sleuthkit-4.6.7-1.1.el6.i686.rpm


Advertisement

Description

sleuthkit - The Sleuth Kit (TSK)

Property Value
Distribution CentOS 6
Repository CERT Forensics Tools i386
Package filename sleuthkit-4.6.7-1.1.el6.i686.rpm
Package name sleuthkit
Package version 4.6.7
Package release 1.1.el6
Package architecture i686
Package type rpm
Category Applications/System
Homepage http://www.sleuthkit.org
License CPL and IBM and GPLv2+
Maintainer -
Download size 5.38 MB
Installed size 14.58 MB
The Sleuth Kit (TSK) is a collection of UNIX-based command line tools that
allow you to investigate a computer. The current focus of the tools is the
file and volume systems and TSK supports FAT, Ext2/3, NTFS, UFS,
and ISO 9660 file systems

Alternatives

Package Version Architecture Repository
sleuthkit-4.6.7-1.1.el6.x86_64.rpm 4.6.7 x86_64 CERT Forensics Tools
sleuthkit - - -

Requires

Name Value
/usr/bin/perl -
file -
jpackage-utils -
libafflib.so.0 -
libc.so.6(GLIBC_2.3.4) -
libdl.so.2 -
libewf.so.2 -
libgcc_s.so.1 -
libgcc_s.so.1(GCC_3.0) -
libgcc_s.so.1(GLIBC_2.0) -
libm.so.6 -
libpthread.so.0 -
libpthread.so.0(GLIBC_2.0) -
libpthread.so.0(GLIBC_2.2) -
libsqlite3.so.0 -
libstdc++.so.6 -
libstdc++.so.6(CXXABI_1.3) -
libstdc++.so.6(GLIBCXX_3.4) -
libstdc++.so.6(GLIBCXX_3.4.11) -
libstdc++.so.6(GLIBCXX_3.4.9) -
libtsk.so.13 -
libvhdi.so.1 -
libvmdk.so.1 -
libz.so.1 -
mac-robber -
perl(POSIX) -
perl(integer) -
perl(strict) -
rtld(GNU_HASH) -
sleuthkit-libs = 4.6.7-1.1.el6

Provides

Name Value
sleuthkit = 4.6.7-1.1.el6
sleuthkit(x86-32) = 4.6.7-1.1.el6

Download

Type URL
Mirror forensics.cert.org
Binary Package sleuthkit-4.6.7-1.1.el6.i686.rpm
Source Package sleuthkit-4.6.7-1.1.el6.src.rpm

Install Howto

  1. Add EPEL and RPMForge repositories
  2. Download cert-forensics-tools-release-el6 rpm:
    https://forensics.cert.org/cert-forensics-tools-release-el6.rpm
  3. Install cert-forensics-tools-release-el6 rpm:
    # rpm -Uvh cert-forensics-tools-release*rpm
  4. Install sleuthkit rpm package:
    # yum --enablerepo=forensics install sleuthkit

Files

Path
/usr/bin/blkcalc
/usr/bin/blkcat
/usr/bin/blkls
/usr/bin/blkstat
/usr/bin/fcat
/usr/bin/ffind
/usr/bin/fiwalk
/usr/bin/fls
/usr/bin/fsstat
/usr/bin/hfind
/usr/bin/icat
/usr/bin/ifind
/usr/bin/ils
/usr/bin/img_cat
/usr/bin/img_stat
/usr/bin/istat
/usr/bin/jcat
/usr/bin/jls
/usr/bin/jpeg_extract
/usr/bin/mactime
/usr/bin/mmcat
/usr/bin/mmls
/usr/bin/mmstat
/usr/bin/sigfind
/usr/bin/sorter
/usr/bin/srch_strings
/usr/bin/tsk_comparedir
/usr/bin/tsk_gettimes
/usr/bin/tsk_loaddb
/usr/bin/tsk_recover
/usr/bin/usnjls
/usr/share/doc/sleuthkit-4.6.7/ChangeLog.txt
/usr/share/doc/sleuthkit-4.6.7/INSTALL.txt
/usr/share/doc/sleuthkit-4.6.7/NEWS.txt
/usr/share/doc/sleuthkit-4.6.7/README.md
/usr/share/doc/sleuthkit-4.6.7/README_win32.txt
/usr/share/java/sleuthkit-4.6.7.jar
/usr/share/man/man1/blkcalc.1.gz
/usr/share/man/man1/blkcat.1.gz
/usr/share/man/man1/blkls.1.gz
/usr/share/man/man1/blkstat.1.gz
/usr/share/man/man1/fcat.1.gz
/usr/share/man/man1/ffind.1.gz
/usr/share/man/man1/fls.1.gz
/usr/share/man/man1/fsstat.1.gz
/usr/share/man/man1/hfind.1.gz
/usr/share/man/man1/icat.1.gz
/usr/share/man/man1/ifind.1.gz
/usr/share/man/man1/ils.1.gz
/usr/share/man/man1/img_cat.1.gz
/usr/share/man/man1/img_stat.1.gz
/usr/share/man/man1/istat.1.gz
/usr/share/man/man1/jcat.1.gz
/usr/share/man/man1/jls.1.gz
/usr/share/man/man1/mactime.1.gz
/usr/share/man/man1/mmcat.1.gz
/usr/share/man/man1/mmls.1.gz
/usr/share/man/man1/mmstat.1.gz
/usr/share/man/man1/sigfind.1.gz
/usr/share/man/man1/sorter.1.gz
/usr/share/man/man1/tsk_comparedir.1.gz
/usr/share/man/man1/tsk_gettimes.1.gz
/usr/share/man/man1/tsk_loaddb.1.gz
/usr/share/man/man1/tsk_recover.1.gz
/usr/share/man/man1/usnjls.1.gz
/usr/share/tsk/
/usr/share/tsk/sorter/default.sort
/usr/share/tsk/sorter/freebsd.sort
/usr/share/tsk/sorter/images.sort
/usr/share/tsk/sorter/linux.sort
/usr/share/tsk/sorter/openbsd.sort
/usr/share/tsk/sorter/solaris.sort
/usr/share/tsk/sorter/windows.sort

