FTimes 3.2.0 Released

Background:

  FTimes is a system baselining and evidence collection tool. The   primary purpose of FTimes is to gather and/or develop information   about specified directories and files in a manner conducive to   intrusion analysis.

  FTimes is a lightweight tool in the sense that it doesn't need   to be "installed" on a given system to work on that system, it   is small enough to fit on a single floppy, and it provides only   a command line interface.

  Preserving records of all activity that occurs during a snapshot   is important for intrusion analysis and evidence admissibility.   For this reason, FTimes was designed to log four types of   information: configuration settings, progress indicators, metrics,   and errors. Output produced by FTimes is delimited text, and   therefore, is easily assimilated by a wide variety of existing   tools.

  http://ftimes.sourceforge.net/FTimes/

Announcement:

  Version 3.2.0 is a minor release of FTimes. Compare logic has   been completely overhauled. Hash collisions are detected and   properly handled now, and the db's hard-coded size limit has been   eliminated. Support for NTFS mounted partitions under Linux has   been added. Faulty Content-Length detection and validation logic   has been fixed. The static SSL build process for WIN32 platforms   was changed to use /MT instead of /MD. This change requires that   static OpenSSL builds use the /MT flag as well. The install   location for nph-ftimes.cgi has been moved to ${prefix}/cgi/cgi-client.

  http://sourceforge.net/forum/forum.php?forum_id=245420

Do you need help?

In addition to our free technical library, Pantek provides professional IT services to companies who utilize Open Source software: Learn more about Pantek's Technical Support offerings Place an order for 24/7/365 Technical Support here Learn more about Pantek, who we are, and what we do Chat with a Live Operator Related securityfocus.com Links bugtraq certification focus-bsd focus-ids focus-ih focus-linux focus-ms focus-sun focus-unix-other focus-virus forensics incidents libnet linux-secnews ms-secnews pen-test secpapers secprog sectools secureshell security-basics securityjobs sf-news vuln-dev webappsec Request more information about Pantek

Download:

  http://sourceforge.net/project/showfiles.php?group_id=41134

Cookbook:

  http://ftimes.sourceforge.net/FTimes/Cookbook.shtml

White paper: "System Baselining -- A Forensic Perspective"

  This paper defines baselining terminology, explains the mechanics   of baselining, compares and contrasts different baselining   techniques, and describes FTimes -- a system baselining and   evidence collection tool. The paper also explores some of the   criteria that evidence collection tools and techniques must satisfy   if they are going to support prosecutions. In closing, it presents   a pair of war stories that are typical of the times.

  http://ftimes.sourceforge.net/FTimes/Papers.shtml

Enjoy,
k

-- 
Klayton Monroe
klm@ir.exodus.net
Exodus Security Research and Development
Fingerprint = 6D3B 1DBC F426 36E4 7C9A  FA93 9A5D D62D 4D86 DBFC

Do you need more help?

In addition to our free technical library, Pantek provides professional IT services to companies who utilize Open Source software: Learn more about Pantek's Technical Support offerings Place an order for 24/7/365 Technical Support here Learn more about Pantek, who we are, and what we do Chat with a Live Operator Related securityfocus.com Links bugtraq certification focus-bsd focus-ids focus-ih focus-linux focus-ms focus-sun focus-unix-other focus-virus forensics incidents libnet linux-secnews ms-secnews pen-test secpapers secprog sectools secureshell security-basics securityjobs sf-news vuln-dev webappsec Request more information about Pantek