[TOOL] FSTools - FileSystem Investigator
From: SecuriTeam (support_at_securiteam.com)
Date: 04/15/04
- Previous message: SecuriTeam: "[TOOL] Hatchet - PF Firewall Log Parser"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
To: list@securiteam.com Date: 15 Apr 2004 16:26:17 +0200
The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com
- - promotion
The SecuriTeam alerts list - Free, Accurate, Independent.
Get your security news from a reliable source.
http://www.securiteam.com/mailinglist.html
- - - - - - - - -
FSTools - FileSystem Investigator
------------------------------------------------------------------------
SUMMARY
DETAILS
FileSystem Investigator is a platform independent file system viewer and
data extraction tool. It allows the user to:
* View the contents of the target file system in a forensically safe
manner, bypassing the normal operating system mechanisms
* Extract files and whole directory trees of files from the source file
system
Since it is written in platform-neutral Java, it can be used to examine
file systems outside their native environment. For example, it can be used
to view a Linux file system while running under Windows.
Supported Filesystems:
FileSystem Investigator is designed to be able to handle many different
file systems.
Currently ReiserFS version 3 and the Second Extended File System
(EXT2/EXT3) are supported.
How it works:
FileSystem Investigator directly accesses the source disk and processes
the data using it own built in file system drivers. This ensures that it
is safe to use FileSystem Investigator for forensic investigations.
FileSystem Investigator will never write to the source media thus
important timestamps are preserved. FileSystem Investigator can also read
disk-image files such as those created by dd. Files and whole directory
structures can be extracted easily from the source drive and stored for
further use or analysis. Due to limitations imposed by Java, special files
such as device nodes, pipes, sockets and links, cannot be extracted.
ADDITIONAL INFORMATION
The information has been provided by <mailto:bill[@rossi.com> wrossi.
The tool can be downloaded from: <http://www.rossi.com/>
http://www.rossi.com/
========================================
This bulletin is sent to members of the SecuriTeam mailing list.
To unsubscribe from the list, send mail with an empty subject line and body to: list-unsubscribe@securiteam.com
In order to subscribe to the mailing list, simply forward this email to: list-subscribe@securiteam.com
====================
====================
DISCLAIMER:
The information in this bulletin is provided "AS IS" without warranty of any kind.
In no event shall we be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages.
- Previous message: SecuriTeam: "[TOOL] Hatchet - PF Firewall Log Parser"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|
