FCCU GNU/Linux Forensic Bootable CD 8.1 - A forensic bootable CD.
About:
FCCU GNU/Linux Forensic Bootable CD is a bootable CD based on KNOPPIX
that contains a lot of tools suitable for computer forensic
investigatins, including bash scripts. Its main purpose is to create
images of devices prior to analysis, and it is used by the Belgian
Federal Computer Crime Unit.
Changes:
Changelog:
07-07-2005 Christophe Monniez
- removed lvm support (because of a conflict with scsi)
- new 2.6.11 kernel with :
- no more low performance usb block driver (ub)
- welcome back to /dev/sdx at high speed
- probe all LUN support for scsi (for multi-card readers)
- disabled NTFS write support (too dangerous for forensic)
29-06-2005 Christophe Monniez
- removed bind
19-05-2005 Christophe Monniez
- upgrade to KNOPPIX 3.8.2
- added manpages-fr
- added manpages-nl
- added gnu ddrescue version 1.0 pre 3
- upgrade dcfldd to version 1.3-RC1
- added Rainbowcrack
- added mdcrack 1.2
- removed ldmtools (unable to compile)
- removed bass (unable to compile)
- added THC (The Hacker's Choice) AMAP scanner
- removed e2retrieve (unable to compile)
- added foremost 1.0 (symlink created to preserve foremost 0.69)
- added nemesis a packet injection tool
- added tcptraceroute and traceproto some traceroute replacements
11-04-2005 Christophe Monniez
- upgrade to KNOPPIX 3.8.1
- upgrade to SleuthKit 2.0.3
- added testdisk : a tool to recover lost partitions
- added dcfldd (Thanks to Michel Roukine for compiling hints)
- added zoo : the zoo compression algorythm support
- added p7zip : the 7zip compression tools
- added orange : cab file reader
- added unshield : a reader for self extraction shield files
- added recoverjpeg : a tool to recover jpeg files
- added lcrack : lepton cracker
- added sbd : netcat like utility with encryption
- added smbc : samba commander
- added spantape : a tool to span data on multiple tapes
- added tcpflow : a tool to capture tcp
- added p0f : a passive OS detection tool
- added tcpreplay : a tool to replay captured tcp packets
- added netdude : a tool to analyze tcp captured packets
30-03-2005 Christophe Monniez
- added wv : a MS doc converter
- latest clamav db updated
- removed squid
- added sing : a programmable ping
- added tcptrack : a packet sniffer
20-03-2005 Christophe Monniez
- added the brand new Sleuthkit 2.0
- removed apmd init script
- changed knoopix keyword in start screen options to fccu
- added star : an archive utility
- added dcraw : a tool to read raw digital photography
- added discover : a tool to discover hardware
- added glark : a colorized grep that works with less
- added jpeginfo : a tool to find info about jpeg files
- added lshw : a great tool to list hardware informations
- added mdbtools : a package of tools to work with MS access databases
- added sgrep : a tool to grep structures
- added hfsplus package : to mount macintosh filesystem
- added hfsutils : to work with macintosh filesystems
- added wdutch and wfrench : french and dutch dictionnary words
- added gpsd : a gps deamon
- added sg3-utils : a package of scsi utilities
- added dds2tar : a package of tools for using dds tapes
- added scsitools : a package of scsi tools
- added scsiadd : a tool to rescan scsi bus
- added lvm support
- added fccu.evtreader.pl : a script to read MS event log files
- upgraded a lot of packages
10-12-2004 Christophe Monniez and Geert Van Acker
- added curl
- added e2retrieve
- added myrescue
- added recoverdm/mergebad
- added gzrecover
26-10-2004 Christophe Monniez (e-mail address removed)
- added arc a compression utility
- added extract a tool to extract metadata from a lot of files
- added catdoc a tool to convert word documents to plain text or latex
20-10-2004 Christophe Monniez (e-mail address removed)
- added ngrep a grep tool for network packets
- added slocate a file location database
- added crack a password cracker
- added fcrackzip a zip file password cracker
- added hydra a cracker for network services
- antivirus database update
07-09-2004 Christophe Monniez (e-mail address removed)
- upgrade to KNOPPIX 3.6
- added arping 2.01 a arp ping tool
- added bcrypt 1.1 a blowfish file encryption tool
- added e2undel 0.8.7 a ext2 undelete tool
- added recover 1.3c another one
- added biabam 0.9.6 a bash attachement mailer ... just in case
- added aish 1.13 a ish/base64/uuencoded_file converter
- added mimedecode 1.9 a tool to decode mime messages
- added bass 1.0.7 a vulnerability scanner
- added knocker 0.7.1 a port scanner
- added nikto 1.32 a web server security scanner
- added ettercap 0.7 a network sniffer
- added karpski 0.101 another network sniffer
- added nast 0.2 another one
- added scapy 0.9.15 one more
- added tcpick 0.1.23 alast one
- added chntpw 0.99.2 the NT SAM database viewer
- added nbtscan 1.5.1 a Samba scanner
- added biew 5.6.1 a console hex editor
- added sdd 1.31 a dd clone specialized in tapes
- added tcptrack 1.1.3 a tcp connections monitor
- removed testdisk (unable to install correctly)
- added ftimes 3.4.0 a tool to gather informations
- added mboxgrep 0.7.8 a tool to grep mail boxes
- added readdbx and readoe 1.0.3 (libdbx)
Regards
Gordon
