.5.0 release in early October.<o:p></o:p></p></div><div><div><div><p class="MsoNormal"><o:p>&nbsp;</o:p></p><div><p class="MsoNormal">On Fri, Sep 15, 2017 at 6:42 AM, &lt;<a href="mailto:rco...@ba..." target="_blank">rco...@ba...</a>&gt; wrote:<o:p></o:p></p><div><div><p class="MsoNormal">Slight clarification: SleuthKit 4.4.3 and Autopsy 4.5.0 in early October.<br><br>Sent from my iPhone<o:p></o:p></p></div><div><div><div><p class="MsoNormal" style="margin-bottom:12.0pt"><br>On Sep 14, 2017, at 11:06 PM, Brian Carrier &lt;<a href="mailto:ca...@sl..." target="_blank">ca...@sl...</a>&gt; wrote:<o:p></o:p></p></div><blockquote style="margin-top:5.0pt;margin-bottom:5.0pt"><div><div><p class="MsoNormal">We're looking to do a 4.5.0 release in early October (along with an Autopsy release). <o:p></o:p></p></div><div><p class="MsoNormal"><o:p>&nbsp;</o:p></p><div><p class="MsoNormal">On Thu, Sep 14, 2017 at 7:54 PM, Greg Freemyer &lt;<a href="mailto:gre...@gm..." target="_blank">gre...@gm...</a>&gt; wrote:<o:p></o:p></p><p class="MsoNormal">Brian,<br><br>As you know some CVE's came out after 4.4.2.&nbsp; Looking at the bug<br>tracker looks like you have them fixed.<br><br>Are you going to do a 4.4.3 soon, or as the openSUSE sleuthkit<br>maintainer, should I create appropriate patches to 4.4.2?&nbsp; Or do you<br>know if Redhat, Ubuntu, Mint has already done it?<br><br>Thanks<br>Greg<br>--<br>Greg Freemyer<br>Advances are made by answering questions. Discoveries are made by<br>questioning answers.<br>— Bernard Haisch<o:p></o:p></p><div><div><p class="MsoNormal"><br><br>On Wed, Aug 16, 2017 at 8:31 PM, Brian Carrier &lt;<a href="mailto:ca...@sl..." target="_blank">ca...@sl...</a>&gt; wrote:<br>&gt; I forgot to announce last week that new releases are up.<br>&gt;<br>&gt; Autopsy 4.4.1 includes:<br>&gt;<br>&gt; Beta version of new central repository feature for correlating artifacts<br>&gt; across cases; results are displayed using an Interesting Artifacts branch of<br>&gt; the Interesting Items tree and an Other Data Sources content viewer. I'll<br>&gt; post a blog post about using this later next week.<br>&gt; Results viewer (top right area of desktop application) sorts are persistent<br>&gt; and can be applied to either the table viewer or the thumbnail viewer.<br>&gt; Assorted performance improvements, enhancements, and bug fixes.<br>&gt;<br>&gt; Download here: <a href="http://sleuthkit.org/autopsy/download.php" target="_blank">http://sleuthkit.org/autopsy/download.php</a><br>&gt;<br>&gt; The Sleuth Kit 4.4.2 includes:<br>&gt;<br>&gt; usnjls tool for NTFS USN log (from noxdafox)<br>&gt; Added index to mime type column in DB<br>&gt; Use local SQLite3 if it exists (from uckelman-sf)<br>&gt; Blackboard Artifacts have a shortDescription metho<br>&gt; Fix for highest HFS+ inum lookup (from uckelman-sf)<br>&gt; Fix ISO9660 crash<br>&gt; various performance fixes and added thread safety checks<br>&gt;<br>&gt; Download here: <a href="http://sleuthkit.org/sleuthkit/download.php" target="_blank">http://sleuthkit.org/sleuthkit/download.php</a><br>&gt;<br>&gt; thanks,<br>&gt; brian<br>&gt;<br>&gt;<o:p></o:p></p></div></div><p class="MsoNormal">&gt; ------------------------------------------------------------------------------<br>&gt; Check out the vibrant tech community on one of the world's most<br>&gt; engaging tech sites, <a href="http://Slashdot.org" target="_blank">Slashdot.org</a>! <a href="http://sdm.link/slashdot" target="_blank">http://sdm.link/slashdot</a><br>&gt; _______________________________________________<br>&gt; sleuthkit-users mailing list<br>&gt; <a href="https://lists.sourceforge.net/lists/listinfo/sleuthkit-users" target="_blank">https://lists.sourceforge.net/lists/listinfo/sleuthkit-users</a><br>&gt; <a