Categories

Visit BadVista.org Visit PlayOgg.org Visit DefectiveByDesign.org

TCT

'TCT' is a collection of programs for a post-mortem analysis of a *NIX system after break-in. It is meant to create areconstruction of the past - determining as much as possible what happened with a static snapshot of a system. 'TCT' was designed primarily for people in the trenches - systems administrators, security response teams, security investigators, etc.

There are currently four major parts to TCT: 

	o  grave-robber (data capturing tool)
	o  the C tools (ils, icat, pcat, file, etc.)
	o  unrm & lazarus (collection & analysis of data on a file)
	o  mactime (analyzes the mtime file)

Last updated 5 Aug, 2004


User level: Submit a level

User Rating:

Homepage

License(s) :

IBM Public License 1.0

Rate it!

 

About

Leadership
Requirements
  • Perl 5.004 or later (Use Requirement)
Subprograms

graverobber, unrm, lazarus, mactime, ils, icat, pcat, file

Versions

1.15

1.15 beta released 2004-01-06

User Community and Support

User README and man pages included

General Resources
Support Resources

Development

Developer Resources
Bug Tracking Resources
 

Please send comments on these web pages to bug-directory@fsf.org, send other questions to info@fsf.org.

Copyright © 2000 - 2008 Free Software Foundation, Inc., 51 Franklin Street, 5th Floor, Boston, MA 02110-1301, USA

The copyright licensing notice below applies to this text. Any software described in this text has its own copyright notice and license, which can usually be found in the distribution itself.

Permission is granted to copy, distribute, and/or modify this document under the terms of the GNU Free Documentation License, Version 1.2 or any later version published by the Free Software Foundation; with no Invariant Sections, with no Front-Cover Texts, and with no Back-Cover Texts.