Linux Forensics Tools Repository: Package Summary for Packages on March 12, 2012:

  • tcpflow-1.2.1-1.{fc13,fc14,fc15,fc16,el5,el6}.{i386,x86_64}.rpm - Tcpflow is a program that captures data transmitted as part of TCP connections (flows), and stores the data in a way that is convenient for protocol analysis and debugging. Each TCP flow is stored in its own file. Thus, the typical TCP flow will be stored in two files, one for each direction. Tcpflow can also process stored tcpdump packet flows. The changes are: bug fixes and performance improvements.
  • guymager-0.6.5-1.{fc13,fc14,fc15,fc16,el5,el6}.{i686,x86_64}.rpm - Guymager is a forensic imaging package. Here are the changes since the last release (0.6.3):
    • Device scan: Assume that a device will not be included more than once in a scan
    • New CFG parameter AvoidEncaseProblems for Encase EWF string limitations
    • No longer exits on write errors in AEWF module
    • No longer exits on info file write errors
    • Center info dialog relative to application (not screen)

  • yaf{,-devel}-2.2.1-1.{fc13,fc14,fc15,fc16,el5,el6}.{i386,x86_64}.rpm - Yaf is Yet Another Flowmeter and yaf is a suite of tools to do flow metering. yaf is used as a sensor to capture flow information on a network and export that information in IPFIX format. It reads packet data from pcap(3) dumpfiles as generated by tcpdump(1), from live capture from an interface using pcap(3), an Endace DAG capture device, or a Napatech adapter, aggregates these packets into flows, and exports flow records via IPFIX over SCTP, TCP or UDP, Spread, or into serialized IPFIX message streams (IPFIX files) on the local file system. The changes are bug fixes.
  • reglookup-1.0.1-2.{fc12,fc13,fc14,fc15,el5,el6}.{i686,x86_64}.rpm - Release 2 of the reglookup package was installed to include the following patches:
    • Patch 278: fix for pyregfi install
    • Patch 277: incorporated a version of Adam Golebiowski's build patches reworked REGFI_VERSION and began using it in pyregfi installation
    • Patch 276: added 1.0.1 target