Hola a todos,
sólo informar que las nuevas versiones de "The Sleuth Kit" y de "Autopsy" han sido publicadas:
http://www.sleuthkit.org/sleuthkit/download.php
http://www.sleuthkit.org/autopsy/download.php
Las principales novedades y mejoras son:
# June 2, 2004: Version 1.70 of The Sleuth Kit was released:
* Bug Fixes
o The allocation status was incorrectly set for deleted FAT files when the entire directory was deleted at once.
o TSK would not compile with Fedora Core 2.
* Major Updates
o FAT File Recovery using '-r' flag of icat (see the May issue of The Sleuth Kit Informer).
o Added '-u' flag to 'dcat' to specify unit size for raw and dls images.
o Changed arguments to 'dcat' so that the number of units is given instead of the number of bytes to print.
o fls will recurse into deleted FAT directories
o sorter takes advantage of new FAT recovery features
o Updated 'istat' output for FAT files
o Updated 'fsstat' output for FAT file systems
o Volume label directory entry is displayed with FAT file systems
o dstat on a FAT cluster shows the cluster address
o Changed internal design for walking flags
o Improved naming convention in sorter for 'dead' ils files
June 2, 2004: Version 2.01 was released:
* Bug Fixes:
o Reported a newer version of TSK existed, when TSK was more recent than expected.
o Fixed bug that would return the wrong unallocated data unit from a keyword search. The address was correct, but the data was for a different location.
* Updates:
o New feature where file name searches can be done using Perl regular expressions
o Support for file recovery
o Support for TSK 1.70's new FAT output
o Removed usage of '-H' with icat
o Support for new 'dcat' syntax.
sólo informar que las nuevas versiones de "The Sleuth Kit" y de "Autopsy" han sido publicadas:
http://www.sleuthkit.org/sleuthkit/download.php
http://www.sleuthkit.org/autopsy/download.php
Las principales novedades y mejoras son:
# June 2, 2004: Version 1.70 of The Sleuth Kit was released:
* Bug Fixes
o The allocation status was incorrectly set for deleted FAT files when the entire directory was deleted at once.
o TSK would not compile with Fedora Core 2.
* Major Updates
o FAT File Recovery using '-r' flag of icat (see the May issue of The Sleuth Kit Informer).
o Added '-u' flag to 'dcat' to specify unit size for raw and dls images.
o Changed arguments to 'dcat' so that the number of units is given instead of the number of bytes to print.
o fls will recurse into deleted FAT directories
o sorter takes advantage of new FAT recovery features
o Updated 'istat' output for FAT files
o Updated 'fsstat' output for FAT file systems
o Volume label directory entry is displayed with FAT file systems
o dstat on a FAT cluster shows the cluster address
o Changed internal design for walking flags
o Improved naming convention in sorter for 'dead' ils files
June 2, 2004: Version 2.01 was released:
* Bug Fixes:
o Reported a newer version of TSK existed, when TSK was more recent than expected.
o Fixed bug that would return the wrong unallocated data unit from a keyword search. The address was correct, but the data was for a different location.
* Updates:
o New feature where file name searches can be done using Perl regular expressions
o Support for file recovery
o Support for TSK 1.70's new FAT output
o Removed usage of '-H' with icat
o Support for new 'dcat' syntax.
Un saludo,
Raúl Siles
[ reply ]