Linux Forensics Tools Repository: Package Summary for Packages on October 31, 2014:

  • analysis-pipeline-4.4.1-1.{fc17,fc18,fc9,fc20,el5,el6,el7}.{i686,x86_64}.rpm - The analysis-pipeline processes SiLK Flow records, and its goals are to automate common tasks, to get closer to "real-time" reporting of events, and to feed interesting data to a security information and event manager (SIEM). See here for the changes in this release.
  • fmem-kernel-modules-fc20-{i686,x86_64}-1.6-1.16.noarch.rpm - Support for the following kernels were added for Fmem:
    • 3.16.6-203 for FC20

  • lime-kernel-modules-fc20-{i686,x86_64}-1.1.r17-16.noarch.rpm - Support for the following kernels were added for LiME:
    • 3.16.6-203 for FC20

  • lime-kernel-modules-el7-{i686,x86_64}-1.1.r17-4.noarch.rpm - Support for the following kernels were added for LiME:
    • 3.10.0-123.9.2 for EL7

  • fmem-kernel-modules-el7-{i686,x86_64}-1.6-1.4.noarch.rpm - Support for the following kernels were added for Fmem:
    • 3.10.0-123.9.2 for EL7

  • lime-kernel-modules-el6-{i686,x86_64}-1.1.r17-5.noarch.rpm - Support for the following kernels were added for LiME:
    • 2.6.32-504 for EL6

  • fmem-kernel-modules-el6-{i686,x86_64}-1.6-1.5.noarch.rpm - Support for the following kernels were added for Fmem:
    • 2.6.32-504 for EL6

  • libevt-{,devel,python,tools}-20141026-1.(fc17,fc18,fc19,fc20,el5,el6,el7}.{i686,x86_64}.rpm - libevt contains libraries and tools to access the Windows Event Log (EVT) format files. See here for the list of changes.
  • libevtx-{,devel,python,tools}-20141026-1.(fc17,fc18,fc19,fc20,el5,el6,el7}.{i686,x86_64}.rpm - libevtx contains libraries and tools to access the Windows XML Event Log (EVTX) format files. See here for the list of changes.
  • libmsiecf-{,devel,python,tools}-20141025-1.(fc17,fc18,fc19,fc20,el5,el6,el7}.{i686,x86_64}.rpm - libmsiecf contains libraries and tools to access the Microsoft Internet Explorer (MSIE) Cache File (index.dat) files. See here for the list of changes.
  • libolecf-{,devel,python,tools}-20141026-1.(fc17,fc18,fc19,fc20,el5,el6,el7}.{i686,x86_64}.rpm - libolecf contains libraries and tools to access the OLE 2 Compound File (OLECF) format filed. See here for the list of changes.
  • libsmraw{,-devel,-tools,-python}-20141026-1.{fc17,fc18,fc19,fc20,el5,el6,el7}.{i686,x86_64}.rpm - Libsmraw is a library and tools used to read and write (split) RAW storage media bitstream copies. Libsmraw contains supports for multiple (split) RAW naming schemes. See here for the list of changes.
  • mdbtools{,-devel,-gui}-0.7-43.13.{fc17,fc18,fc19,fc20,el5,el6,el7}.{i686,x86_64}.rpm, libmdbodbc1-0.7-43.13.{fc17,fc18,fc19,fc20,el5,el6,el7}.{i686,x86_64}.rpm, - The MDB Tools project is a effort to document the MDB file format used in Microsoft's Access database package, and to provide a set of tools and applications to make that data available on other platforms. Specifically, MDB Tools includes programs to export schema and data to other databases such as MySQL, Oracle, Sybase, PostgreSQL, and others. Also included is a SQL engine for performing simple SQL queries. The 0.5 release includes an updated GUI interface (screenshot is available here). A sparse but functional ODBC driver is included as well. MDB Tools currently has read-only support for Access 97 (Jet 3) and Access 2000/2002 (Jet 4) formats. Write support is currently being worked on and the first cut is expected to be included in the 0.6 release. For more information check the FAQ and the Installation Guide.
  • ssdeep-2.12.{fc17,fc18,fc19,fc20,el5,el6,el7}.{i686,x86_64}.rpm - Ssdeep is a program for computing context triggered piecewise hashes (CTPH), also called fuzzy hashes. See here for the list of changes. Also see the SourceForge Page for forums, bugtracking, CVS, et al.