Linux Forensics Tools Repository: Package Summary for Packages on October 13, 2011:

  • daq-0.6.2-1.{fc12,fc13,fc14,fc15,el6}.{i386,x86_64}.rpm - The Data Acquisition Library (Daq) is a library used by snort.
  • snort{,mysql,postgresql,unixODBC}-2.9.1.1-1.{fc12,fc13,fc14,fc15,el6}.{i386,x86_64}.rpm - (Snort is an open source network intrusion detection system, capable of performing real-time traffic analysis and packet logging on IP networks. It can perform protocol analysis, content searching/matching and can be used to detect a variety of attacks and probes, such as buffer overflows, stealth port scans, CGI attacks, SMB probes, OS fingerprinting attempts, and much more.
  • snort-sample-rules-1.0-1.{fc12,fc13,fc14,fc15,el6}.{i386,x86_64}.rpm - These rules are sample rules only and are intended to allow snort to start successfully. These rules only flag HTTP traffic destined for port 80. Please see the snort rules page to acquire a current set of snort rules.
  • libewf-{,devel,tools}-20111016-1.{fc12,fc13,fc14,fc15,el5,el6}.{i386,x86_64}.rpm - Libewf is a library for support of the Expert Witness Compression Format (EWF). It supports both the SMART (EWF-S01) and EnCase (EWF-E01) format. Libewf allows you to read and write EWF files. Recent versions also support the LEV (EWF-L01) format. Note the following:
    • This version provides the development environment for Version 2 of the API using the libewf-devel package. If the Version 1 API is required, install a version of libewf-devel from 2010, for example version 20100226.
    • This version provides the runtime environment for both Version 1 and Version 2 of the API. This means that both libewf.so.1 and libewf.so.2 are provided in this package for all supported operating systems and architectures.
    • This version provides the a set of tools (libewf-tools) that replace ewftools.

  • nmap{,-frontend}-5.51-3.{fc12,fc13,fc14,el5,el6}.{i386,x86_64}.rpm - Nmap is a free and open source utility for network exploration or security auditing. See the change log for details.
  • CERT-Forensics-Tools-1.0-33.{fc12,fc13,fc14,fc15,el5,el6}.noarch.rpm - This package was updated to select a correct version of the libewf-tools package.


  • dff-1.2.0-2.{fc12,fc13,fc14,fc15,el6}.{i386,x86_64}.rpm - The Digital Forensics Framework (DFF) is both a digital investigation tool and a development platform. This release fixes incorrect directory permissions and adds python-apsw as a dependency.
  • python-apsw-3.6.7_r1.{fc12,fc13,fc14,fc15,el6}.{i386,x86_64}.rpm - Another Python SQL wrapper (python-apsw) is a Python wrapper for the SQLite embedded relational database engine. In contrast to other wrappers such as pysqlite it focuses on being a minimal layer over SQLite attempting just to translate the complete SQLite API into Python. The documentation has a section on the differences between APSW and pysqlite.