Thursday, October 29, 2009

Caine v1.0

I see that CAINE has released v1.0 today - from it's previous 0.5 release. From an initial view, it appears that many of the included programs have been updated. Overall, it has a nice selection of tools, including those used for both acquisition and analysis (Sleuthkit 3.01, MDD, Autopsy 2.21, Winen, Win32DD and probably about another 50 tools). Clear instructions on how to create a bootable USB drive as well.

The mounting policy claimed by the program states that it is the "same as Helix" and when the user clicks on a drive, it will mount as read-only. If the user mounts in terminal, it will mount "rw" by default unless the necessary "ro" commands are included.

Not sure how you feel about these all-inclusive tool sets, but like SIFT, it's nice to have all the necessary tools in a bootable CD or VM. Reboot and your workspace is clear.

Downloading v1.0 right now......let's take it for a spin!

No comments:

Post a Comment