fmem-kernel-modules-{fc19,fc20,el5,el6,el7}-{i686,x86_64}-1.6-1.*.noarch.rpm - Support for the following kernels were added for
Fmem:
3.14.13-100 for FC19
3.15.8-200 for FC20
3.15.7-200 for FC20
3.15.6-200 for FC20
3.15.5-200 for FC20
2.6.18-371.11.1 for EL5
2.6.32-431.20.5 for EL6
3.10.0-123.4.4 for EL7
lime-kernel-modules-{fc19,fc20,el5,el6,el7}-{i686,x86_64}-1.1.r17-*.noarch.rpm - Support for the following kernels were added for
LiME:
3.14.13-100 for FC19
3.15.8-200 for FC20
3.15.7-200 for FC20
3.15.6-200 for FC20
3.15.5-200 for FC20
2.6.18-371.11.1 for EL5
2.6.32-431.20.5 for EL6
3.10.0-123.4.4 for EL7
dfvfs-20140727-1.{fc17,fc18,fc19,fc20,el6,el7}.noarch.rpm - Dfvfs, the Digital Forensics Virtual File System, provides read-only access to file-system objects from
various storage media types and file formats. The goal of dfVFS is to provide a generic interface for accessing file-system objects, for which it uses several back-ends that provide the actual implementation
of the various storage media types, volume systems and file systems.
libesedb{,-devel,-python,-tools}-20140803-1.{fc17,fc18,fc19,fc20,el5,el6}.{i686,x86_64}.rpm and libesedb-{,devel,python,tools}-20140803-1.el7.x86_64.rpm -
Libesedb
contains a library and tools to access the Extensible Storage Engine (ESE) Database File (EDB) format.
ESEDB is used in may different applications like Windows Search, Windows Mail, Exchange, Active Directory, etc.
See here for the list of changes.
libevt{,-devel,-python,-tools}-20140731-1.{fc17,fc18,fc19,fc20,el5,el6,el7}.{i686,x86_64}.rpm -
Libevt
contains libraries and tools to access the Windows Event Log (EVT) format files.
See here for the list of changes.
libevtx{,-devel,-python,-tools}-20140731-1.{fc17,fc18,fc19,fc20,el5,el6}.{i686,x86_64}.rpm and libevtx-{,devel,python,tools}-20140731-1.el7.x86_64.rpm -
Libevtx contains libraries and tools
to access the Windows XML Event Log (EVTX) format files.
See here for the list of changes.
liblnk{,-devel,-python,-tools}-20140731-1.{fc17,fc18,fc19,fc20,el5,el6}.{i686,x86_64}.rpm and liblnk{,-devel,-python,-tools}-20140731-1.el7.x86_64.rpm -
liblnk contains libraries and tools
to access the Windows Shortcut File (LNK) format file.
See here for the list of changes.
libmsiecf{,-devel,-python,-tools}-20140731-1.{fc17,fc18,fc19,fc20,el5,el6}.{i686,x86_64}.rpm and libmsiecf{,-devel,-python,-tools}-20140731-1.el7.x86_64.rpm -
libmsiecf contains libraries and tools to access the Microsoft Internet Explorer (MSIE) Cache File (index.dat) files.
See here for the list of changes.
libolecf{,-devel,-python,-tools}-20140801-1.{fc17,fc18,fc19,fc20,el5,el6,el7}.{i686,x86_64}.rpm - libolecf contains libraries and tools
to access the OLE 2 Compound File (OLECF) format filed.
See here for the list of changes.
libqcow{,-devel,-tools,-python}-20140729-1.{fc17,fc18,fc19,fc20,el5,el6}.{i686,x86_64}.rpm and libqcow{,-devel,-tools,-python}-20140729-1.el7.x86_64.rpm -
Libqcow is a library and tools used to access the QEMU Copy-On-Write (QCOW) image format.
See here for the list of changes.
libregf{,-devel,-python,-tools}-20140803-1.{fc17,fc18,fc19,fc20,el5,el6}.{i686,x86_64}.rpm and libregf{,-devel,-python,-tools}-20140803-1.el7.x86_64.rpm -
libregf contains libraries and tools
to access the Windows NT Registry File files.
