Linux Forensics Tools Repository: Package Summary for Packages on October 12, 2011:

  • libewf-{,devel,tools}-20111011-1.{fc13,fc14,fc15,el5,el6}.{i386,x86_64}.rpm - Libewf is a library for support of the Expert Witness Compression Format (EWF). It supports both the SMART (EWF-S01) and EnCase (EWF-E01) format. Libewf allows you to read and write EWF files. Recent versions also support the LEV (EWF-L01) format. Note the following:
    • This version provides the development environment for Version 2 of the API using the libewf-devel package. If the Version 1 API is required, install a version of libewf-devel from 2010, for example version 20100226.
    • This version provides the runtime environment for both Version 1 and Version 2 of the API. This means that both and are provided in this package for all supported operating systems and architectures.
    • This version provides the a set of tools (libewf-tools) that replace ewftools.

  • xmount-0.4.5-2.{fc12,fc13,fc14,fc15,el5,el6}.{i386,x86_64}.rpm - Xmount is a tool that allows you to convert on-the-fly between multiple input and output harddisk image types. Release 2 of xmount was made to use Version 2 of the libewf API.
  • sleuthkit{,-devel,-libs}-3.2.3-1.{fc12,fc13,fc14,fc15,el5,el6}.{i386,x86_64}.rpm - The Sleuth Kit (TSK) is a library and collection of command line tools that allow you to investigate volume and file system data. See the included NEWS.txt for a list of changes. Note that this version has been built using Version 2 of the libewf API.
  • dff-1.2.0-1.{fc12,fc13,fc14,fc15,el6}.{i386,x86_64}.rpm - The Digital Forensics Framework (DFF) is both a digital investigation tool and a development platform. The framework is used by system administrators, law enforcement examinors, digital forensics researchers and students, and security professionals world-wide. Written in Python and C++, it exclusively uses Open Source technologies. DFF combines an intuitive user interface with a modular and cross-platform architecture. is a free and Open Source platform dedicated to digital forensic and eDiscovery sciences. Note that this version requires the Version 2 API of libewf. Note that the CentOS/RHEL 5 is not supported in this release.
  • CERT-Forensics-Tools-1.0-32.{fc12,fc13,fc14,fc15,el5,el6}.noarch.rpm - This package was updated to add these packages:

    • libewf-tools
    and remove these packages:

    • ewftools