lime-kernel-modules-fc19-{i686,x86_64}-1.1.r17-10.noarch.rpm - Support for the following kernels were added for
LiME:
3.14.27-100 for FC19
fmem-kernel-modules-fc19-{i686,x86_64}-1.6-1.10.noarch.rpm - Support for the following kernels were added for
Fmem:
3.14.27-100 for FC19
distorm3-3.0-1.{fc17,fc18,fc19,fc20,fc21,el5,el6}.{i386,x86_64}.rpm and distorm3-3.0-1.el7.x86_64.rpm -
Distorm3 is a lightweight, easy-to-use and fast decomposer library.
It disassembles instructions in 16, 32 and 64 bit modes.
Supported instruction sets: FPU, MMX, SSE, SSE2, SSE3, SSSE3, SSE4, 3DNow! (w/ extensions), new x86-64 instruction sets, VMX, AMD's SVM and AVX.
Distorm3 is used by The Volatility Framework.
The changes are listed here.
ghostpdl-9.15-1.{fc17,fc18,fc19,fc20,fc21,el5,el6}.{i686,x86_64}.rpm and ghostpdl-9.15-1.el7}.x86_64.rpm -
Ghostpdl is Artifex Software's implementation of the PCL-5™ and PCL-XL™ family of page description languages.
Ghostpdl is used by Xplico.
This is the eleventh full release in the stable 9.x series, and is primarily a maintenance release.
Highlights in this release include:
Ghostscript now supports the PDF security handler revision 6.
The pdfwrite and ps2write (and related) devices can now be forced to "flatten"
glyphs into "basic" marking operations (rather than writing fonts to the output),
by giving the -dNoOutputFonts command line option (defaults to "false")
PostScript programs can now use get_params or get_param to determine if a page contains color markings by reading the pageneutralcolor
state from the device (so whether the page is "color" or "mono").
Note that this is only accurate when in clist mode, so -dMaxBitmap=0 and -dGrayDetection=true should both be used.
The pdfwrite device now supports Link annotations with GoTo and GoToR actions
The pdfwrite device now supports BMC/BDC/EMC pdfmarks
Regarding the new color management for the pdfwrite device introduced in the previous release, the proscription on using the new color management when producing
PDF/A-1 compliant files is now lifted. To reiterate, also, with the new color management implementation, using the
UseCIEColor option is strongly discouraged.
For further information on the new pdfwrite color management,
see: Color Conversion and Management
Plus the usual round of bug fixes, compatibility changes, and incremental improvements.
To see all of the changes for all releases of ghostpdl, view ths file file:///usr/share/doc/ghostpdl/History9.htm on a system where ghostpdl is installed.
LogAnalysisToolKit-1.7-1.{fc17,fc18,fc19,fc20,fc21,el5,el6,el7}.noarch.rpm - LogAnalysisToolkit is a collection of command line and web-based tools for
use in incident response and long-term analysis of web server and proxy server log data.
LATK can detect beaconing traffic in proxy logs and SQL injection, and XSS attempts in web server logs.
Often when responding to a security incident, the only files available are web server and proxy server logs.
LATK will aid you in detecting odd traffic, such as botnet beaconing and SQL injection attempts.
The data available in these files can be overwhelming, but the tools in LATK can be used to parse these files and build a MySQL database for querying.
dino-1.5-1.{fc17,fc18,fc19,fc20,fc21,el5,el6,el7}.noarch.rpm - Dino, the drop in network observer, is a lightweight front end for network visualization.
Project:DINO, short for Drop In Network Observer, uses the open source network monitoring tools SiLK and
SNORT to create an easy to use dashboard for situational awareness.
It is built on PHP and Open Flash Chart, it is designed to be run
on Linux systems and has been tested on Fedora, Redhat and Ubuntu.
DINO queries flow records stored by SiLK and creates graphs of things like top talkers, incoming/outgoing traffic/hourly
traffic/top ports and snort alerts with the related flows records.
yaf{,-devel}-2.7.0-1.{fc17,fc18,fc19,fc20,fc21,el6}.{i686,x86_64}.rpm and yaf{,-devel}-2.7.0-1.el7.x86_64.rpm -
Yaf is Yet Another Flowmeter and yaf is a suite of tools to do flow metering.
Yaf is used as a sensor to capture flow information on a network and export that information in IPFIX format.
It reads packet data from pcap(3) dumpfiles as generated by tcpdump(1), from live capture from an interface using
pcap(3), an Endace DAG capture device,
or a Napatech adapter, aggregates these packets into flows, and exports flow records via IPFIX
over SCTP, TCP or
UDP, Spread, or into serialized IPFIX message streams (IPFIX files) on the local file system.
Here are the changes from the last version (2.6.0):
New YAF option --no-output to produce no IPFIX output
New YAF options --hash and --stime to search for a single flow with the given hash and start time
DNS DPI now exports query section of resource record for all responses with nonzero RCODE
Faster searching of pcap-meta files
Implement SAME_SIZE flag for TCP flows
Minor Bug Fixes
snarf{,-devel,-python}-0.2.4-1.{fc17,fc18,fc19,fc20,el6,el7}.{i686,x86_64}.rpm - Snarf is a distributed alert reporting system.
Applications can use snarf's C and Python APIs to construct and send network alert messages,
which can then be routed to multiple destinations in a configurable manner.
Here are the changes:
Support non-flow ip address fields in alerts.
