sleuthkit-{,devel,libs,debuginfo}-3.2.2-1.{fc11,fc12,fc13,fc14,fc15,el5}.{i686,x86_64}.rpm - The Sleuth Kit (TSK) is a
library and collection of command line tools that allow you to investigate volume and file system data.
yaf{,-devel}-2.0.2-1.{fc11,fc12,fc13,fc14,fc15,el5}.{i386,x86_64}.rpm - Yaf is Yet Another Flowmeter and yaf is a suite of tools to do
flow metering. yaf is used as a sensor to capture flow information on a network and export that information in IPFIX format. It reads packet data from
pcap(3) dumpfiles as generated by tcpdump(1), from live capture from an interface using pcap(3), an Endace DAG capture device, or a Napatech adapter,
aggregates these packets into flows, and exports flow records via IPFIX over SCTP, TCP or UDP, Spread, or into serialized IPFIX message streams (IPFIX
files) on the local file system.
Here are the changes in this version:
Improvements with Reassembly of TCP Fragments
Bug Fix for DNS Deep Packet Inspection
--no-frag switch now works
Bug Fix for expiring flows that exceed the idle timeout when reading from a file