LiFTeR: Changes for September 6, 2023
- bellsoft-jdk17.0.8.1+1-linux-{amd64,aarch64}-full.rpm -
Bellsoft Java was installed for Fedora 36, 37, and 38, CentOS/RHEL 7 and 8 Stream, and Amazon Linux 2 for the x86_64 architecture,
and the CentOS 9 Stream reposotiries for the x86_64 and aarch64 architectures..
- sleuthkit{,-devel,-libs}-4.12.1-100.{fc36,fc37,fc38,el7,el8,amzn2}.x86_64.rpm and sleuthkit{,-devel,-libs}-4.12.1-100.el9.{x86_64,aarch64}.rpm -
The Sleuth Kit (TSK) is a library and collection of command line tools that allow you to investigate volume and file system data.
- autopsy-4.21.0-1.{fc36,fc37,fc38,el7,el8,amzn2}.x86_64.rpm and autopsy-4.21.0-1.el9.{x86_64,aarch64}.rpm -
Autopsy® is a digital forensics platform and graphical interface to The Sleuth Kit® and other digital forensics tools.
It is used by law enforcement, military, and corporate examiners to investigate what happened on a computer.
You can even use it to recover photos from your camera's memory card.
Notes:
- This version uses Java 8 from Bellsoft.
- This release corrects errors in the /usr/bin/autopsy script where the hardware platform was incorrectly determined.
- This release fixes a problem with the Java JAR file from the Sleuthkit for the AARCH64 hardware platform. This means that autopsy does work in CentOS 9 for the AARCH64 architecture.
- If you wish to run
autopsy
on a system that you are accessing via Microsoft's Remote Desktop Protocol (RDP), testing has shown that the setting the color depth on the backend X server is critical. Use the following to install the XRDP client, if necessary, adjust the host's firewall to allow RDP connection, adjust this depth parameter, and start or restart the XRDP client:
[ -f /etc/xrdp/xrdp.ini ] || (sudo $(uname -r | grep -q el7 && echo yum || echo dnf) install xrdp && sudo systemctl enable xrdp)
sudo firewall-cmd --permanent --add-port=3389/tcp; sudo firewall-cmd --reload
sudo sed --in-place 's/#xserverbpp=24/xserverbpp=24/' /etc/xrdp/xrdp.ini
sudo systemctl stop xrdp
sudo systemctl start xrdp
- pfring-8.7.0-8483.x86_64.rpm -
PF_Ring is a new type of network socket that dramatically improves the packet capture speed.
This package contains header files and libraries, among other files, to support the PF_Ring network socket.
Here is the announcement of PF_Ring 7.8.
This package was installed for CentOS 7 for the x86_64 architecture.
- pfring-dkms-8.7.0.8483-dkms.noarch.rpm -
PF_Ring is a new type of network socket that dramatically improves the packet capture speed.
This package conains the code and supporting files needed to create the PF_Ring kernel module.
This package was installed for CentOS 7 for the x86_64 architecture.
- ndpi-4.7.0-4368.x86_64.rpm -
ndpi is an open source LGPLv3 library for deep-packet inspection.
This package was installed for CentOS 7 for the x86_64 architecture.
- pfring-8.7.0-8487.x86_64.rpm -
PF_Ring is a new type of network socket that dramatically improves the packet capture speed.
This package contains header files and libraries, among other files, to support the PF_Ring network socket.
Here is the announcement of PF_Ring 7.8.
This package was installed for CentOS 8 Stream and 9 Stream for the x86_64 architecture.
- pfring-dkms-8.7.0.8487-dkms.noarch.rpm -
PF_Ring is a new type of network socket that dramatically improves the packet capture speed.
This package conains the code and supporting files needed to create the PF_Ring kernel module.
This package was installed for CentOS 8 Stream and 9 Stream for the x86_64 architecture.
- ndpi-4.7.0-4372.x86_64.rpm -
ndpi is an open source LGPLv3 library for deep-packet inspection.
This package was installed for CentOS 8 Stream and 9 Stream for the x86_64 architecture.
- lime-kernel-modules-fc38-x86_64-1.9.1-13.noarch.rpm -
Support for the following kernels were added for LiME:
- 6.4.13-200 for FC38
- fmem-kernel-modules-fc38-x86_64-1.6-1.13.noarch.rpm -
Support for the following kernels were added for Fmem:
- 6.4.13-200 for FC38
- lime-kernel-modules-fc37-x86_64-1.9.1-13.noarch.rpm -
Support for the following kernels were added for LiME:
- 6.4.13-100 for FC37
- fmem-kernel-modules-fc37-x86_64-1.6-1.13.noarch.rpm -
Support for the following kernels were added for Fmem:
- 6.4.13-100 for FC37
- lime-kernel-modules-el8-x86_64-1.9.1-43.noarch.rpm -
Support for the following kernels were added for LiME:
- 4.18.0-513 for EL8
- fmem-kernel-modules-el8-x86_64-1.6-1.43.noarch.rpm -
Support for the following kernels were added for Fmem:
- 4.18.0-513 for EL8