Known Repository fo...
 
Notifications
Clear all

Known Repository for the Sleuth Kit  

  RSS
mwade
(@mwade)
Member

Hello,

I am looking for a known repository to install The Sleuth Kit. I am currently running Suse 9.x and am having a hell of a time installing The Sleuth Kit. I am getting one dependecy error after another. When I do try and add the dependency I get a conflict after conflict.

Two questions
1. Does anyone know of a software repository to obtain The Sleuth Kit.
2. What is everyone's favorite linux distribution for doing forensics work? I used to like Fedora, but doesn't play nice with VMware (or at least it didnt.)

Thanks in advance.

mark

Quote
Posted : 21/06/2007 7:19 pm
echo6
(@echo6)
Member

2. What is everyone's favorite linux distribution for doing forensics work?

My personal favourite is Gentoo Linux, I would also recommend you look at SMART Linux http//www.asrdata.com which uses Slackware. Another option would be to install Helix, Debain based, Heilx already has Sleuthkit installed. Note that installing Helix to hard drive is not currently supported, but it is possible -)

ReplyQuote
Posted : 22/06/2007 4:43 am
jot49
(@jot49)
New Member

I use Debian with Sleuth Kit and Autopsy in VMware, works fine, only problem is that VMware doesn´t support Firewire and I could not use my Writeblocker. So I have to create the image on a physical machine.

ReplyQuote
Posted : 22/06/2007 1:34 pm
dietro
(@dietro)
Member

To answer your first question, I have Mepis installed on my home machine. It is based on Ubuntu, which in turn is based on Debian. Sleuthkit and Autopsy are both in the Mepis/Ubuntu repository, and installed on my machine without a hitch. I am relatively certain that they would both also be in the various Debian repositories as well.

As far as the second question…..that's the beauty of Linux, you can dig around and find your own favorite. My preference are Debian based systems because I like APT.

ReplyQuote
Posted : 22/06/2007 9:39 pm
RoboGeek
(@robogeek)
New Member

I run my entire business off Mepis.. I love it! I have many tools for security work installed (pen testing and audits mostly), but its not forensically sound. If your looking for anything that might get challenged - use Helix.

I have a machine with a empty drive (be sure its forensically sound as a repository for data) and a fast CDROM drive. I slave the drive being evaluated to the system and boot to the CD.
Then its just the usual.. make a image, open a case with Autopsy and investigate away!

ReplyQuote
Posted : 19/07/2007 3:44 am
stumpy
(@stumpy)
New Member

Hello,

I am looking for a known repository to install The Sleuth Kit. I am currently running Suse 9.x and am having a hell of a time installing The Sleuth Kit.
mark

I think the main problem might be your distro version. Is there any chance that you could upgrade to SuSe 10.x? I am running SuSe 10.0 and upgraded to the latest versions of TSK and Autopsy at the weekend with online repositories. Unfortunately I couldn't tell you which specific repository that it came from, I use the repositories listed in THIS PAGE

ReplyQuote
Posted : 08/10/2007 6:45 pm
bitunlocker
(@bitunlocker)
New Member

You can download the source files and install it according to their readme.

I've never seen that fail.

ReplyQuote
Posted : 23/10/2007 5:48 pm
Share: