sleuthkit-4.6.4-1.fc28.i686.rpm


Advertisement

Description

sleuthkit - The Sleuth Kit (TSK)

Property Value
Distribution Fedora 28
Repository CERT Forensics Tools i386
Package filename sleuthkit-4.6.4-1.fc28.i686.rpm
Package name sleuthkit
Package version 4.6.4
Package release 1.fc28
Package architecture i686
Package type rpm
Category Applications/System
Homepage http://www.sleuthkit.org
License CPL and IBM and GPLv2+
Maintainer -
Download size 1.75 MB
Installed size 15.71 MB
The Sleuth Kit (TSK) is a collection of UNIX-based command line tools that
allow you to investigate a computer. The current focus of the tools is the
file and volume systems and TSK supports FAT, Ext2/3, NTFS, UFS,
and ISO 9660 file systems

Alternatives

Package Version Architecture Repository
sleuthkit-4.6.5-1.fc28.i686.rpm 4.6.5 i686 CERT Forensics Tools
sleuthkit-4.6.5-1.fc28.x86_64.rpm 4.6.5 x86_64 CERT Forensics Tools
sleuthkit-4.6.4-1.fc28.x86_64.rpm 4.6.4 x86_64 CERT Forensics Tools
sleuthkit-4.6.3-1.fc28.i686.rpm 4.6.3 i686 CERT Forensics Tools
sleuthkit-4.6.3-1.fc28.x86_64.rpm 4.6.3 x86_64 CERT Forensics Tools
sleuthkit-4.6.2-2.fc28.i686.rpm 4.6.2 i686 CERT Forensics Tools
sleuthkit-4.6.2-2.fc28.x86_64.rpm 4.6.2 x86_64 CERT Forensics Tools
sleuthkit-4.6.2-1.fc28.i686.rpm 4.6.2 i686 Fedora Updates
sleuthkit-4.6.2-1.fc28.x86_64.rpm 4.6.2 x86_64 Fedora Updates
sleuthkit-4.6.0-3.fc28.x86_64.rpm 4.6.0 x86_64 CERT Forensics Tools
sleuthkit-4.5.0-2.fc28.i686.rpm 4.5.0 i686 Fedora
sleuthkit-4.5.0-2.fc28.x86_64.rpm 4.5.0 x86_64 Fedora
sleuthkit - - -

Requires

Name Value
/usr/bin/perl -
file -
java >= 1.6.0
jpackage-utils -
libafflib.so.0 -
libc.so.6(GLIBC_2.3.4) -
libdl.so.2 -
libewf.so.2 -
libgcc_s.so.1 -
libgcc_s.so.1(GCC_3.0) -
libgcc_s.so.1(GCC_7.0.0) -
libgcc_s.so.1(GLIBC_2.0) -
libm.so.6 -
libpq.so.5 -
libpthread.so.0 -
libpthread.so.0(GLIBC_2.0) -
libpthread.so.0(GLIBC_2.2) -
libsqlite3.so.0 -
libstdc++.so.6 -
libstdc++.so.6(CXXABI_1.3) -
libstdc++.so.6(CXXABI_1.3.9) -
libstdc++.so.6(GLIBCXX_3.4) -
libstdc++.so.6(GLIBCXX_3.4.11) -
libstdc++.so.6(GLIBCXX_3.4.20) -
libstdc++.so.6(GLIBCXX_3.4.21) -
libstdc++.so.6(GLIBCXX_3.4.9) -
libtsk.so.13 -
libvhdi.so.1 -
libvmdk.so.1 -
libz.so.1 -
mac-robber -
rtld(GNU_HASH) -
sleuthkit-libs = 4.6.4-1.fc28

Provides

Name Value
sleuthkit = 4.6.4-1.fc28
sleuthkit(x86-32) = 4.6.4-1.fc28

Download

Type URL
Mirror forensics.cert.org
Binary Package sleuthkit-4.6.4-1.fc28.i686.rpm
Source Package sleuthkit-4.6.4-1.fc28.src.rpm

