Virus.Org IT Security News and Information Portal. We offer the latest IT security news, updates, product reviews, books, and articles for all you IT security professionals out there. Enter and get the best IT security information on the Internet.

 
. Welcome to the Virus.Org Mailing List Archive  
.
.


[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]


FTimes 3.3.0 Release
.

  • To: [EMAIL PROTECTED]
  • Subject: FTimes 3.3.0 Release
  • From: Klayton Monroe <[EMAIL PROTECTED]>
  • Date: Sat, 16 Aug 2003 15:58:24 +0000
.
 
Background:

  FTimes is a system baselining and evidence collection tool. The
  primary purpose of FTimes is to gather and/or develop information
  about specified directories and files in a manner conducive to
  intrusion analysis.

  FTimes is a lightweight tool in the sense that it doesn't need
  to be "installed" on a given system to work on that system, it
  is small enough to fit on a single floppy, and it provides only
  a command line interface.

  Preserving records of all activity that occurs during a snapshot
  is important for intrusion analysis and evidence admissibility.
  For this reason, FTimes was designed to log four types of
  information: configuration settings, progress indicators, metrics,
  and errors. Output produced by FTimes is delimited text, and
  therefore, is easily assimilated by a wide variety of existing
  tools.

  http://ftimes.sourceforge.net/FTimes/

  HashDig technology is a collection of utilities designed to help
  practitioners automate the process of resolving MD5 hashes. In
  the early stages of an investigation, it is not typically possible
  or practical to examine all subject files. Therefore, practitioners
  need reliable methods that can quickly reduce the number of files
  requiring examination. One such method is to group files into two
  general categories: known and unknown. This method can be implemented
  quite effectively by manipulating hashes and comparing them to
  one or more reference databases. Even that, however, can take a
  significant amount of effort. HashDig technology attempts to
  reduce this burden through automation and the use of lightweight,
  open, and verifiable techniques.

  http://ftimes.sourceforge.net/FTimes/HashDig.shtml

Announcement:

  Version 3.3.0 is a minor release of FTimes. Generally, code was
  cleaned up and refined as necessary. This release includes two
  new modes: diglean and maplean. These modes were added to fill
  the gap between the auto and full modes. Additionally, all MD5
  code has been replaced, and a new control, HashSymbolicLinks, has
  been added. The MAC/MACH timeline script, ftimes-map2mac.pl, now
  includes support for an external sorting method, and hipdig.pl
  has been given the ability to dig for Track[12] credit card data.
  Finally, configure/build support for the ia64 platform was added.

  http://sourceforge.net/forum/forum.php?forum_id=302122

Download:

  http://sourceforge.net/project/showfiles.php?group_id=41134

Cookbook:

  http://ftimes.sourceforge.net/FTimes/Cookbook.shtml

Enjoy,
k
-- 
Klayton Monroe
[EMAIL PROTECTED]
Fingerprint = 6D3B 1DBC F426 36E4 7C9A  FA93 9A5D D62D 4D86 DBFC

-----------------------------------------------------------------
This list is provided by the SecurityFocus ARIS analyzer service.
For more information on this free incident handling, management 
and tracking system please see: http://aris.securityfocus.com
 
.
.
 
Copyright (c) Virus.Org 1997-2006.
All Trademarks Acknowledged.
Please view our Terms and Conditions and our Privacy Policy.