Linux Forensics Tools Repository: Package Summary for Packages on February 5, 2016:
fmem-kernel-modules-fc23-{i686,x86_64}-1.6-1.6.noarch.rpm - Support for the following kernels were added for
Fmem:
4.3.4-300 for FC23
4.3.3-303 for FC23
lime-kernel-modules-fc23-{i686,x86_64}-1.1.r17-6.noarch.rpm - Support for the following kernels were added for
LiME:
4.3.4-300 for FC23
4.3.3-303 for FC23
fmem-kernel-modules-fc22-{i686,x86_64}-1.6-1.22.noarch.rpm - Support for the following kernels were added for
Fmem:
4.3.4-200 for FC22
lime-kernel-modules-fc22-{i686,x86_64}-1.1.r17-22.noarch.rpm - Support for the following kernels were added for
LiME:
4.3.4-200 for FC22
fmem-kernel-modules-el7-{i686,x86_64}-1.6-1.18.noarch.rpm - Support for the following kernels were added for
Fmem:
3.10.0-327.4.5 for EL7
lime-kernel-modules-el7-{i686,x86_64}-1.1.r17-18.noarch.rpm - Support for the following kernels were added for
LiME:
3.10.0-327.4.5 for EL7
splunk-6.3.2-aaff59bb082c-linux-2.6-x86_64.rpm and splunk-6.3.2-aaff59bb082c.i386.rpm - This version of
Splunk was added to the Splunk repository for Fedora 20 through 23 and Fedora 6 and 7 for the i386 and x86_64 architectures.
Follow these instructions after upgrading
to this version.
Make sure that you following these instruction after upgrading but before rebooting.
If you do not following these instructions your system may hang when it reboots.
libbde{,-devel,-python,-tools}-20160110-1.{fc20,fc21,fc22,el6,el7}.{i686,x86_64}.rpm - Libbde is a library and tools to access the BitLocker
Drive Encryption (BDE) format. The BDE format is used by Windows, as of Vista, to encrypt data on a storage media volume.
See here for the list of changes.
libevt{,-devel,-python,-tools}-20160107-1.(fc20,fc21,fc22,fc23,el6,el7}.{i686,x86_64}.rpm - Libevt contains libraries and tools
to access the Windows Event Log (EVT) format files.
See here for the list of changes.
libevtx{,-devel,-python,-tools}-20160107-1.(fc20,fc21,fc22,fc23,el6,el7}.{i686,x86_64}.rpm - Libevtx contains libraries and tools
to access the Windows XML Event Log (EVTX) format files.
See here for the list of changes.
libfwsi{,-devel,-python}-20160110-1.(fc20,fc21,fc22,fc23,el6,el7}.{i686,x86_64}.rpm - Libfwsi is a library to access the
Windows Shell Item format.
See here for the list of changes.
liblnk{,-devel,-python,-tools}-20160107-1.(fc20,fc21,fc22,fc23,el6,el7}.{i686,x86_64}.rpm - Liblnk contains libraries and tools to access the
Windows Shortcut File (LNK) format file.
See here for the list of changes.
libmsiecf{,-devel,-python,-tools}-20160107-1.(fc20,fc21,fc22,fc23,el6,el7}.{i686,x86_64}.rpm - Libmsiecf contains libraries and tools
to access the Microsoft Internet Explorer (MSIE) Cache File (index.dat) files.
See here for the list of changes.
libolecf{,-devel-,-python,-tools}-20160107-1.(fc20,fc21,fc22,fc23,el6,el7}.{i686,x86_64}.rpm - Libolecf
contains libraries and tools to access the OLE 2 Compound File (OLECF) format filed.
See here for the list of changes.
libqcow{,-devel,-tools,-python}-20160123-1.{fc20,fc21,fc22,fc23,el6,el7}.{i686,x86_64}.rpm - Libqcow
is a library and tools used to access the QEMU Copy-On-Write (QCOW) image format.
