Bug#468940: ITP: ftimes -- a system baselining and evidence collection tool
Monniez Christophe
d-fence at swing.be
Sun Mar 2 13:57:04 UTC 2008
Package: wnpp
Severity: whishlist
Owner: Debian Forensics <forensics-devel at lists.alioth.debian.org>
Package name: ftimes
Version: 3.8.0
Upstream Author: Klayton Monroe
URL: http://ftimes.sourceforge.net/FTimes/
License: BSD-3
Description: a system baselining and evidence collection tool.
The primary purpose of FTimes is to gather information and attributes about specified
directories and files in a manner conducive to intrusion and forensic analysis.
.
FTimes basically implements two general capabilities: file topography and string search.
File topography is the process of mapping key attributes of directories and files
on a given file system.
String search is the process of digging through directories and files on a given
file system while looking for a specific sequence of bytes.
--
Monniez Christophe <d-fence at swing.be>
More information about the forensics-devel
mailing list