Import of sleuthkit-1.62
-- The Sleuth Kit (previously known as TASK) is a collection of UNIX-based command line file system forensic tools that allow an investigator to examine NTFS, FAT, FFS, EXT2FS, and EXT3FS file systems of a suspect computer in a non-intrusive fashion. The tools have a layer-based design and can extract data from internal file system structures. Because the tools do not rely on the operating system to process the file systems, deleted and hidden content is shown. This port replaces TASK, previously removed.
This commit is contained in:
parent
e58e72ab0b
commit
c778e25d62
36
sysutils/sleuthkit/Makefile
Normal file
36
sysutils/sleuthkit/Makefile
Normal file
@ -0,0 +1,36 @@
|
||||
# $OpenBSD: Makefile,v 1.1.1.1 2003/05/12 13:16:02 margarida Exp $
|
||||
|
||||
COMMENT= "forensic toolkit based on TCT"
|
||||
|
||||
VERSION= 1.61
|
||||
DISTNAME= sleuthkit-${VERSION}
|
||||
CATEGORIES= sysutils security
|
||||
|
||||
HOMEPAGE= http://www.sleuthkit.org/
|
||||
|
||||
MASTER_SITES= ${MASTER_SITE_SOURCEFORGE:=sleuthkit/} \
|
||||
${MASTER_SITE_PACKETSTORM:=UNIX/utilities/}
|
||||
|
||||
MAINTAINER= Margarida Sequeira <margarida@openbsd.org>
|
||||
|
||||
# IBM & GPL
|
||||
PERMIT_PACKAGE_CDROM= "commercial contributor must indemnify all others"
|
||||
PERMIT_PACKAGE_FTP= Yes
|
||||
PERMIT_DISTFILES_CDROM= "commercial contributor must indemnify all others"
|
||||
PERMIT_DISTFILES_FTP= Yes
|
||||
|
||||
MAKE_FLAGS= CC="${CC}" OPT="${CFLAGS}" DEBUG=""
|
||||
|
||||
NO_REGRESS= Yes
|
||||
|
||||
DOCS= README docs/* tct.docs/*
|
||||
|
||||
do-install:
|
||||
${INSTALL_DATA_DIR} ${PREFIX}/share/doc/task
|
||||
cd ${WRKSRC}/bin && ${INSTALL_SCRIPT} mactime sorter ${PREFIX}/bin
|
||||
cd ${WRKSRC}/bin && ${INSTALL_PROGRAM} dcalc dcat dls dstat ffind \
|
||||
icat fls fsstat icat ifind ils istat hfind ${PREFIX}/bin
|
||||
cd ${WRKSRC}/man/man1 && ${INSTALL_MAN} * ${PREFIX}/man/man1
|
||||
cd ${WRKSRC} && ${INSTALL_DATA} ${DOCS} ${PREFIX}/share/doc/task
|
||||
|
||||
.include <bsd.port.mk>
|
3
sysutils/sleuthkit/distinfo
Normal file
3
sysutils/sleuthkit/distinfo
Normal file
@ -0,0 +1,3 @@
|
||||
MD5 (sleuthkit-1.61.tar.gz) = cd6783f8d9a109ffe839912674e2f3cf
|
||||
RMD160 (sleuthkit-1.61.tar.gz) = 62453376639909a437a15f09ee4c76af9e9542c9
|
||||
SHA1 (sleuthkit-1.61.tar.gz) = 965e8895d0e6fa75714fe5271664481b836f5d30
|
29
sysutils/sleuthkit/pkg/DESCR
Normal file
29
sysutils/sleuthkit/pkg/DESCR
Normal file
@ -0,0 +1,29 @@
|
||||
The Sleuth Kit (previously known as TASK) is the only open
|
||||
source forensic toolkit for a complete analysis of Microsoft
|
||||
and UNIX file systems.
|
||||
It enables investigators to identify and recover evidence from
|
||||
images acquired during incident response or from live systems.
|
||||
|
||||
Some of its features :
|
||||
|
||||
* Analyzes images generated by the open source 'dd' utility,
|
||||
found on all UNIX systems and available for Windows systems.
|
||||
|
||||
* Supports the NTFS, FAT, FFS, and EXT2FS file systems. Images
|
||||
of a different endian ordering than the analysis system can
|
||||
be used.
|
||||
|
||||
* The tools are organized in a layered approach, where the names
|
||||
in each layer start with the same letter to help the user identify
|
||||
the function of the tool. The layers include File System, File
|
||||
Name (directory entries and NTFS index trees), Meta-Data (UNIX
|
||||
inodes and NTFS MFT entries), and Content (blocks and clusters).
|
||||
|
||||
* Identifies deleted files by name and location.
|
||||
|
||||
* Identifies the status of content units (blocks and clusters)
|
||||
and meta-data structures.
|
||||
|
||||
* Maps the relationship of objects across different layers.
|
||||
|
||||
WWW: ${HOMEPAGE}
|
42
sysutils/sleuthkit/pkg/PLIST
Normal file
42
sysutils/sleuthkit/pkg/PLIST
Normal file
@ -0,0 +1,42 @@
|
||||
@comment $OpenBSD: PLIST,v 1.1.1.1 2003/05/12 13:16:02 margarida Exp $
|
||||
bin/dcalc
|
||||
bin/dcat
|
||||
bin/dls
|
||||
bin/dstat
|
||||
bin/ffind
|
||||
bin/fls
|
||||
bin/fsstat
|
||||
bin/hfind
|
||||
bin/icat
|
||||
bin/ifind
|
||||
bin/ils
|
||||
bin/istat
|
||||
bin/mactime
|
||||
bin/sorter
|
||||
man/man1/dcalc.1
|
||||
man/man1/dcat.1
|
||||
man/man1/dls.1
|
||||
man/man1/dstat.1
|
||||
man/man1/ffind.1
|
||||
man/man1/fls.1
|
||||
man/man1/fsstat.1
|
||||
man/man1/hfind.1
|
||||
man/man1/icat.1
|
||||
man/man1/ifind.1
|
||||
man/man1/ils.1
|
||||
man/man1/istat.1
|
||||
man/man1/mactime.1
|
||||
man/man1/sorter.1
|
||||
share/doc/task/CHANGES.FROM.TCT
|
||||
share/doc/task/README
|
||||
share/doc/task/README.FIRST
|
||||
share/doc/task/additional-resources
|
||||
share/doc/task/bibliography
|
||||
share/doc/task/fat.README
|
||||
share/doc/task/filesystem.README
|
||||
share/doc/task/help-recovering-file
|
||||
share/doc/task/help-when-broken-into
|
||||
share/doc/task/ntfs.README
|
||||
share/doc/task/sorter.README
|
||||
share/doc/task/timeline.README
|
||||
@dirrm share/doc/task
|
Loading…
Reference in New Issue
Block a user