sleuthkit-4.6.4-1.fc27.x86_64.rpm


Advertisement

Description

sleuthkit - The Sleuth Kit (TSK)

Property Value
Distribution Fedora 27
Repository CERT Forensics Tools x86_64
Package filename sleuthkit-4.6.4-1.fc27.x86_64.rpm
Package name sleuthkit
Package version 4.6.4
Package release 1.fc27
Package architecture x86_64
Package type rpm
Category Applications/System
Homepage http://www.sleuthkit.org
License CPL and IBM and GPLv2+
Maintainer -
Download size 1.60 MB
Installed size 12.77 MB
The Sleuth Kit (TSK) is a collection of UNIX-based command line tools that
allow you to investigate a computer. The current focus of the tools is the
file and volume systems and TSK supports FAT, Ext2/3, NTFS, UFS,
and ISO 9660 file systems

Alternatives

Package Version Architecture Repository
sleuthkit-4.6.5-1.fc27.i686.rpm 4.6.5 i686 CERT Forensics Tools
sleuthkit-4.6.5-1.fc27.x86_64.rpm 4.6.5 x86_64 CERT Forensics Tools
sleuthkit-4.6.4-1.fc27.i686.rpm 4.6.4 i686 CERT Forensics Tools
sleuthkit-4.6.3-1.fc27.i686.rpm 4.6.3 i686 CERT Forensics Tools
sleuthkit-4.6.3-1.fc27.x86_64.rpm 4.6.3 x86_64 CERT Forensics Tools
sleuthkit-4.6.2-2.fc27.i686.rpm 4.6.2 i686 CERT Forensics Tools
sleuthkit-4.6.2-2.fc27.x86_64.rpm 4.6.2 x86_64 CERT Forensics Tools
sleuthkit-4.6.2-1.fc27.x86_64.rpm 4.6.2 x86_64 Fedora Updates
sleuthkit-4.6.2-1.fc27.i686.rpm 4.6.2 i686 Fedora Updates
sleuthkit-4.6.0-3.fc27.i686.rpm 4.6.0 i686 CERT Forensics Tools
sleuthkit-4.6.0-3.fc27.x86_64.rpm 4.6.0 x86_64 CERT Forensics Tools
sleuthkit-4.6.0-2.fc27.i686.rpm 4.6.0 i686 CERT Forensics Tools
sleuthkit-4.6.0-2.fc27.x86_64.rpm 4.6.0 x86_64 CERT Forensics Tools
sleuthkit-4.6.0-1.fc27.i686.rpm 4.6.0 i686 CERT Forensics Tools
sleuthkit-4.6.0-1.fc27.x86_64.rpm 4.6.0 x86_64 CERT Forensics Tools
sleuthkit-4.5.0-1.fc27.i686.rpm 4.5.0 i686 CERT Forensics Tools
sleuthkit-4.5.0-1.fc27.x86_64.rpm 4.5.0 x86_64 CERT Forensics Tools
sleuthkit-4.3.0-5.fc27.x86_64.rpm 4.3.0 x86_64 Fedora
sleuthkit-4.3.0-5.fc27.i686.rpm 4.3.0 i686 Fedora
sleuthkit - - -

Requires

Name Value
/usr/bin/perl -
file -
java >= 1.6.0
jpackage-utils -
libafflib.so.0()(64bit) -
libc.so.6(GLIBC_2.3.4)(64bit) -
libdl.so.2()(64bit) -
libewf.so.2()(64bit) -
libgcc_s.so.1()(64bit) -
libgcc_s.so.1(GCC_3.0)(64bit) -
libm.so.6()(64bit) -
libpq.so.5()(64bit) -
libpthread.so.0()(64bit) -
libpthread.so.0(GLIBC_2.2.5)(64bit) -
libsqlite3.so.0()(64bit) -
libstdc++.so.6()(64bit) -
libstdc++.so.6(CXXABI_1.3)(64bit) -
libstdc++.so.6(CXXABI_1.3.9)(64bit) -
libstdc++.so.6(GLIBCXX_3.4)(64bit) -
libstdc++.so.6(GLIBCXX_3.4.11)(64bit) -
libstdc++.so.6(GLIBCXX_3.4.20)(64bit) -
libstdc++.so.6(GLIBCXX_3.4.21)(64bit) -
libstdc++.so.6(GLIBCXX_3.4.9)(64bit) -
libtsk.so.13()(64bit) -
libvhdi.so.1()(64bit) -
libvmdk.so.1()(64bit) -
libz.so.1()(64bit) -
mac-robber -
rtld(GNU_HASH) -
sleuthkit-libs = 4.6.4-1.fc27

