Language Selection

English French German Italian Portuguese Spanish

Linux forensics - Part 1: Helix

Filed under
Linux

In this article, we will introduce and review Helix, a vastly powerful Linux forensics distribution. Helix is a live Linux CD carefully tailored for incident response, system investigation and analysis, data recovery, and security auditing. It is geared toward experienced users and system administrators working in small-to-medium, mixed environments where threats of data loss and security breaches are high.

The most recent version is based on Ubuntu, promising stability and ease of use. Helix has two modes, including pure Linux bootable live CD and the Windows mode, where it can be used in-vivo on top of a running Windows desktop.

Helix is available for download by email registration. We tested version 3 here.

Now, let's see what Helix can offer us.

Linux mode

As said, Helix comes as a live CD, allowing you to use it on a "suspect" machine with its native operating system dormant. It also makes Helix quite useful for network neighborhood auditing, by being able to run from just about any machine on the segment.

rest here




More in Tux Machines

today's leftovers

F2FS Tools Gain FSCK Support

The F2FS Tools v1.4.0 release introduces fsck.f2fs for fixing corrupted images/partitions for Samsung's Flash-Friendly File-System. There's also now dump.f2fs for retrieving a specific file. Additionally, the f2fs-tools 1.4 update also has bug-fixes for the stat and fibmap utilities. Last but not least is some code refactoring for the Android build. The release was mentioned today on the kernel mailing list by Samsung's Jaegeuk Kim. Read more

xorg-server 1.16.1

xorg-server 1.16.1 is now available. A single fix since Monday's 1.16.0.901, to address an issue when building Xwayland from the tarball. Julien Cristau (2): xwayland: always include drm.xml in tarballs Bump to 1.16.1 git tag: xorg-server-1.16.1 Read more

Geary Email Client Receives Major Overhaul and New Features

Geary, a lightweight email program designed around conversations and built for the GNOME desktop by the Yorba software group, has reached version 0.8 and it comes with a ton of new features. Read more