LiFTeR: Changes for January 8, 2016
- super_mediator-1.2.1-1.{fc20,fc21,fc22,fc23,el6}.{i686,x86_64}.rpm and super_mediator-1.2.1-1.el7.x86_64.rpm -
Super_mediator is an IPFIX mediator for use with the YAF
and SiLK tools.
It collects and filters YAF output data to various IPFIX collecting processes and/or csv files.
Super_mediator can be configured to perform de-duplication of DNS resource records as exported by YAF.
See here for the changes since the last released version (1.1.3).
- yaf{,-devel}-2.8.0-1.{fc20,fc21,fc22,el6}.{i686,x86_64}.rpm and yaf{,-devel}-2.8.0-1.el7.x86_64.rpm -
Yaf is Yet Another Flowmeter and yaf is a suite of tools to do flow metering.
Yaf is used as a sensor to capture flow information on a network and export that information in IPFIX format.
It reads packet data from pcap(3) dumpfiles as generated by tcpdump(1), from live capture from an interface using
pcap(3), an Endace DAG capture device,
or a Napatech adapter, aggregates these packets into flows, and exports flow records via IPFIX
over SCTP, TCP or
UDP, Spread, or into serialized IPFIX message streams (IPFIX files) on the local file system.
See here for the changes since the last released version (2.7.1).
- libesedb{,-devel,-python,-tools}-20151213-1.{fc20,fc21,fc22,fc23,el6}.{i686,x86_64}.rpm and libesedb{,-devel,-python,-tools}-20151213-1.el7.x86_64.rpm -
Libesedb contains a library and tools to access the Extensible Storage Engine (ESE) Database File (EDB) format.
ESEDB is used in may different applications like Windows Search, Windows Mail, Exchange, Active Directory, etc.
See here for the list of changes.
- libevt{,-devel,-python,-tools}-20151206-1.{fc20,fc21,fc22,fc23,el6,el7}.{i686,x86_64}.rpm - Libevt contains libraries and tools
to access the Windows Event Log (EVT) format files.
See here for the list of changes.
- libevtx{,-devel,-python,-tools}-20160103-1.{fc20,fc21,fc22,fc23,el6}.{i686,x86_64}.rpm and libevtx{,-devel,-python,-tools}-20160103-1.el7.x86_64.rpm -
Libevtx contains libraries and tools
to access the Windows XML Event Log (EVTX) format files.
See here for the list of changes.
- liblnk{,-devel,-python,-tools}-20151205-1.{fc20,fc21,fc22,fc23,el6}.{i686,x86_64}.rpm and liblnk{,-devel,-python,-tools}-20151205-1.el7.x86_64.rpm -
Liblnk contains libraries and tools to access the
Windows Shortcut File (LNK) format file.
See here for the list of changes.
- libmsiecf{,-devel,-python,-tools}-20151220-1.{fc20,fc21,fc22,fc23,el6}.{i686,x86_64}.rpm and libmsiecf{,-devel,-python,-tools}-20151220-1.el7.x86_64.rpm -
Libmsiecf contains libraries and tools to access the Microsoft Internet Explorer (MSIE) Cache File (index.dat) files.
See here for the list of changes.
- libolecf{,-devel-,-python,-tools}-20151223-1.{fc20,fc21,fc22,fc23,el6,el7}.{i686,x86_64}.rpm - Libolecf
contains libraries and tools to access the OLE 2 Compound File (OLECF) format filed.
See here for the list of changes.
- libqcow{,-devel,-tools,-python}-20151219-1.{fc20,fc21,fc22,fc23,el6}.{i686,x86_64}.rpm and libqcow{,-devel,-tools,-python}-20151219-1.el7.x86_64.rpm -
Libqcow is a library and tools used to access the QEMU Copy-On-Write (QCOW) image format.
See here for the list of changes.
- libsmdev{,-devel,-python,-tools}-20151219-1.{fc20,fc21,fc22,fc23,el6}.{i686,x86_64}.rpm and libsmdev{,-devel,-python,-tools}-20151219-1.el7.x86_64.rpm -
Libsmdev is a library and tools used to access storage media devices.
See here for the list of changes.
- libsmraw{,-devel,-python,-tools}-20151219-1.{fc20,fc21,fc22,fc23,el6}.{i686,x86_64}.rpm and libsmraw{,-devel,-python,-tools}-20151219-1.el7.x86_64.rpm -
Libsmraw is a library and tools used to read and write (split) RAW storage media bitstream copies.
Libsmraw contains supports for multiple (split) RAW naming schemes.
See here for the list of changes.