See here for the list of changes.
libsmdev{,-devel,-tools,-python}-20140803-1.{fc17,fc18,fc19,fc20,el5,el6}.{i686,x86_64}.rpm and libsmdev{,-devel,-tools,-python}-20140803-1.el7.x86_64.rpm -
Libsmdev is a library and tools used to access storage media devices.
See here for the list of changes.
libsmraw{,-devel,-tools,-python}-20140728-1.{fc17,fc18,fc19,fc20,el5,el6}.{i686,x86_64}.rpm -
Libsmraw is a library and tools used to read and write (split) RAW storage media bitstream copies.
Libsmraw contains supports for multiple (split) RAW naming schemes.
See here for the list of changes.
libvshadow{,-devel,-tools,-python}-20140731-1.{fc17,fc18,fc19,fc20,el5,el6}.{i686,x86_64}.rpm and libvshadow{,-devel,-tools,-python}-20140731-1.el7.x86_64.rpm -
Libvshadow is a library and tools used to support the Volume Service Snapshot (VSS) format.
The VSS format is used by Windows, as of Vista, to maintain copies of data on a storage media volume.
See here for the list of changes.
python-registry-1.0.4-1.{fc17,fc18,fc19,fc20,el7}.{i386,x86_64}.rpm - Python-registry provides read-only access
to Windows Registry files, such as NTUSER.DAT, userdiff, and SOFTWARE.
The interface is two-fold: a high-level interface suitable for most tasks, and a low level set of parsing objects and methods which may be used for advanced
study of the Windows Registry.
Python-registry is written in pure Python, making it portable across all major platforms.
libfixbuf{,-devel}-1.5.0-1.{fc17,fc18,fc19,fc20,el5,el6,el7}.{i686,x86_64}.rpm - Libfixbuf
is a compliant implementation of the IPFIX Protocol, as defined in the "Specification of the IPFIX Protocol for the Export of IP Flow Information" (RFC 5101).
See here for the list of changes.
silk-{analysis,common,devel,flowcap,rwflowappend,rwflowpack,rwpollexec,rwreceiver,rwsender}-3.8.3-3.{fc17,fc18,fc19,fc20,el5,el6,el7}.{i686,x86_64}.rpm -
SiLK is the System for Internet-Level Knowledge, a collection of
traffic analysis tools developed by the CERT Network Situational Awareness Team (CERT NetSA) to facilitate security analysis of large networks.
See here for a list of changes in this version.
silk-{analysis,common,devel,flowcap,rwflowappend,rwflowpack,rwpollexec,rwreceiver,rwsender}-3.8.3-4.{fc17,fc18,fc19,fc20,el6,el7}.{i686,x86_64}.rpm -
This release of the SiLK tools can be found in an optional repository that is now part of
cert-forensics-tools-release named forensics-sip, the definition of which can be found in /etc/yum.repos.d/cert-forensics-tools.repo.
This repo is diabled by default and can be enabled by running the script named /usr/bin/EnableSilkWithIPA as root.
super_mediator-0.3.0-4.{fc16,fc17,fc18,fc19,el5,el6}.{i686,x86_64}.rpm - Super_mediator
is an IPFIX mediator for use with the YAF
and SiLK tools.
It collects and filters YAF output data to various IPFIX collecting processes and/or csv files.
Super_mediator can be configured to perform de-duplication of DNS resource records as exported by YAF.
This package was rebuilt to use libfixbuf version 1.5.0.
yaf{,-devel}-2.5.0-2.{fc17,fc18,fc19,fc20,el6}.{i686,x86_64}.rpm and yaf{,-devel}-2.5.0-2.el7.x86_64.rpm -
Yaf is Yet Another Flowmeter and yaf is a suite of tools to do flow metering.
Yaf is used as a sensor to capture flow information on a network and export that information in IPFIX format.
It reads packet data from pcap dumpfiles as generated by tcpdump, from live capture from an interface
using pcap, an Endace DAG capture device, or a Napatech adapter, aggregates these packets into flows, and exports flow records via IPFIX over SCTP, TCP or UDP, Spread, or into
serialized IPFIX message streams (IPFIX files) on the local file system.
This package was rebuilt to use libfixbuf version 1.5.0.