Install Howto

  1. Download cert-forensics-tools-release-28 rpm:
    https://forensics.cert.org/cert-forensics-tools-release-28.rpm
  2. Install cert-forensics-tools-release-28 rpm:
    # rpm -Uvh cert-forensics-tools-release*rpm
  3. Install sleuthkit rpm package:
    # dnf --enablerepo=forensics install sleuthkit

Files

Path
/usr/bin/blkcalc
/usr/bin/blkcat
/usr/bin/blkls
/usr/bin/blkstat
/usr/bin/fcat
/usr/bin/ffind
/usr/bin/fiwalk
/usr/bin/fls
/usr/bin/fsstat
/usr/bin/hfind
/usr/bin/icat
/usr/bin/ifind
/usr/bin/ils
/usr/bin/img_cat
/usr/bin/img_stat
/usr/bin/istat
/usr/bin/jcat
/usr/bin/jls
/usr/bin/jpeg_extract
/usr/bin/mactime
/usr/bin/mmcat
/usr/bin/mmls
/usr/bin/mmstat
/usr/bin/sigfind
/usr/bin/sorter
/usr/bin/srch_strings
/usr/bin/tsk_comparedir
/usr/bin/tsk_gettimes
/usr/bin/tsk_loaddb
/usr/bin/tsk_recover
/usr/bin/usnjls
/usr/lib/.build-id/
/usr/lib/.build-id/03/3188e41ba7bd23b138daa38ba577236913d504
/usr/lib/.build-id/06/0180fa0355bf5bfe8f83b029acadfb05ff4e72
/usr/lib/.build-id/08/5e7130ed3c7321b64b654973e17fb187d12a68
/usr/lib/.build-id/0d/d08ec50a406b009e45241b882f5e1e87b07c69
/usr/lib/.build-id/1a/b456dd2235c7254ee3cc8ef20055718a29f067
/usr/lib/.build-id/20/8bbb1b75e27139673aa546fbccc5fffbfd82d6
/usr/lib/.build-id/30/48a8a6e3c86034366deb66f4e28ae456bd1d9d
/usr/lib/.build-id/47/55a602e52069cf5c45502a95d1e267764283ce
/usr/lib/.build-id/5b/880f4d47320d908a6db5a4779d67870c9275c6
/usr/lib/.build-id/66/83f70a319f848c24f026d9d8d78b2049d36996
/usr/lib/.build-id/7a/beedd0895ecdf9cad51cc17ccf01b984ee0130
/usr/lib/.build-id/7b/a6049fedf7d20144eb1ce7a4be3f84f0e605c8
/usr/lib/.build-id/7e/bd72d7e396d5f6d81708d4eef88587ad814d2b
/usr/lib/.build-id/86/5f7f4a3ae9de2f99133a461703d70dad11fb95
/usr/lib/.build-id/99/1717fcf45c6dfad9bcd96ddec0e93269698c1a
/usr/lib/.build-id/9b/dbd05181c24e99807582a72e143ebb39e640a9
/usr/lib/.build-id/aa/fcdd791c330721cd0a6260a0d736b738f7f331
/usr/lib/.build-id/ab/1a9e58645df0b7f725c06d400f04e9e842e8ec
/usr/lib/.build-id/ae/3fd673befcbb420fb0ae1977f7029015a2fae9