- libvhdi{,-devel,-python,-tools}-20151220-1.{fc20,fc21,fc22,fc23,el6}.{i686,x86_64}.rpm and libvhdi{,-devel,-python,-tools}-20151220-1.el7.x86_64.rpm -
Libvhdi is a library and tools to access the Virtual Hard Disk (VHD) image format.
Note that this project has an experimental status.
See here for the list of supported disk formats.
- libvshadow{,-devel,-python,-tools}-20151220-1.{fc20,fc21,fc22,fc23,el6}.{i686,x86_64}.rpm and libvshadow{,-devel,-python,-tools}-20151220-1.el7.x86_64.rpm -
Libvshadow is a library and tools used to support the Volume Service Snapshot (VSS) format.
The VSS format is used by Windows, as of Vista, to maintain copies of data on a storage media volume.
See here for the list of changes.
- dfvfs-20151227-1.{fc20,fc21,fc22,fc23,el6,el7}.noarch.rpm - dfVFS,
the Digital Forensics Virtual File System, provides read-only access to file-system objects from various storage media types and file formats.
The goal of dfVFS is to provide a generic interface for accessing file-system objects, for which it uses several
back-ends that provide the actual implementation of the various storage media types, volume systems and file systems.
See here for the list of changes.
At this time, this repository, in combination of all supporting repositories, provides all of the necessary packages for Fedora versions 20, 21, 22, and 23 for i686 and x86_64 architectures and CentOS/RHEL versions 6 and 7 for the x86_64 architecture for this version of dfvfs.
- libregf{,-devel,-python,-tools}-20151223-1.{fc20,fc21,fc22,fc23,el6}.{i686,x86_64}.rpm and libregf{,-devel,-python,-tools}-20151223-1.el7.x86_64.rpm -
Libregf contains libraries and tools to access the Windows NT Registry File files.
See here for the list of changes.
- exfat-utils-1.2.3-1.{fc20,fc21,fc22,fc23,el6,el7}.{i686,x86_64}.rpm - The EXfat-utils are a set of utilities
for creating, checking, dumping and labeling exFAT file systems.
See here for the list of changes since the last released version (1.2.0).
- nDPI{,-devel}-1.7.1-1.{fc20,fc21,fc22,fc23,el6,el7}.{i686,x86_64}.rpm - nDPI is a ntop-maintained superset of
the popular OpenDPI library. Released under the GPL license, its goal is to extend the original library by adding new protocols that are otherwise available
only on the paid version of OpenDPI. In addition to Unix platforms, we also support Windows, in order to provide you a cross-platform DPI experience.
Furthermore, we have modified nDPI do be more suitable for traffic monitoring applications, by disabling specific features that slow down the DPI engine while
being them un-necessary for network traffic monitoring.
nDPI is used by both ntop and nProbe for adding application-layer detection of protocols, regardless of the port being used. This means that it is possible to both detect known protocols on non-standard ports (e.g. detect http non ports other than 80), and also the opposite (e.g. detect Skype traffic on port 80). This is because nowadays the concept of port=application no longer holds.
See here for the list of supported protocols.
- fmem-kernel-modules-fc23-{i686,x86_64}-1.6-1.5.noarch.rpm - Support for the following kernels were added for
Fmem:
- 4.2.8-300 for FC23
- lime-kernel-modules-fc23-{i686,x86_64}-1.1.r17-5.noarch.rpm - Support for the following kernels were added for
LiME:
- 4.2.8-300 for FC23
- fmem-kernel-modules-fc22-{i686,x86_64}-1.6-1.21.noarch.rpm - Support for the following kernels were added for
Fmem:
- 4.2.8-200 for FC22
- lime-kernel-modules-fc22-{i686,x86_64}-1.1.r17-21.noarch.rpm - Support for the following kernels were added for
LiME:
- 4.2.8-200 for FC22
- fmem-kernel-modules-el7-x86_64-1.6-1.17.noarch.rpm - Support for the following kernels were added for
Fmem:
- 3.10.0-327.4.4 for EL7
- lime-kernel-modules-el7-x86_64-1.1.r17-17.noarch.rpm - Support for the following kernels were added for
LiME:
- 3.10.0-327.4.4 for EL7
- Fedora 19 - Updates to Fedora 19 for both the i686 and x86_64 CPU architectures have ceased.
- Fedora 18 - Updates to Fedora 18 for both the i686 and x86_64 CPU architectures have ceased.
- Fedora 17 - Updates to Fedora 17 for both the i686 and x86_64 CPU architectures have ceased.
- CentOS 5 - Updates to CentOS 5 for both the i686 and x86_64 CPU architectures have ceased.