Changelog

2019-08-07 - Lawrence R. Rogers <lrr@cert.org) 4.6.7-1.1
- Release 4.6.7-1.1
Update Release because Fedora now contains 4.6.7.
2019-06-09 - Lawrence R. Rogers <lrr@cert.org) 4.6.6-1.1
- Release 4.6.6-1.1
Update Release because Fedora now contains 4.6.6.
2019-04-26 - Lawrence R. Rogers <lrr@cert.org) 4.6.6-1
- Release 4.6.6-1
C/C++ Code:
Acquisition deteails are set in DB for E01 files
Fix NTFS decompression issue (from Joe Sylve)
Image reading fix when cache fails (Joe Sylve)
Fix HFS+ issue with large catalog files (Joe Sylve) 
Fix free memory issue in srch_strings (Derrick Karpo)
Java:
Fix so that local files can be relative
More Blackboard artifacts and attributes for web data
Added methods to CaseDbManager to enable checking for and modifying tables.
APIs to get and set acquisition details
Added methods to add volume and file systems to database
Added method to add LayoutFile for allocated files
Changed handling of JNI handles to better support multiple cases
2019-01-15 - Lawrence R. Rogers <lrr@cert.org) 4.6.5-1
- Release 4.6.5-1
C/C++ Code:
HFS boundary check fix
Java Code:
New artifacts and attributes defined
Fixed bug in SleuthkitCase.getContentById() for data sources
Fixed bug in LayoutFile.read() that could allow reading past end of file
Case Database Schema:
New fields for hash values and acquisition details in case database
Store "created schema version" in case database
2018-11-09 - Lawrence R. Rogers <lrr@cert.org) 4.6.4-1
- Release 4.6.4-1
Java Code:
Increase max statements in database to prevent errors under load
Have a max timeout for SQLite retries
2018-10-14 - Lawrence R. Rogers <lrr@cert.org) 4.6.3-1
- Release 4.6.3-1
C/C++ Code:
Hashdb bug fixes for corrupt indexes and 0 hashes
New code for testing power of number in ExtX code
Java Code:
New class that allows generic database access
New methods that check for duplicate artifacts
Added caches for frequently used content
Database Schema:
Added Examiner table
Tags are now associated with Examiners
Changed parent_path for logical files to be consistent with FS files.
2018-10-03 - Lawrence R. Rogers <lrr@cert.org) 4.6.2-2
- Release 4.6.2-2
Built with Java support. Release number is greater than the release for Fedora 28 and 27.
2018-08-08 - Lawrence R. Rogers <lrr@cert.org) 4.6.2-1
- Release 4.6.2-1
C/C++ Code:
- Various compiler warning fixes
- Added small delay into image writer to not starve other threads
Java: 
- Added more locking to ensure that handles were not closed while other threads were using them. 
- Added APIs to support more queries by data source
- Added memory-based caching when detecting if an object has children or not.
2018-05-16 - Lawrence R. Rogers <lrr@cert.org) 4.6.1-1
- Release 4.6.1-1
Lots of bounds checking fixes from Google's fuzzing tests. Thanks Goole.
Cleanup and fixes from uckelman-sf and others
PostgreSQL, libvhdi, & libvmdk are supported for Linux / OS X
Fixed display of NTFS GUID in istat - report from Eric Zimmerman.
NTFS istat shows details about all FILE_NAME attributes, not just the first. report from Eric Zimmerman.
2018-03-28 - Lawrence R. Rogers <lrr@cert.org) 4.6.0-3
- Release 4.6.0-3
Moved sleuthkit-4.6.0.jar from sleuthkit-devel package to sleuthkit package.

See Also

Package Description
sleuthkit-devel-4.6.7-1.1.el6.i686.rpm Development files for sleuthkit
sleuthkit-libs-4.6.7-1.1.el6.i686.rpm Library for sleuthkit
snarf-0.2.4-2.el6.i686.rpm snarf - Structured Network Alert Reporting Framework
snarf-devel-0.2.4-2.el6.i686.rpm Static libraries and C header files for libsnarf
snarf-python-0.2.4-2.el6.i686.rpm Python interface to snarf
snort-2.9.15-1.el6.i686.rpm An open source Network Intrusion Detection System (NIDS)
snort-openappid-2.9.15-1.el6.i686.rpm An open source Network Intrusion Detection System (NIDS) with open AppId support
snort-sample-rules-2.9.15-1.el6.noarch.rpm Sample rules for snort
socat-1.7.3.2-1.1.el6.i686.rpm Relay for bidirectional data transfer between 2 channels
ssdeep-2.14.1-1.el6.i686.rpm Computes a checksum based on context triggered piecewise hashes
ssdeep-2.7-1.el6.i386.rpm Computes a checksum based on context triggered piecewise hashes
stegdetect-0.6-2.el6.i686.rpm Detect and extract steganography messages inside JPEG
super_mediator-1.7.0-4.el6.i686.rpm IPFIX Super Mediator for use with the YAF and SiLK tools
tcpflow-1.2.6-1.el6.i386.rpm Network traffic recorder
tcpflow-1.3.0-1.el6.i686.rpm Network traffic recorder
Advertisement
Advertisement