[RELiC]

F.I.R.E

Forensics workstation/Data Recovery
Instantly deploy a linux workstation with a large collection of security related tools, and a GUI interface. A must have for every Penetration Tester.
Just Burn to CD and Boot!

Don't forget to give yourself an IP o�nce you have a bash shell, for Example:
bash# ifconfig eth0 192.168.1.9

Instantly deploy a forensics workstation with tct, tctutils, mac-robber, and autopsy
also provides perl 5.6.1 compiled with Large File Support.

Live System Incident Response
Binaries are available for Incident Response on a live machine.

Virus Scanning
Utilizing F-Prot 3.11beta http://www.f-prot.com you can scan for virii, worms, trojans, and all around harmful code.
Just mount the filesystems that you want to scan and execute 'f-prot.'
Any filesystem you can mount, you can scan.
mount and scan fat/ntfs/ext2/ext3/reiserfs partitions
Scan your windows machines offline for virii that may not be detected with an "after the fact" anti-virus
software installation.

Pen-Testing Platform
I should NOT have to explain this portion:
If the tools you would like to use are not in the distribution please make a request!

Q: What can I do with it?
A: Among other things, you can use F.I.R.E. to
* collect data from a potentially compromised host and do a forensic analysis
* respond to a security incident using trusted binaries
* recover data from lost partitions
* do a virus check of your harddrives in a clean environment
* carry out a penetration test or vulnerability assessment

F.I.R.E. can be booted into a comfortable X-Window environment or operated
from a standard text console (even over a serial cable).
Menus that help you perform common tasks are available in both cases.

More info here:
http://fire.dmzs.com/

Current version is 0.4a available at:
http://prdownloads.s...4a.iso?download (578M iso image)

Somemore helpfull information about FORENSIC, IDS, INCIDENT RESPONSE
http://www.geschonne...y/forensic.html

../

[technoboy]

this cd is very nice, i tryed it fews days ago, recommand it to everyone involved in honeypot and forensic

[sh@dy]

Also check out Penguin Sleuth Kit. A nice .iso that has a lot of functionality...

http://www.linux-for.../downloads.html

[mhl103]

I checked it out, thanks i will difineatly use it in the future. :)

[pingywon]

zz76, on Sep 11 2004, 04:09 PM, said:

i am listing,


1. http://fire.dmzs.com 
2. http://www.phlak.org
3. http://www.localareasecurity.org
4. http://www.knoppix-std.org
5. http://www.ussysadmin.com/operator/
6. http://www.dyngnosis.com/

<{POST_SNAPBACK}>

You forgot
7.Whoppix

and

8.Auditor

[Digital_Spirit]

seems interesting, does the incident response system use any kind of artificial intellegence?

[dw-chow]

Digital_Spirit, on Jun 12 2005, 01:44 PM, said:

seems interesting, does the incident response system use any kind of artificial intellegence?

<{POST_SNAPBACK}>

most likely not. i've tried earlier versions of fire, wasn't bad. for forensics goes, i've heard of a program called "encase" that cops use too.