Linux Forensics Tools Repository: Package Summary for Packages on May 23, 2012:

  • libewf-{,devel,tools}-20120504-1.{fc13,fc14,fc15,fc16,el5,el6}.{i386,x86_64}.rpm - Libewf is a library for support of the Expert Witness Compression Format (EWF). It supports both the SMART (EWF-S01) and EnCase (EWF-E01) format. Libewf allows you to read and write EWF files. Recent versions also support the LEV (EWF-L01) format. Note the following:
    • This version provides the development environment for Version 2 of the API using the libewf-devel package. If the Version 1 API is required, install a version of libewf-devel from 2010, for example version 20100226.
    • This version provides the runtime environment for both Version 1 and Version 2 of the API. This means that both libewf.so.1 and libewf.so.2 are provided in this package for all supported operating systems and architectures.
    • This version provides the a set of tools (libewf-tools) that replace ewftools.

  • netsa-python-1.3-1.{fc13,fc14,fc15,fc16,el5,el6}.{i386,x86_64}.rpm - Netsa-python is a library of Python routines and frameworks that the NetSA team at CERT has found helpful when developing analyses using the SiLK toolkit. Of particular note are the netsa.script NetSA Scripting Framework, which provides a standard framework for writing scripts that process flow data, and the netsa.util.shell command line processing system, which provides tools for managing extremely complicated collections of shell processes that should fail or succeed together (extremely useful when working with named pipes). netsa-python is compatible with Python versions 2.4 and greater.
  • rayon-1.3.3-1.{fc13,fc14,fc15,fc16,el5,el6}.{i386,x86_64}.rpm - Rayon is a Python library and set of tools for generating basic two-dimensional statistical visualizations. Rayon can be used to automate reporting; provide data visualization in command-line, GUI or web applications; or do ad-hoc exploratory data analysis. Rayon can generate visualizations in PDF, PNG, SVG and PostScript formats using Pycairo. It can also be used in wxPython GUI applications. Rayon is compatible with Python versions 2.4 and greater, and requires netsa-python and at least one of Pycairo (for static output) or wxPython (for GUI output).
  • {nmap,ncat,nping,nmap-update,zenmap}-6.00-1.{fc13,fc14,fc15,fc16,el5,el6}.{i386,x86_64}.rpm - Nmap is a free and open source utility for network exploration or security auditing. See the change log for details. Nping is a packet generation and response analysis tool. Ncat is a flexible data transfer, redirection, and debugging tool. Nmap-update is a tool that gets the latest versions of architecture-independent files, such as scripts and databases, for the installed version of Nmap. Zenmap is an advanced GUI and results viewer. It replaces nmap-frontend.
  • CERT-Forensics-Tools-1.0-38.{fc13,fc14,fc15,fc16,el5,el6}.noarch.rpm - This package was updated to do the following:
    • obsolete nmap-frontend
    • add zenmap
    • add ncat
    • add nping
    • add nmap-update
    • remove registrydecoder for RHEL/CentOS 5 (it requires too many dependencies)