Forensics Linux distributions
Helix 3: A specialized Linux distribution for computer forensics.
This distribution comes as Live CD (bootable) but can be installed also on a harddisk to investigate image files.
It's amazing how professional a Linux distribution can be. Based on Ubuntu, it contains a lot of useful standard applications, but also Adepto and Autopsy, specialized to make images or to investigate content.
Booting takes a bit time, be patient during the phase of hardware driver load.:.
After it's loaded, you can select several applications:
Adepto looks very handy:
Mounting additional drives to save an image (to an USB drive) is also done in seconds ...
But also Autopsy is easy to use (it has a web based frontend).
You can download an unsupported, but fully functional copy of an earlier version at the site of e-fense.com here - with no costs, just fill out the form (it seems they decided temporarily to offer no previous version for free anymore - but an ISO image of an older one can still d/l'ed here or even more versions here).
e-fense.com sells Helix 3 Pro (an actualized version) with support as a subscription for about $250.
Backtrack 4 : A Linux distribution specialized for security issues
You must take a look also at Backtrack 4 (based on Slackware Linux).
It contains a lot of security testing tools as well, e.g. also a password brute force cracker tool which has CUDA (Nvidia graphics card hardware accelaration) support.
You can download the ISO image of the final version here.
The boot process from CD/DVD stops at a prompt. Just start the graphical GUI with 'startx'. If you want to install it on a harddisk, start the installation by using the script 'install.sh' (or 'ubiquity'),. A good starting point might be also this site (in german).
Based on KDE 3.5, it is also possible to use a futuristic cube session manager :-)
Take a look at the video from Offensive-security.com also (shows also how to use 'wicd' for WLAN management).
First hints for customization and installation on an USB memory stick can be found here.
|