/usr/lib/.build-id/b6/68ce068926e3b100a8d8abacff793336188e92
/usr/lib/.build-id/b7/e41382e2d68447954d73d088931e17e5e26fef
/usr/lib/.build-id/c5/2e0f324583ab80684b562d09541995648d2f78
/usr/lib/.build-id/c5/a7b70aad006d7789adbd25aa0e48032a7eb897
/usr/lib/.build-id/d8/6d32094f26ea9babf40f95b29ad131802c75a7
/usr/lib/.build-id/db/54f1d536d804ed924d94507e1490b71603fbb7
/usr/lib/.build-id/dd/03d795dfa247a90bbd026bc4010121ae89c2f3
/usr/lib/.build-id/ef/621d885b7c9177e0ca08f879ef4990f38fca1b
/usr/lib/.build-id/f4/ae48b6f98829a6adf717235261c26c09cde3c0
/usr/lib/.build-id/fa/1db172076e3a38900b32ba906d4787d8ec8695
/usr/share/doc/sleuthkit/ChangeLog.txt
/usr/share/doc/sleuthkit/INSTALL.txt
/usr/share/doc/sleuthkit/NEWS.txt
/usr/share/doc/sleuthkit/README.md
/usr/share/doc/sleuthkit/README_win32.txt
/usr/share/java/sleuthkit-4.6.4.jar
/usr/share/man/man1/blkcalc.1.gz
/usr/share/man/man1/blkcat.1.gz
/usr/share/man/man1/blkls.1.gz
/usr/share/man/man1/blkstat.1.gz
/usr/share/man/man1/fcat.1.gz
/usr/share/man/man1/ffind.1.gz
/usr/share/man/man1/fls.1.gz
/usr/share/man/man1/fsstat.1.gz
/usr/share/man/man1/hfind.1.gz
/usr/share/man/man1/icat.1.gz
/usr/share/man/man1/ifind.1.gz
/usr/share/man/man1/ils.1.gz
/usr/share/man/man1/img_cat.1.gz
/usr/share/man/man1/img_stat.1.gz
/usr/share/man/man1/istat.1.gz
/usr/share/man/man1/jcat.1.gz
/usr/share/man/man1/jls.1.gz
/usr/share/man/man1/mactime.1.gz
/usr/share/man/man1/mmcat.1.gz
/usr/share/man/man1/mmls.1.gz
/usr/share/man/man1/mmstat.1.gz
/usr/share/man/man1/sigfind.1.gz
/usr/share/man/man1/sorter.1.gz
/usr/share/man/man1/tsk_comparedir.1.gz
/usr/share/man/man1/tsk_gettimes.1.gz
/usr/share/man/man1/tsk_loaddb.1.gz
/usr/share/man/man1/tsk_recover.1.gz
/usr/share/man/man1/usnjls.1.gz
/usr/share/tsk/
/usr/share/tsk/sorter/default.sort
/usr/share/tsk/sorter/freebsd.sort
/usr/share/tsk/sorter/images.sort
/usr/share/tsk/sorter/linux.sort
/usr/share/tsk/sorter/openbsd.sort
/usr/share/tsk/sorter/solaris.sort
/usr/share/tsk/sorter/windows.sort

