Language Selection

English French German Italian Portuguese Spanish

Linux forensics - Part 1: Helix

Filed under
Linux

In this article, we will introduce and review Helix, a vastly powerful Linux forensics distribution. Helix is a live Linux CD carefully tailored for incident response, system investigation and analysis, data recovery, and security auditing. It is geared toward experienced users and system administrators working in small-to-medium, mixed environments where threats of data loss and security breaches are high.

The most recent version is based on Ubuntu, promising stability and ease of use. Helix has two modes, including pure Linux bootable live CD and the Windows mode, where it can be used in-vivo on top of a running Windows desktop.

Helix is available for download by email registration. We tested version 3 here.

Now, let's see what Helix can offer us.

Linux mode

As said, Helix comes as a live CD, allowing you to use it on a "suspect" machine with its native operating system dormant. It also makes Helix quite useful for network neighborhood auditing, by being able to run from just about any machine on the segment.

rest here




More in Tux Machines

Wine 1.9.9

Six free open source alternatives to Windows 10: Chrome, Ubuntu, Solus and more, what's the best alternative to Windows OS?

Windows 10 has generally be viewed as a welcome successor to Windows 8, both by businesses and individuals. However it has also come under scrutiny from users that are concerned about data privacy. So why not opt for a free Windows 10 alternative? Read more

Yet another GTK+ update

GTK+ 3.20 was released a while ago; we’re up to 3.20.3 now. As I tried to explain in earlier posts here and here, this was a pretty active development cycle for GTK+. We landed a lot of of new stuff, and many things have changed. I’m using the neutral term changed here for a reason. How you view changes depends a lot on your perspective. Us, who implemented the changes, are of course convinced that they are great improvements. Others who maintain GTK+ themes or applications may have a different take, since changes often imply that they have to do work to adapt. Read more

Linux Kernel 3.4.112 LTS Has Many PowerPC, x86, HFS, and HFS+ Improvements

A couple of days ago, kernel developer Zefan Li released the one hundred twelfth maintenance build of the long-term supported Linux 3.4 kernel series for stable GNU/Linux users. Read more