fmem-kernel-modules-fc24-{i686,x86_64}-1.6-1.15.noarch.rpm - Support for the following kernels were added for
Fmem:
4.8.6-201 for FC24
lime-kernel-modules-fc24-{i686,x86_64}-1.1.r17-15.noarch.rpm - Support for the following kernels were added for
LiME:
4.8.6-201 for FC24
libpst{,-devel,-devel-doc,-doc,-libs,-python}-0.6.69-1.1.{fc20,fc21,fc22,fc23,fc24,el6,el7}.{i686,x86_64}.rpm - The libpst
utilities convert Outlook .pst files to other formats.
See here for the list of changes.
silk-{analysis,common,devel,flowcap,rwflowappend,rwflowpack,rwpollexec,rwreceiver,rwsender}-3.13.0-1.{fc20,fc21,fc22,fc23,fc24,el6,el7}.{i686,x86_64}.rpm -
SiLK is the System for Internet-Level Knowledge, a collection of
traffic analysis tools developed by the CERT Network Situational Awareness Team (CERT NetSA) to facilitate security analysis of large networks.
See here for a list of changes in this version.
silk-{analysis,common,devel,flowcap,rwflowappend,rwflowpack,rwpollexec,rwreceiver,rwsender}-3.13.0-2.{fc20,fc21,fc22,fc23,fc24}.{i686,x86_64}.rpm and
silk-{analysis,common,devel,flowcap,rwflowappend,rwflowpack,rwpollexec,rwreceiver,rwsender}-3.13.0-2.{el6,el7}.x86_64.rpm -
This release of the SiLK tools can be found in an optional repository that is now part of
cert-forensics-tools-release named forensics-sip, the definition of which can be found in /etc/yum.repos.d/cert-forensics-tools.repo.
This repository is diabled by default and can be enabled by running the script named /usr/bin/EnableSilkWithIPA as root.
analysis-pipeline-5.5-1.{fc20,fc21,fc22,fc23,fc24,el6}.{i686,x86_64}.rpm and analysis-pipeline-5.5-1.el7.x86_64.rpm -
The analysis-pipeline processes SiLK Flow records, and its goals are to automate common tasks, to get closer to "real-time" reporting of events, and to feed interesting data to a security information and event manager (SIEM).
See here for the changes since the last version (5.4.1).
silk-ipset-{devel,lib,tools}-3.13.0-1.{fc20,fc21,fc22,fc23,fc24,el6,el7}.{i686,x86_64}.rpm - The SiLK IPset
distribution is derived from the SiLK tool suite developed by the CERT Network Situational Awareness Team (CERT NetSA).
The SiLK IPset distribution contains a library and a set of command line tools to build and manipulate IPset files, which are binary files containing a set of IP addresses.
SiLK IPset can be used by those wishing to use IPsets but who do not need the entire SiLK tool suite.
Since the SiLK IPset distribution contains a small subset of the tools in the SiLK distribution, there is no need to install SiLK IPset when SiLK is already installed.
See here for the list of changes in this release.
super_mediator-1.4.0-1.{fc20,fc21,fc22,fc23,fc24,el6}.{i686,x86_64}.rpm and super_mediator-1.4.0-1.el7.x86_64.rpm -
Super_mediator is an IPFIX mediator for use with the YAF
and SiLK tools.
It collects and filters YAF output data to various IPFIX collecting processes and/or csv files.
Super_mediator can be configured to perform de-duplication of DNS resource records as exported by YAF.
This release was rebuilt to use silk-ipset-3.13.0.
libvshadow{,-devel,-python,-tools}-20161111-1.{fc20,fc21,fc22,fc23,fc24,el6}.{i686,x86_64}.rpm and libvshadow{,-devel,-python,-tools}-20161111-1.el7.x86_64.rpm -
Libvshadow is a library and tools used to support the Volume Service Snapshot (VSS) format.
The VSS format is used by Windows, as of Vista, to maintain copies of data on a storage media volume.
This version uses the external version of libbfio to support
DFF, the Digital Forensics Framework.
libfwnt{,-devel,-python,-python3}-20151103-1.{fc20,fc21,fc22,fc23,fc24}.{i686,x86_64}.rpm, libfwnt{,-devel,-python}-20160418-1.el6.{i686,x86_64}.rpm, and libfwnt{,-devel,-python,-python3}-20151103-1.el7.x86_64.rpm -
LibFWNT, is a library for Windows NT data types.
See here for the list of changes.
This package is needed by dfvfs and plaso.
libscca{,-devel,-python,-python3,-tools}-20161031-1.{fc20,fc21,fc22,fc23,fc24}.{i686,x86_64}.rpm, libscca{,-devel,-python,-tools}-20161031-1.el6.x86_64.rpm, and libscca{,-devel,-python,-python3,-tools}-20161031-1.el7.x86_64.rpm -
Libscca is a library to access the Windows Prefetch File (SCCA) format.
See here for the list of changes.