Fix ZeroMQ compatibility problems, now requires ZeroMQ 2.2.x.
Fix problem with certain GLib2 version / platform combinations.
libbde{,-devel,-python,-tools}-20150106-1.{fc17,fc18,fc19,fc20,fc21,el5,el6}.{i686,x86_64}.rpm libbde{,-devel,-python,-tools}-20150106-1.el7.x86_64.rpm -
Libbde is a library and tools to access the BitLocker
Drive Encryption (BDE) format. The BDE format is used by Windows, as of Vista, to encrypt data on a storage media volume.
See here for the list of changes.
libbfio{,-devel,-python,-tools}-20150105-1.{fc17,fc18,fc19,fc20,fc21,el5,el6,el7}.{i386,x86_64}.rpm - Libbfio is a
library that provides basic file input/output abstraction. Libbfio is used in multiple other libraries like libewf, libmsiecf, libnk2, libolecf and libpff.
It is used to chain I/O to support file-in-file access.
See here for the list of changes.
libevt{,-devel,-python,-tools}-20150105-1.{fc17,fc18,fc19,fc20,fc21,el5,el6,el7}.{i686,x86_64}.rpm - Libevt contains libraries and tools
to access the Windows XML Event Log (EVT) format files.
See here for the list of changes.
libevtx{,-devel,-python,-tools}-20150105-1.{fc17,fc18,fc19,fc20,fc21,el5,el6,el7}.{i686,x86_64}.rpm and libevtx{,-devel,-python,-tools}-20150105-1.el7.x86_64.rpm -
Libevtx contains libraries and tools
to access the Windows XML Event Log (EVTX) format files.
See here for the list of changes.
liblnk{,-devel,-python,-tools}-20150105-1.{fc17,fc18,fc19,fc20,fc21,el5,el6}.{i686,x86_64}.rpm and liblnk{,-devel,-python,-tools}-20150105-1.el7.x86_64.rpm -
liblnk contains libraries and tools
to access the Windows Shortcut File (LNK) format file.
See here for the list of changes.
libmsiecf{,-devel,-python,-tools}-20150106-1.{fc17,fc18,fc19,fc20,el5,el6}.{i686,x86_64}.rpm and libmsiecf{,-devel,-python,-tools}-20150106-1.el7.x86_64.rpm -
libmsiecf contains libraries and tools to access the Microsoft Internet Explorer (MSIE) Cache File (index.dat) files.
See here for the list of changes.
libolecf{,-devel-,-python,-tools}-20150106-1.{fc17,fc18,fc19,fc20,el5,el6,el7}.{i686,x86_64}.rpm - libolecf contains libraries and tools
to access the OLE 2 Compound File (OLECF) format filed.
See here for the list of changes.
libqcow{,-devel,-tools,-python}-20150105-1.{fc17,fc18,fc19,fc20,fc21,el5,el6}.{i686,x86_64}.rpm and libqcow{,-devel,-tools,-python}-20150105-1.el7.x86_64.rpm -
Libqcow is a library and tools used to access the QEMU Copy-On-Write (QCOW) image format.
See here for the list of changes.
libregf{,-devel,-python,-tools}-20150105-1.{fc17,fc18,fc19,fc20,fc21,el5,el6}.{i686,x86_64}.rpm and libregf{,-devel,-python,-tools}-20150105-1.el7.x86_64.rpm -
libregf contains libraries and tools to access the Windows NT Registry File files.
See here for the list of changes.
libsmdev{,-devel,-python,-tools}-20150105-1.{fc17,fc18,fc19,fc20,fc21,el5,el6}.{i686,x86_64}.rpm and libsmdev{,-devel,-python,-tools}-20150105-1.el7.x86_64.rpm -
Libsmdev is a library and tools used to access storage media devices.
See here for the list of changes.
libsmraw{,-devel,-python,-tools}-20141022-1.{fc17,fc18,fc19,fc20,el5,el6}.{i686,x86_64}.rpm and libsmraw{,-devel,-python,-tools}-20141022-1.el7.x86_64.rpm -
Libsmraw is a library and tools used to read and write (split) RAW storage media bitstream copies.
Libsmraw contains supports for multiple (split) RAW naming schemes.
See here for the list of changes.
libvhdi{,-devel,-python,-tools}-20150105-1.{fc17,fc18,fc19,fc20,fc21,el5,el6}.{i686,x86_64}.rpm and libvhdi{,-devel,-python,-tools}-20150105-1.el7.x86_64.rpm -
Libvhdi is a library and tools to access the Virtual Hard Disk (VHD) image format.
Note that this project has an experimental status.
See here for the list of supported disk formats.
libvmdk{,-devel,-python,-tools}-20150105-1.{fc17,fc18,fc19,fc20,fc21,el5,el6}.{i686,x86_64}.rpm and libvmdk{,-devel,-python,-tools}-20150105-1.el7.x86_64.rpm -
Libvmdk is a library and tools used to access the VMware Virtual Disk (VMDK) image format.
See here the list of changes.
libvshadow{,-devel,-python,-tools}-20150106-1.{fc17,fc18,fc19,fc20,fc21,el5,el6}.{i686,x86_64}.rpm and libvshadow{,-devel,-python,-tools}-20150106-1.el7.x86_64.rpm -
Libvshadow is a library and tools used to support the Volume Service Snapshot (VSS) format.
The VSS format is used by Windows, as of Vista, to maintain copies of data on a storage media volume.
See here for the list of changes.