Linux Forensics Tools Repository: Package Summary for Packages on October 17, 2014:

  • fmem-kernel-modules-fc20-{i686,x86_64}-1.6-1.14.noarch.rpm - Support for the following kernels were added for Fmem:
    • 3.16.4-200 for FC20

  • lime-kernel-modules-fc20-{i686,x86_64}-1.1.r17-14.noarch.rpm - Support for the following kernels were added for LiME:
    • 3.16.4-200 for FC20

  • libfixbuf{,-devel}-1.6.1-1.{fc17,fc18,fc19,fc20,el5,el6,el7}.{i686,x86_64}.rpm - Libfixbuf is a compliant implementation of the IPFIX Protocol, as defined in the "Specification of the IPFIX Protocol for the Export of IP Flow Information" (RFC 5101). See here for the list of changes.
  • silk-{analysis,common,devel,flowcap,rwflowappend,rwflowpack,rwpollexec,rwreceiver,rwsender}-3.9.0-7.{fc17,fc18,fc19,fc20,el5,el6,el7}.{i686,x86_64}.rpm - SiLK is the System for Internet-Level Knowledge, a collection of traffic analysis tools developed by the CERT Network Situational Awareness Team (CERT NetSA) to facilitate security analysis of large networks. This release was rebuilt with libfixbuf version 1.6.1.
  • silk-{analysis,common,devel,flowcap,rwflowappend,rwflowpack,rwpollexec,rwreceiver,rwsender}-3.9.0-8.{fc17,fc18,fc19,fc20,el6,el7}.{i686,x86_64}.rpm - This release of the SiLK tools can be found in an optional repository that is now part of cert-forensics-tools-release named forensics‑sip, the definition of which can be found in /etc/yum.repos.d/cert-forensics-tools.repo. This repo is diabled by default and can be enabled by running the script named /usr/bin/EnableSilkWithIPA as root. This release was rebuilt with libfixbuf version 1.6.1.
  • super_mediator-0.3.0-7.{fc17,fc18,fc19,fc20,el5,el6,el7}.{i686,x86_64}.rpm - Super_mediator is an IPFIX mediator for use with the YAF and SiLK tools. It collects and filters YAF output data to various IPFIX collecting processes and/or csv files. Super_mediator can be configured to perform de-duplication of DNS resource records as exported by YAF. This release was rebuilt to use libfixbuf version 1.6.1.
  • yaf{,-devel}-2.6.0-3.{fc17,fc18,fc19,fc20,el6,el7}.{i686,x86_64}.rpm - Yaf is Yet Another Flowmeter and yaf is a suite of tools to do flow metering. Yaf is used as a sensor to capture flow information on a network and export that information in IPFIX format. It reads packet data from pcap(3) dumpfiles as generated by tcpdump(1), from live capture from an interface using pcap(3), an Endace DAG capture device, or a Napatech adapter, aggregates these packets into flows, and exports flow records via IPFIX over SCTP, TCP or UDP, Spread, or into serialized IPFIX message streams (IPFIX files) on the local file system. This release was rebuilt to use libfixbuf version 1.6.1.
  • yaf{,-devel}-2.2.1-8.el5.{i686,x86_64}.rpm - Yaf is Yet Another Flowmeter. Note that this version of Yaf is only available for CentOS/RHEL 5. This release was rebuilt to use libfixbuf version 1.6.1.