Ethical Hacking Training at InfoSec Institute

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Computer Forensics Computer-Forensics
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

FTimes 3.5.0 Released

from [klm] Network Security [Permanent Link]
Subject: FTimes 3.5.0 Released
Date: 17 Jun 2005 01:11:02 -0000 
Background:

  FTimes is a system baselining and evidence collection tool. The
  primary purpose of FTimes is to gather and/or develop information
  about specified directories and files in a manner conducive to
  intrusion analysis.

  FTimes is a lightweight tool in the sense that it doesn't need
  to be "installed" on a given system to work on that system, it
  is small enough to fit on a single floppy, and it provides only
  a command line interface.

  Preserving records of all activity that occurs during a snapshot
  is important for intrusion analysis and evidence admissibility.
  For this reason, FTimes was designed to log four types of
  information: configuration settings, progress indicators, metrics,
  and errors. Output produced by FTimes is delimited text, and
  therefore, is easily assimilated by a wide variety of existing
  tools.

  http://ftimes.sourceforge.net/FTimes/

  HashDig technology is a collection of utilities designed to help
  practitioners automate the process of resolving MD5 hashes. In
  the early stages of an investigation, it is not typically possible
  or practical to examine all subject files. Therefore, practitioners
  need reliable methods that can quickly reduce the number of files
  requiring examination. One such method is to group files into two
  general categories: known and unknown. This method can be implemented
  quite effectively by manipulating hashes and comparing them to
  one or more reference databases. Even that, however, can take a
  significant amount of effort. HashDig technology attempts to
  reduce this burden through automation and the use of lightweight,
  open, and verifiable techniques.

  http://ftimes.sourceforge.net/FTimes/HashDig.shtml

Announcement:

  Version 3.5.0 is a minor release of FTimes. Generally, code was
  cleaned up and refined as necessary. Several bugs have been fixed
  -- see the ChangeLog for details. Externally, there have been
  several changes: (1) the default installation directory has
  changed; (2) several new controls have been added; (3) regular
  expression (via PCRE) and case insensitive digs are now supported;
  and (4) support for the CDROM, DEVFS, SMBFS, and TMPFS file systems
  has been added. A test harness has been added along with tests
  to validate MD5 hashes using sample vectors provided and used by
  NIST. Internally, the main improvements are MD5 performance and
  the addition of large file support. Also, many of the dig, hashdig,
  and map utilities have been improved -- see the ChangeLog for
  details.

ChangeLog:

  http://sourceforge.net/project/shownotes.php?release_id=335638

Download:

  http://sourceforge.net/project/showfiles.php?group_id=41134

Cookbook:

  http://ftimes.sourceforge.net/FTimes/Cookbook.shtml

Enjoy,
k
--
Klayton Monroe
klm@uidzero.org
Fingerprint = 6D3B 1DBC F426 36E4 7C9A  FA93 9A5D D62D 4D86 DBFC
[More with this subject...]


<Prev in Thread] Current Thread [Next in Thread>
  • FTimes 3.5.0 Released, klm <=
Previous by Date:  Re: Minimal RAM footprint boot CD?, Rikard Johnels
Next by Date:  Mac HD Mounting..., Ted A
Previous by Thread:  undetected drive, Eamonn Saunders
Next by Thread:  Reconstruct a hardware RAID from the raw images of each HD, Rasec Platff
Indexes:  [Date] [Thread] [Top] [All Lists]