| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
hierarchy. Whilst this is not desirable, it's the only way to get this
package to execute properly, since it makes assumptions about absolute
and relative paths, and expects its own versions of certain commands (md5,
file), so it's best to keep these off to one side.
|
|
appropriate place. Pointed out in private mail by someone who wishes
to remain anonymous.
XXX The PLIST's location for these files needs to be fixed by someone
more knowledgable than me in these black arts.
|
|
TCT is a collection of programs by Dan Farmer and Wietse Venema for a
post-mortem analysis of a UNIX system after break-in.
Notable TCT components are the grave-robber tool that captures
information, the ils and mactime tools that display access patterns of
files dead or alive, the unrm and lazarus tools that recover deleted
files, and the findkey tool that recovers cryptographic keys from a
running process or from files.
WARNING
This software is not for the faint of heart. It is relatively
unpolished compared to the software that Dan and Wietse usually
release. TCT can spend a lot of time collecting data. And although
TCT collects lots of data, many analysis tools still need to be
written.
Based on patches provided in PR 15081 by frazee.23@osu.edu.
|