Changelog

2018-11-09 - Lawrence R. Rogers <lrr@cert.org) 4.6.4-1
- Release 4.6.4-1
Java Code:
Increase max statements in database to prevent errors under load
Have a max timeout for SQLite retries
2018-10-14 - Lawrence R. Rogers <lrr@cert.org) 4.6.3-1
- Release 4.6.3-1
C/C++ Code:
Hashdb bug fixes for corrupt indexes and 0 hashes
New code for testing power of number in ExtX code
Java Code:
New class that allows generic database access
New methods that check for duplicate artifacts
Added caches for frequently used content
Database Schema:
Added Examiner table
Tags are now associated with Examiners
Changed parent_path for logical files to be consistent with FS files.
2018-10-03 - Lawrence R. Rogers <lrr@cert.org) 4.6.2-2
- Release 4.6.2-2
Built with Java support. Release number is greater than the release for Fedora 28 and 27.
2018-08-08 - Lawrence R. Rogers <lrr@cert.org) 4.6.2-1
- Release 4.6.2-1
C/C++ Code:
- Various compiler warning fixes
- Added small delay into image writer to not starve other threads
Java: 
- Added more locking to ensure that handles were not closed while other threads were using them. 
- Added APIs to support more queries by data source
- Added memory-based caching when detecting if an object has children or not.
2018-05-16 - Lawrence R. Rogers <lrr@cert.org) 4.6.1-1
- Release 4.6.1-1
Lots of bounds checking fixes from Google's fuzzing tests. Thanks Goole.
Cleanup and fixes from uckelman-sf and others
PostgreSQL, libvhdi, & libvmdk are supported for Linux / OS X
Fixed display of NTFS GUID in istat - report from Eric Zimmerman.
NTFS istat shows details about all FILE_NAME attributes, not just the first. report from Eric Zimmerman.
2018-03-28 - Lawrence R. Rogers <lrr@cert.org) 4.6.0-3
- Release 4.6.0-3
Moved sleuthkit-4.6.0.jar from sleuthkit-devel package to sleuthkit package.
2018-02-28 - Lawrence R. Rogers <lrr@cert.org) 4.6.0-2
- Release 4.6.0-2
Removed patches from PyTSK.
2018-02-21 - Lawrence R. Rogers <lrr@cert.org) 4.6.0-1
- Release 4.6.0-1
- New Features
- New Communications related Java classes and database tables.
- Java build updates for Autopsy Linux build
- Blackboard artifacts are now Content objects in Java and part of tsk_objects table in database.
- Increased cache sizes.
- Lots of bounds checking fixes from Google's fuzzing tests.  Thanks Google.
- HFS fix from uckelman-sf.
2017-10-15 - Lawrence R. Rogers <lrr@cert.org) 4.5.0-1
- Release 4.5.0-1
- New Features:
- Support for LZVN compressed HFS files (from Joel Uckelman)
- Use sector size from E01 (helps with 4k sector sizes)
- More specific version number of DB schema
- New Local Directory type in DB to differentiate with Virtual Directories
- All blackboard artifacts in DB are now 'content'. Attachments can now be children of their parent message.
- Added extension as a column in tsk_files table.
- Bug Fixes:
- Faster resolving of HFS hard links
- Lots of fixes from Google Fuzzing efforts.
2017-08-07 - Lawrence R. Rogers <lrr@cert.org) 4.4.2-1
- Release 4.4.2-1
- New Features:
- usnjls tool for NTFS USN log (from noxdafox)
- Added index to mime type column in DB
- Use local SQLite3 if it exists (from uckelman-sf)
- Blackboard Artifacts have a shortDescription metho
- Bug Fixes:
- Fix for highest HFS+ inum lookup (from uckelman-sf)
- Fix ISO9660 crash
- various performance fixes and added thread safety checks

See Also

Package Description
sleuthkit-devel-4.6.2-2.fc28.i686.rpm Development files for sleuthkit
sleuthkit-devel-4.6.3-1.fc28.i686.rpm Development files for sleuthkit
sleuthkit-devel-4.6.4-1.fc28.i686.rpm Development files for sleuthkit
sleuthkit-devel-4.6.5-1.fc28.i686.rpm Development files for sleuthkit
sleuthkit-libs-4.6.2-2.fc28.i686.rpm Library for sleuthkit
sleuthkit-libs-4.6.3-1.fc28.i686.rpm Library for sleuthkit
sleuthkit-libs-4.6.4-1.fc28.i686.rpm Library for sleuthkit
sleuthkit-libs-4.6.5-1.fc28.i686.rpm Library for sleuthkit
snarf-0.3.0-3.fc28.i686.rpm snarf - Structured Network Alert Reporting Framework
snarf-devel-0.3.0-3.fc28.i686.rpm Static libraries and C header files for libsnarf
snarf-python-0.3.0-3.fc28.i686.rpm Python interface to snarf
snort-2.9.11.1-2.fc28.i686.rpm An open source Network Intrusion Detection System (NIDS)
snort-2.9.12-1.fc28.i686.rpm An open source Network Intrusion Detection System (NIDS)
snort-openappid-2.9.11.1-2.fc28.i686.rpm An open source Network Intrusion Detection System (NIDS) with open AppId support
snort-openappid-2.9.12-1.fc28.i686.rpm An open source Network Intrusion Detection System (NIDS) with open AppId support
Advertisement
Advertisement