Provides

Name Value
sleuthkit = 4.6.4-1.fc27
sleuthkit(x86-64) = 4.6.4-1.fc27

Download

Type URL
Mirror forensics.cert.org
Binary Package sleuthkit-4.6.4-1.fc27.x86_64.rpm
Source Package sleuthkit-4.6.4-1.fc27.src.rpm

Install Howto

  1. Download cert-forensics-tools-release-27 rpm:
    https://forensics.cert.org/cert-forensics-tools-release-27.rpm
  2. Install cert-forensics-tools-release-27 rpm:
    # rpm -Uvh cert-forensics-tools-release*rpm
  3. Install sleuthkit rpm package:
    # dnf --enablerepo=forensics install sleuthkit

Files

Path
/usr/bin/blkcalc
/usr/bin/blkcat
/usr/bin/blkls
/usr/bin/blkstat
/usr/bin/fcat
/usr/bin/ffind
/usr/bin/fiwalk
/usr/bin/fls
/usr/bin/fsstat
/usr/bin/hfind
/usr/bin/icat
/usr/bin/ifind
/usr/bin/ils
/usr/bin/img_cat
/usr/bin/img_stat
/usr/bin/istat
/usr/bin/jcat
/usr/bin/jls
/usr/bin/jpeg_extract
/usr/bin/mactime
/usr/bin/mmcat
/usr/bin/mmls
/usr/bin/mmstat
/usr/bin/sigfind
/usr/bin/sorter
/usr/bin/srch_strings
/usr/bin/tsk_comparedir
/usr/bin/tsk_gettimes
/usr/bin/tsk_loaddb
/usr/bin/tsk_recover
/usr/bin/usnjls
/usr/lib/.build-id/
/usr/lib/.build-id/08/3f03e9a330d201f4075cc506c9492682c9b20a
/usr/lib/.build-id/0c/bb50dd43f3965b347678fe18f1b9fd8a482c14
/usr/lib/.build-id/0e/936e833576238594f2ebeef4d376073e7baa0a
/usr/lib/.build-id/19/71e2ea049babd3495af662134c2ea6f804e2fa
/usr/lib/.build-id/19/a89abacd3e9529812cfc3e42ea8c2af8a6a149
/usr/lib/.build-id/1f/4cc88b41c281486615859470b160337ca91c53
/usr/lib/.build-id/22/3e0900eae7ade0ba1ccf624eb7638809c76089
/usr/lib/.build-id/26/a9443c7f224e1f6a9d34a742769a44a5f2bb8e
/usr/lib/.build-id/2d/02c15044ecd56823f2e747317863f1d445d967
/usr/lib/.build-id/50/09d491e20ad3b4bb72c8bfc5e3b1f4cd8c1075
/usr/lib/.build-id/53/3a877c92b3e1977ec9fe94fc818524ee7f59c2
/usr/lib/.build-id/56/7a30caa556a65287d993e62803726deacc0b83
/usr/lib/.build-id/80/f9b1b66efb6b21cc874fa635b69248dbd8fcb4
/usr/lib/.build-id/90/69859f822a201f7bc8109a3a467f07934ddc0e
/usr/lib/.build-id/93/c9d1caa1264ace073967958f1aec1c0921f43c
/usr/lib/.build-id/ae/5e343b7c0cd5ed60f787a1ed4af4557e3ea13f
/usr/lib/.build-id/b0/2e95326f5db526435f883d72264f5bd7762cc7