See here for the list of changes.
libregf{,-devel,-python,-tools}-20160107-1.(fc20,fc21,fc22,fc23,el6,el7}.{i686,x86_64}.rpm - Libregf
contains libraries and tools to access the Windows NT Registry File files.
See here for the list of changes.
libsigscan{,-devel,-python,-tools}-20160108-1.{fc20,fc21,el6,el7}.{i686,x86_64}.rpm - Libsigscan is a library and tools used to
binary signature scanning.
See here for the list of changes.
libsmdev{,-devel,-python,-tools}-20160109-1.{fc20,fc21,fc22,fc23,el6,el7}.{i686,x86_64}.rpm - Libsmdev
is a library and tools used to access storage media devices.
See here for the list of changes.
libsmraw{,-devel,-python,-tools}-20160108-1.{fc20,fc21,fc22,fc23,el6,el7}.{i686,x86_64}.rpm - Libsmraw
is a library and tools used to read and write (split) RAW storage media bitstream copies. Libsmraw contains supports for multiple (split) RAW naming schemes.
See here for the list of changes.
libvhdi{,-devel,-python,-tools}-20160108-1.(fc20,fc21,fc22,fc23,el6,el7}.{i686,x86_64}.rpm - Libvhdi is a library and tools to access the
Virtual Hard Disk (VHD) image format. Note that this project has an experimental status.
See here for the list of supported disk formats.
libvmdk{,-devel,-python,-tools}-20160119-1.{fc20,fc21,fc22,fc23,el6,el7}.{i686,x86_64}.rpm - Libvmdk
is a library and tools used to access the VMware Virtual Disk (VMDK) image format.
See here the list of changes.
libvshadow{,-devel,-python,-tools}-20160110-1.{fc20,fc21,fc22,fc23,el6,el7}.{i686,x86_64}.rpm - Libvshadow
is a library and tools used to support the Volume Service Snapshot (VSS) format.
The VSS format is used by Windows, as of Vista, to maintain copies of data on a storage media volume.
dfwinreg-20160116-1.{fc20,fc21,fc22,fc23}.{i686,x86_64}.rpm and dfwinreg-20160116-1.{el6,el7}.x86_64.rpm-
DFWinreg, or Digital Forensics Windows Registry, provides read-only access to Windows Registry objects.
The goal of dfWinReg is to provide a generic interface for accessing Windows Registry objects that resembles the Registry key hierarchy as seen on a live Windows system.
libscca{,-devel,-python,-python3,-tools}-20160108-1.{fc20,fc21,fc22,fc23}.{i686,x86_64}.rpm and libscca{,-devel,-python,-python3,-tools}-20160108-1.{el6,el7}.x86_64.rpm -
Libscca is a library to access the Windows Prefetch File (SCCA) format.
See here for the list of changes.
plaso-1.4-2.{fc20,fc21,fc22,fc23}.{i686,x86_64}.rpm, plaso-1.4-2.{el6,el7}.x86_64.rpm - Plaso
is the Python based back-end engine used by tools such as log2timeline for automatic creation of a super timelines.
The goal of log2timeline (and thus plaso) is to provide a single tool that can parse various log files and forensic artifacts from computers
and related systems, such as network equipment to produce a single correlated timeline.
This timeline can then be easily analysed by forensic investigators/analysts, speeding up investigations by correlating the vast amount of information found on an average computer system.
This release adds the missing artifacts and python-requests dependencies.
At this time, this repository, in combination of all supporting repositories, provides all of the necessary packages for Fedora versions 20, 21, 22, and 23 for i686 and x86_64
architectures and CentOS/RHEL versions 7 for the x86_64 architecture for this version of plaso.
libfsntfs{,-devel,-python,-tools}-20160108-1.(fc20,fc21,fc22,fc23,el6,el7}.{i686,x86_64}.rpm - Libfsntfs contains library and tools to access the New Technology File System (NTFS).
See here for the list of changes.