Thread: [sleuthkit-users] The Penguin Sleuth Kit/ Knoppix
Brought to you by:
carrier
Menu
▾
▴
sleuthkit-users
|
From: Priscilla O. <pri...@ya...> - 2005-09-29 20:47:26
|
Does anyone use The Penguin Sleuth Kit Linux bootable CD? The list of included software here: http://luge.cc.emory.edu/psl.html says that The Sleuthkit (www.sleuthkit.org) is included with the boot CD. It's not!? Or am I misunderstanding how to find it? I downloaded the iso image from the site. I got the file called penguinsleuth-07-05-2003.iso and burned it to CD. It boots fine. I don't have any problems running other tools, such as Ethereal, but sleuthkit tools aren't there. I also tried a plain vanilla Knoppix Linux bootable CD and can't find The Sleuthkit with that either, although it's supposedly on that too, so I suspect that the problem may be user error. I opened a root shell, so it's not that I'm not root. I think it's something else. Please help. Thanks. __________________ Priscilla Oppenheimer Adjunct Faculty Southern Oregon University http://www.priscilla.com __________________________________________________ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com |
|
From: Chuck <chu...@gm...> - 2005-09-29 20:54:26
|
The Penguin Sleuth Kit (which has really nothing to do with Brian's sleuthkit) hasn't been updated in quite a while (over 2 years now) and I'm not sure if the plain Knoppix CD has sleuthkit/autopsy. I'd recommend using the Helix CD available at: http://www.e-fense.com/helix/ I've has very good luck with it and it is updated frequently. Have fun. Chuck On 9/29/05, Priscilla Oppenheimer <pri...@ya...> wrote: > Does anyone use The Penguin Sleuth Kit Linux bootable > CD? The list of included software here: > > http://luge.cc.emory.edu/psl.html > > says that The Sleuthkit (www.sleuthkit.org) is > included with the boot CD. It's not!? Or am I > misunderstanding how to find it? > > I downloaded the iso image from the site. I got the > file called penguinsleuth-07-05-2003.iso and burned it > to CD. It boots fine. I don't have any problems > running other tools, such as Ethereal, but sleuthkit > tools aren't there. > > I also tried a plain vanilla Knoppix Linux bootable CD > and can't find The Sleuthkit with that either, > although it's supposedly on that too, so I suspect > that the problem may be user error. > > I opened a root shell, so it's not that I'm not root. > I think it's something else. > > Please help. > > Thanks. > __________________ > > Priscilla Oppenheimer > Adjunct Faculty > Southern Oregon University > http://www.priscilla.com > > __________________________________________________ > Do You Yahoo!? > Tired of spam? Yahoo! Mail has the best spam protection around > http://mail.yahoo.com > > > ------------------------------------------------------- > This SF.Net email is sponsored by: > Power Architecture Resource Center: Free content, downloads, discussions, > and more. http://solutions.newsforge.com/ibmarch.tmpl > _______________________________________________ > sleuthkit-users mailing list > https://lists.sourceforge.net/lists/listinfo/sleuthkit-users > http://www.sleuthkit.org > |
|
From: Paulo R. S. <pau...@gm...> - 2005-09-29 21:41:54
|
I've used helix in some projets and I've had good results with it. But the sleuthkit is a little outdated in Helix CD. The Helix CD contains sleuthkit v. 1.73 and the v. 2.02 was realeased in July 8, 2005. However, I think tha= t Helix is a good choice. Paulo Renato Silva On 9/29/05, Chuck <chu...@gm...> wrote: > > The Penguin Sleuth Kit (which has really nothing to do with Brian's > sleuthkit) hasn't been updated in quite a while (over 2 years now) and > I'm not sure if the plain Knoppix CD has sleuthkit/autopsy. I'd > recommend using the Helix CD available at: > > http://www.e-fense.com/helix/ > > I've has very good luck with it and it is updated frequently. Have fun. > > Chuck > > On 9/29/05, Priscilla Oppenheimer <pri...@ya...> wrote: > > Does anyone use The Penguin Sleuth Kit Linux bootable > > CD? The list of included software here: > > > > http://luge.cc.emory.edu/psl.html > > > > says that The Sleuthkit (www.sleuthkit.org <http://www.sleuthkit.org>) > is > > included with the boot CD. It's not!? Or am I > > misunderstanding how to find it? > > > > I downloaded the iso image from the site. I got the > > file called penguinsleuth-07-05-2003.iso and burned it > > to CD. It boots fine. I don't have any problems > > running other tools, such as Ethereal, but sleuthkit > > tools aren't there. > > > > I also tried a plain vanilla Knoppix Linux bootable CD > > and can't find The Sleuthkit with that either, > > although it's supposedly on that too, so I suspect > > that the problem may be user error. > > > > I opened a root shell, so it's not that I'm not root. > > I think it's something else. > > > > Please help. > > > > Thanks. > > __________________ > > > > Priscilla Oppenheimer > > Adjunct Faculty > > Southern Oregon University > > http://www.priscilla.com > > > > __________________________________________________ > > Do You Yahoo!? > > Tired of spam? Yahoo! Mail has the best spam protection around > > http://mail.yahoo.com > > > > > > ------------------------------------------------------- > > This SF.Net email is sponsored by: > > Power Architecture Resource Center: Free content, downloads, > discussions, > > and more. http://solutions.newsforge.com/ibmarch.tmpl > > _______________________________________________ > > sleuthkit-users mailing list > > https://lists.sourceforge.net/lists/listinfo/sleuthkit-users > > http://www.sleuthkit.org > > > > > ------------------------------------------------------- > This SF.Net email is sponsored by: > Power Architecture Resource Center: Free content, downloads, discussions, > and more. http://solutions.newsforge.com/ibmarch.tmpl > _______________________________________________ > sleuthkit-users mailing list > https://lists.sourceforge.net/lists/listinfo/sleuthkit-users > http://www.sleuthkit.org > -- ------------------------------------------ Paulo Renato S. Silva ICQ: 12395936 Skype: paulorenato_silva ------------------------------------------ |