/usr/lib/.build-id/b7/c372938985d275b3160d5a167b28fa318cd133
/usr/lib/.build-id/c0/c6142f3b01a3fcd3990d9121ca54626f867c3f
/usr/lib/.build-id/cd/f0ad94b4d0b32fe1a07fe0ca4430318b6f627e
/usr/lib/.build-id/d0/91a27158092766de550e18227a8b96c703291f
/usr/lib/.build-id/d6/ec2bd5415d929e83e053d0025533675fcf0b9b
/usr/lib/.build-id/db/62a8b09157b3f00658fa0c7e1cfffd43b2ba3f
/usr/lib/.build-id/de/01981a9fb4b4d460a49437069d50779537df11
/usr/lib/.build-id/e0/a9ade2cf4050759ff20ba6a2226d9838acd75f
/usr/lib/.build-id/e9/1bbdda156b728b584cffffce03ab45016f4090
/usr/lib/.build-id/eb/e7c937fd1353f0dfbbe3376fe6866030343dff
/usr/lib/.build-id/ee/e01bc712c9656271638b8a6a4706eb38c4b53f
/usr/lib/.build-id/fa/ca4ecc1239d4048c617660c51eed03194541e9
/usr/share/doc/sleuthkit/ChangeLog.txt
/usr/share/doc/sleuthkit/INSTALL.txt
/usr/share/doc/sleuthkit/NEWS.txt
/usr/share/doc/sleuthkit/README.md
/usr/share/doc/sleuthkit/README_win32.txt
/usr/share/java/sleuthkit-4.6.4.jar
/usr/share/man/man1/blkcalc.1.gz
/usr/share/man/man1/blkcat.1.gz
/usr/share/man/man1/blkls.1.gz
/usr/share/man/man1/blkstat.1.gz
/usr/share/man/man1/fcat.1.gz
/usr/share/man/man1/ffind.1.gz
/usr/share/man/man1/fls.1.gz
/usr/share/man/man1/fsstat.1.gz
/usr/share/man/man1/hfind.1.gz
/usr/share/man/man1/icat.1.gz
/usr/share/man/man1/ifind.1.gz
/usr/share/man/man1/ils.1.gz
/usr/share/man/man1/img_cat.1.gz
/usr/share/man/man1/img_stat.1.gz
/usr/share/man/man1/istat.1.gz
/usr/share/man/man1/jcat.1.gz
/usr/share/man/man1/jls.1.gz
/usr/share/man/man1/mactime.1.gz
/usr/share/man/man1/mmcat.1.gz
/usr/share/man/man1/mmls.1.gz
/usr/share/man/man1/mmstat.1.gz
/usr/share/man/man1/sigfind.1.gz
/usr/share/man/man1/sorter.1.gz
/usr/share/man/man1/tsk_comparedir.1.gz
/usr/share/man/man1/tsk_gettimes.1.gz
/usr/share/man/man1/tsk_loaddb.1.gz
/usr/share/man/man1/tsk_recover.1.gz
/usr/share/man/man1/usnjls.1.gz
/usr/share/tsk/
/usr/share/tsk/sorter/default.sort
/usr/share/tsk/sorter/freebsd.sort
/usr/share/tsk/sorter/images.sort
/usr/share/tsk/sorter/linux.sort
/usr/share/tsk/sorter/openbsd.sort
/usr/share/tsk/sorter/solaris.sort
/usr/share/tsk/sorter/windows.sort

