LiFTeR: Changes for November 9, 2018
- pfring-7.2.0-2226.{el6,el7}.x86_64.rpm - PF_Ring is a new type of network socket that dramatically
improves the packet capture speed.
This package contains header files and libraries, among other files, to support the PF_Ring network socket.
- pfring-dkms-7.2.0-2226.{el6,el7}.x86_64.rpm - PF_Ring is a new type of network socket that dramatically
improves the packet capture speed.
This package conains the code and supporting files needed to create the PF_Ring kernel module.
- xmount-0.7.6-3.{fc23,fc24,fc25,fc26,fc27,fc28,fc29,el6,el7}.{i686,x86_64}.rpm - Xmount
is a tool that allows you to convert on-the-fly between multiple input and output harddisk image types.
- cutter-1.7.2-2.{fc26,fc27,fc28,fc29}.{i686,x86_64}.rpm and cutter-1.7.2-2.el7.x86_64.rpm - Cutter is a Qt and C++
GUI for radare2 reverse engineering framework.
Its goal is making an advanced, customizable, and FOSS (free and open-source software) reverse-engineering platform while keeping the user experience at mind.
Cutter is created by reverse engineers for reverse engineers.
This version of cutter is based on the code dated 2018-11-08 which was built to embed radare2 version 2.6.0 in it.
- CERT-Forensics-Tools-1.0-81.{fc23,fc24,fc25,fc26,fc27,fc28,fc29,el6}.{i686,x86_64}.rpm and CERT-Forensics-Tools-1.0-81.el7.x86_64.rpm -
The changes since the last release (1.0-78) are the following:
- Umit replaces nmap-frontend for Fedora systems.
- wireshark-gnome is not installed on Fedora 29-based systems because this package is not provided by RedHat.
- Cutter replaces bokken for Fedora 26 through 29 systems and for CentOS/RHEL 7 systems. In addition, python-radare2 has also been obsoleted on Fedora 26 through 29 systems and for CentOS/RHEL 7 systems since it is no longer needed and incompatible with the latest version of radare2 on Fedora systems.
- The PacketExaminer package is installed.
- python{2,3}-scapy-2.4.0-4.{fc23,fc24,fc25,el7}.noarch.rpm - Scapy is a powerful interactive packet manipulation program.
It is able to forge or decode packets of a wide number of protocols, send them on the wire, capture them, match requests and replies, and much more.
It can easily handle most classical tasks like scanning, tracerouting, probing, unit tests, attacks or network discovery (it can replace hping, 85% of nmap, arpspoof, arp-sk, arping,
tcpdump, tethereal, p0f, etc.).
It also performs very well at a lot of other specific tasks that most other tools can’t handle, like sending invalid frames, injecting your own 802.11 frames,
combining technics (VLAN hopping+ARP cache poisoning, VOIP decoding on WEP encrypted channel, …), etc.
- python{,3}-prettytable-0.7.2-3.el7.noarch.rpm - Python-PrettyTable is a simple Python library designed to make it quick
and easy to represent tabular data in visually appealing ASCII tables.
It was inspired by the ASCII tables used in the PostgreSQL shell psql.
PrettyTable allows for selection of which columns are to be printed, independent alignment of columns (left or right justified or centred) and printing of “sub-tables” by specifying a row range.
- packetexaminer-0.9-1.{fc23,fc24,fc25,fc26,fc27,fc28,fc29,el7}.{i686,x86_64}.rpm - PacketExaminer is a harness to perform PCAP analysis that
a security engineer may do during an incident response or when looking at network security.
The author found that they were frequently using a collection of tools and techniques again and again and thought it would be helpful to create a program that would do this.
This hopefully automates some routine functions that one would do manually.
- examiner-tooldocumentation-1.18-8.el7.noarch.rpm - The following packages were updated to added to the documetation suite found on the desktop:
- packetexaminer
- bokken
sudo manage-examiner-login -S -v
to install these changes in the examiner's desktop.
- fmem-kernel-modules-fc29-{i386,x86_64}-1.6-1.2.noarch.rpm - Support for the following kernels were added for
Fmem:
- 4.18.17-300 for FC29
- lime-kernel-modules-fc29-{i386,x86_64}-1.1.r17-2.noarch.rpm - Support for the following kernels were added for
LiME:
- 4.18.17-300 for FC29
- fmem-kernel-modules-fc28-{i386,x86_64}-1.6-1.22.noarch.rpm - Support for the following kernels were added for
Fmem:
- 4.18.17-200 for FC28
- lime-kernel-modules-fc28-{i386,x86_64}-1.1.r17-22.noarch.rpm - Support for the following kernels were added for
LiME:
- 4.18.17-200 for FC28