|
From: Priscilla O. <pri...@ya...> - 2005-09-30 01:31:27
|
Thanks for all the recommendations. I will try the Helix CD. It sounds great. I had liked the sound of the Penguin one because of all the network utilities in addition to forensics utilities, but the Helix one has that too. Hooray. :-) I did finally find the sleuthkit tools when booted from the Penguin CD, by the way. (They were in /usr/bin/ but I missed them because I was looking for them to be in a folder called sleuthkit or something of that sort. Learning some cool stuff! Thanks. Priscilla Oppenheimer --- Paulo Renato Silva <pau...@gm...> wrote: > I've used helix in some projets and I've had good > results with it. But the > sleuthkit is a little outdated in Helix CD. The > Helix CD contains sleuthkit > v. 1.73 and the v. 2.02 was realeased in July 8, > 2005. However, I think that > Helix is a good choice. > > Paulo Renato Silva > > On 9/29/05, Chuck <chu...@gm...> wrote: > > > > The Penguin Sleuth Kit (which has really nothing > to do with Brian's > > sleuthkit) hasn't been updated in quite a while > (over 2 years now) and > > I'm not sure if the plain Knoppix CD has > sleuthkit/autopsy. I'd > > recommend using the Helix CD available at: > > > > http://www.e-fense.com/helix/ > > > > I've has very good luck with it and it is updated > frequently. Have fun. > > > > Chuck > > > > On 9/29/05, Priscilla Oppenheimer > <pri...@ya...> wrote: > > > Does anyone use The Penguin Sleuth Kit Linux > bootable > > > CD? The list of included software here: > > > > > > http://luge.cc.emory.edu/psl.html > > > > > > says that The Sleuthkit (www.sleuthkit.org > <http://www.sleuthkit.org>) > > is > > > included with the boot CD. It's not!? Or am I > > > misunderstanding how to find it? > > > > > > I downloaded the iso image from the site. I got > the > > > file called penguinsleuth-07-05-2003.iso and > burned it > > > to CD. It boots fine. I don't have any problems > > > running other tools, such as Ethereal, but > sleuthkit > > > tools aren't there. > > > > > > I also tried a plain vanilla Knoppix Linux > bootable CD > > > and can't find The Sleuthkit with that either, > > > although it's supposedly on that too, so I > suspect > > > that the problem may be user error. > > > > > > I opened a root shell, so it's not that I'm not > root. > > > I think it's something else. > > > > > > Please help. > > > > > > Thanks. > > > __________________ > > > > > > Priscilla Oppenheimer > > > Adjunct Faculty > > > Southern Oregon University > > > http://www.priscilla.com > > > > > > > __________________________________________________ > > > Do You Yahoo!? > > > Tired of spam? Yahoo! Mail has the best spam > protection around > > > http://mail.yahoo.com > > > > > > > > > > ------------------------------------------------------- > > > This SF.Net email is sponsored by: > > > Power Architecture Resource Center: Free > content, downloads, > > discussions, > > > and more. > http://solutions.newsforge.com/ibmarch.tmpl > > > _______________________________________________ > > > sleuthkit-users mailing list > > > > https://lists.sourceforge.net/lists/listinfo/sleuthkit-users > > > http://www.sleuthkit.org > > > > > > > > > > ------------------------------------------------------- > > This SF.Net email is sponsored by: > > Power Architecture Resource Center: Free content, > downloads, discussions, > > and more. > http://solutions.newsforge.com/ibmarch.tmpl > > _______________________________________________ > > sleuthkit-users mailing list > > > https://lists.sourceforge.net/lists/listinfo/sleuthkit-users > > http://www.sleuthkit.org > > > > > > -- > ------------------------------------------ > Paulo Renato S. Silva > ICQ: 12395936 > Skype: paulorenato_silva > ------------------------------------------ > Priscilla Oppenheimer Adjunct Faculty Southern Oregon University www.priscilla.com __________________________________________________ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com |
|
From: Chuck <chu...@gm...> - 2005-09-30 12:48:45
|
On 9/29/05, Paulo Renato Silva <pau...@gm...> wrote: > I've used helix in some projets and I've had good results with it. But t= he > sleuthkit is a little outdated in Helix CD. The Helix CD contains sleuth= kit > v. 1.73 and the v. 2.02 was realeased in July 8, 2005. However, I think > that Helix is a good choice. I think the Helix "CD Contents" web page for Helix is just a little out of date. The changelog lists the most recent, stable Helix (Helix 1.6: 28.July.2005) as having Autopsy 2.05 and Sleuthtkit 2.02 (the most recent versions). The changelog also lists Helix 1.7 as coming out 1.Oct.2005 (tomorrow), but I am not sure if that is a definite date or the planned release. The download page says 1.7 is only 5% done and I don't see any mention of it on the Helix forums, so I would guess the release date will slip. Chuck |
×
Want the latest updates on software, tech news, and AI?
Get latest updates about software, tech news, and AI from SourceForge directly in your inbox once a month.
Thanks for helping keep SourceForge clean.
X