Bug#468940: ITP: ftimes -- a system baselining and evidence collection tool
d-fence at swing.be
Sun Mar 2 13:57:04 UTC 2008
Owner: Debian Forensics <forensics-devel at lists.alioth.debian.org>
Package name: ftimes
Upstream Author: Klayton Monroe
Description: a system baselining and evidence collection tool.
The primary purpose of FTimes is to gather information and attributes about specified
directories and files in a manner conducive to intrusion and forensic analysis.
FTimes basically implements two general capabilities: file topography and string search.
File topography is the process of mapping key attributes of directories and files
on a given file system.
String search is the process of digging through directories and files on a given
file system while looking for a specific sequence of bytes.
Monniez Christophe <d-fence at swing.be>
More information about the forensics-devel