href="http://www.sleuthkit.org" target="_blank">http://www.sleuthkit.org</a><br>&gt;<o:p></o:p></p></div><p class="MsoNormal"><o:p>&nbsp;</o:p></p></div></div></blockquote><blockquote style="margin-top:5.0pt;margin-bottom:5.0pt"><div><p class="MsoNormal">------------------------------------------------------------------------------<br>Check out the vibrant tech community on one of the world's most<br>engaging tech sites, <a href="http://Slashdot.org" target="_blank">Slashdot.org</a>! <a href="http://sdm.link/slashdot" target="_blank">http://sdm.link/slashdot</a><o:p></o:p></p></div></blockquote><blockquote style="margin-top:5.0pt;margin-bottom:5.0pt"><div><p class="MsoNormal">_______________________________________________<br>sleuthkit-users mailing list<br><a href="https://lists.sourceforge.net/lists/listinfo/sleuthkit-users" target="_blank">https://lists.sourceforge.net/lists/listinfo/sleuthkit-users</a><br><a href="http://www.sleuthkit.org" target="_blank">http://www.sleuthkit.org</a><o:p></o:p></p></div></blockquote></div></div></div></div><p class="MsoNormal"><o:p>&nbsp;</o:p></p></div></div></div><p class="MsoNormal" style="margin-bottom:12.0pt"><br>------------------------------------------------------------------------------<br>Check out the vibrant tech community on one of the world's most<br>engaging tech sites, Slashdot.org! <a href="http://sdm.link/slashdot" target="_blank">http://sdm.link/slashdot</a><br>_______________________________________________<br>sleuthkit-users mailing list<br><a href="https://lists.sourceforge.net/lists/listinfo/sleuthkit-users" target="_blank">https://lists.sourceforge.net/lists/listinfo/sleuthkit-users</a><br><a href="http://www.sleuthkit.org" target="_blank">http://www.sleuthkit.org</a><o:p></o:p></p></div><p class="MsoNormal"><br><br clear="all"><o:p></o:p></p><div><p class="MsoNormal"><o:p>&nbsp;</o:p></p></div><p class="MsoNormal">-- <o:p></o:p></p></div></div><div><p class="MsoNormal">Hoyt<br>-----------------<br>There are 11 kinds of people - those who think binary jokes are funny, those who don't, ...and those who don't know binary.<o:p></o:p></p></div></div><p class="MsoNormal" style="margin-bottom:12.0pt"><br>------------------------------------------------------------------------------<br>Check out the vibrant tech community on one of the world's most<br>engaging tech sites, Slashdot.org! <a href="http://sdm.link/slashdot" target="_blank">http://sdm.link/slashdot</a><br>_______________________________________________<br>sleuthkit-users mailing list<br><a href="https://lists.sourceforge.net/lists/listinfo/sleuthkit-users" target="_blank">https://lists.sourceforge.net/lists/listinfo/sleuthkit-users</a><br><a href="http://www.sleuthkit.org" target="_blank">http://www.sleuthkit.org</a><o:p></o:p></p></div><p class="MsoNormal"><o:p>&nbsp;</o:p></p></div></div></div><p class="MsoNormal" style="margin-bottom:12.0pt"><br>------------------------------------------------------------------------------<br>Check out the vibrant tech community on one of the world's most<br>engaging tech sites, Slashdot.org! <a href="http://sdm.link/slashdot" target="_blank">http://sdm.link/slashdot</a><br>_______________________________________________<br>sleuthkit-users mailing list<br><a href="https://lists.sourceforge.net/lists/listinfo/sleuthkit-users" target="_blank">https://lists.sourceforge.net/lists/listinfo/sleuthkit-users</a><br><a href="http://www.sleuthkit.org" target="_blank">http://www.sleuthkit.org</a><o:p></o:p></p></div><p class="MsoNormal"><o:p>&nbsp;</o:p></p></div></div><br><!--end of _originalContent --></div></body></html>