fred-0.1.0beta4-1.{fc14,fc15,fc16,fc17}.noarch.rpm - Fred Forensic Registry EDitor (fred) is a cross-platform Microsoft
registry hive editor. This project was born out of the need for a reasonably good registry hive viewer for Linux to conduct forensic analysis. Therefore it includes some
functions not found in normal "free" registry editors like a hex viewer with data interpreter and a reporting function that can easily be extended with custom ECMAScript
report templates. The current version contains the following reports: NTUSER_RecentDocs, NTUSER_TypedUrls, SAM_UserAccounts, SOFTWARE_WindowsVersion, SYSTEM_CurrentNetworkSettings,
SYSTEM_SystemTimeInfo and SYSTEM_UsbStorageDevices.
CERT-Forensics-Tools-1.0-41.{fc14,fc15,fc16,fc17,el5,el6}.noarch.rpm -
This package was updated to do the following:
add fred for Fedora systems only
tcpflow-1.2.7-1.{fc14,fc15,fc16,fc17,el5,el6}.{i386,x86_64}.rpm - Tcpflow is a program
that captures data transmitted as part of TCP connections (flows), and stores the data in a way that is convenient for protocol analysis and debugging.
Each TCP flow is stored in its own file. Thus, the typical TCP flow will be stored in two files, one for each direction.
Tcpflow can also process stored tcpdump packet flows.
Here are the changes in this version:
src/main.cpp (main): -r option now allows for multiple files to be specified.
src/main.cpp (main): -R option now allows for incomplete tcp connections to be finished.
src/main.cpp (main): removed global "tcpdemux demux" variable. Now it's passed as *user in the datalink methods, as it should be.
src/tcpdemux.h (class tcpip): bytes_printed renamed to bytes_processed, as it will be used in packet processing as well.
pytsk-20120626-1.{fc14,fc15,fc16,fc17,el5,el6}.{i386,x86_64}.rpm - Pytsk is Python bindings for
The Sleuth Kit.
python-xlwt-0.7.4-1.{fc14,fc15,fc16,fc17,el5,el6}.{i386,x86_64}.rpm - Python-xlwt is a library for generating spreadsheet files that
are compatible with Excel 97/2000/XP/2003, OpenOffice.org Calc, and Gnumeric. Python-xlwt has full support for Unicode. Excel spreadsheets can be generated on any platform without
needing Excel or a COM server.
yaf{,-devel}-2.2.1-2.{el5}.{i386,x86_64}.rpm - Yaf is Yet Another Flowmeter and yaf is a suite of tools to do
flow metering. yaf is used as a sensor to capture flow information on a network and export that information in IPFIX format. It reads packet data from
pcap(3) dumpfiles as generated by tcpdump(1), from live capture from an interface using pcap(3), an Endace DAG capture device, or a Napatech adapter,
aggregates these packets into flows, and exports flow records via IPFIX over SCTP, TCP or UDP, Spread, or into serialized IPFIX message streams (IPFIX
files) on the local file system.
Note that this release of Yaf is only available for CentOS/RHEL 5. All other versions use Yaf-2.2.2 and beyond.
The change is to use libfixbuf-1.1.2-1.