Don't understand german? Read or subscribe to my english-only feed.

The #newinwheezy game: new forensic packages in Debian/wheezy

Debian/wheezy includes a bunch of packages for people interested in digital forensics. The packages maintained within the Debian Forensics team which are shipped with the upcoming Debian/wheezy stable release for the first time in a Debian release are:

  • dc3dd: patched version of GNU dd with forensic features
  • extundelete: utility to recover deleted files from ext3/ext4 partition
  • rephrase: Specialized passphrase recovery tool for GnuPG
  • rkhunter: rootkit, backdoor, sniffer and exploit scanner (see comments)
  • rsakeyfind: locates BER-encoded RSA private keys in memory images
  • undbx: Tool to extract, recover and undelete e-mail messages from .dbx files

Join the #newinwheezy game and present packages which are new in Debian/wheezy.

4 Responses to “The #newinwheezy game: new forensic packages in Debian/wheezy”

  1. Sebastian Says:

    Actually, rkhunter was already available in squeeze:

    IIRC I had it installed as early as etch, but I might be wrong about that.

  2. mika Says:

    @Sebastian: ah you’re right, thanks for pointing it out :)

  3. Florian Says:

    Was actually going to add that I was quite sure about having installed rkhunter earlier as well :)

    Very good idea to highlight these new packages anyway.

  4. J. Says:

    rsakeyfind is not new either.