Changelog

2018-11-09 - Lawrence R. Rogers <lrr@cert.org) 4.6.4-1
- Release 4.6.4-1
Java Code:
Increase max statements in database to prevent errors under load
Have a max timeout for SQLite retries
2018-10-14 - Lawrence R. Rogers <lrr@cert.org) 4.6.3-1
- Release 4.6.3-1
C/C++ Code:
Hashdb bug fixes for corrupt indexes and 0 hashes
New code for testing power of number in ExtX code
Java Code:
New class that allows generic database access
New methods that check for duplicate artifacts
Added caches for frequently used content
Database Schema:
Added Examiner table
Tags are now associated with Examiners
Changed parent_path for logical files to be consistent with FS files.
2018-10-03 - Lawrence R. Rogers <lrr@cert.org) 4.6.2-2
- Release 4.6.2-2
Built with Java support. Release number is greater than the release for Fedora 28 and 27.
2018-08-08 - Lawrence R. Rogers <lrr@cert.org) 4.6.2-1
- Release 4.6.2-1
C/C++ Code:
- Various compiler warning fixes
- Added small delay into image writer to not starve other threads
Java: 
- Added more locking to ensure that handles were not closed while other threads were using them. 
- Added APIs to support more queries by data source
- Added memory-based caching when detecting if an object has children or not.
2018-05-16 - Lawrence R. Rogers <lrr@cert.org) 4.6.1-1
- Release 4.6.1-1
Lots of bounds checking fixes from Google's fuzzing tests. Thanks Goole.
Cleanup and fixes from uckelman-sf and others
PostgreSQL, libvhdi, & libvmdk are supported for Linux / OS X
Fixed display of NTFS GUID in istat - report from Eric Zimmerman.
NTFS istat shows details about all FILE_NAME attributes, not just the first. report from Eric Zimmerman.
2018-03-28 - Lawrence R. Rogers <lrr@cert.org) 4.6.0-3
- Release 4.6.0-3
Moved sleuthkit-4.6.0.jar from sleuthkit-devel package to sleuthkit package.
2018-02-28 - Lawrence R. Rogers <lrr@cert.org) 4.6.0-2
- Release 4.6.0-2
Removed patches from PyTSK.
2018-02-21 - Lawrence R. Rogers <lrr@cert.org) 4.6.0-1
- Release 4.6.0-1
- New Features
- New Communications related Java classes and database tables.
- Java build updates for Autopsy Linux build
- Blackboard artifacts are now Content objects in Java and part of tsk_objects table in database.
- Increased cache sizes.
- Lots of bounds checking fixes from Google's fuzzing tests.  Thanks Google.
- HFS fix from uckelman-sf.
2017-10-15 - Lawrence R. Rogers <lrr@cert.org) 4.5.0-1
- Release 4.5.0-1
- New Features:
- Support for LZVN compressed HFS files (from Joel Uckelman)
- Use sector size from E01 (helps with 4k sector sizes)
- More specific version number of DB schema
- New Local Directory type in DB to differentiate with Virtual Directories
- All blackboard artifacts in DB are now 'content'. Attachments can now be children of their parent message.
- Added extension as a column in tsk_files table.
- Bug Fixes:
- Faster resolving of HFS hard links
- Lots of fixes from Google Fuzzing efforts.
2017-08-07 - Lawrence R. Rogers <lrr@cert.org) 4.4.2-1
- Release 4.4.2-1
- New Features:
- usnjls tool for NTFS USN log (from noxdafox)
- Added index to mime type column in DB
- Use local SQLite3 if it exists (from uckelman-sf)
- Blackboard Artifacts have a shortDescription metho
- Bug Fixes:
- Fix for highest HFS+ inum lookup (from uckelman-sf)
- Fix ISO9660 crash
- various performance fixes and added thread safety checks

See Also

Package Description
sleuthkit-devel-4.5.0-1.fc27.x86_64.rpm Development files for sleuthkit
sleuthkit-devel-4.6.0-1.fc27.x86_64.rpm Development files for sleuthkit
sleuthkit-devel-4.6.0-2.fc27.x86_64.rpm Development files for sleuthkit
sleuthkit-devel-4.6.0-3.fc27.x86_64.rpm Development files for sleuthkit
sleuthkit-devel-4.6.2-2.fc27.x86_64.rpm Development files for sleuthkit
sleuthkit-devel-4.6.3-1.fc27.x86_64.rpm Development files for sleuthkit
sleuthkit-devel-4.6.4-1.fc27.x86_64.rpm Development files for sleuthkit
sleuthkit-devel-4.6.5-1.fc27.x86_64.rpm Development files for sleuthkit
sleuthkit-libs-4.5.0-1.fc27.x86_64.rpm Library for sleuthkit
sleuthkit-libs-4.6.0-1.fc27.x86_64.rpm Library for sleuthkit
sleuthkit-libs-4.6.0-2.fc27.x86_64.rpm Library for sleuthkit
sleuthkit-libs-4.6.0-3.fc27.x86_64.rpm Library for sleuthkit
sleuthkit-libs-4.6.2-2.fc27.x86_64.rpm Library for sleuthkit
sleuthkit-libs-4.6.3-1.fc27.x86_64.rpm Library for sleuthkit
sleuthkit-libs-4.6.4-1.fc27.x86_64.rpm Library for sleuthkit
Advertisement
Advertisement