Browse wiki
This entry published by the Free Software Foundation.
| TCT |
| Component programs | graverobber,unrm,lazarus,mactime,ils,icat,pcat,file + |
|---|---|
| Computer languages | C + |
| Documentation note | User README and man pages included |
| Full description | 'TCT' is a collection of programs for a po … 'TCT' is a collection of programs for a post-mortem analysis of a *NIX system after break-in. It is meant to create areconstruction of the past - determining as much as possible what happened with a static snapshot of a system. 'TCT' was designed primarily for people in the trenches - systems administrators, security response teams, security investigators, etc. There are currently four major parts to TCT: <br /> * grave-robber (data capturing tool) * the C tools (ils, icat, pcat, file, etc.) * unrm & lazarus (collection & analysis of data on a file) * mactime (analyzes the mtime file) file) * mactime (analyzes the mtime file) |
| Homepage URL | http://www.porcupine.org/forensics/tct.html + |
| Interface | command-line + |
| Is GNU | false + |
| Keywords | analysis + , system + , crack + , break-in + , exploit + , forensics + , post-mortem + |
| Last review by | Janet Casey + |
| Last review date | 5 August 2004 + |
| License | IBM Public License 1.0 + |
| License verified by | Janet Casey + |
| License verified date | 5 August 2004 + |
| Name | TCT + |
| Prerequisite description | Perl 5.004 or later + |
| Prerequisite kind | Required to use + |
| Real name | Dan Farmer + , Wietse Venema + |
| Resource URL | mailto:tct-users@porcupine.org + , comp.security.unix + |
| Resource audience | Bug Tracking + , Developer + , Support + |
| Resource kind | E-mail + , Newsgroup + |
| Revisionid | 11,959 + |
| Revisiontimestamp | 24 October 2011 20:55:34 + |
| Revisionuser | Jgay + |
| Role | Maintainer + |
| Short description | Tools for analyzing a system after a break-in + |
| Submitted by | Database conversion + |
| Submitted date | 1 April 2011 + |
| User level | none + |
| Version comment | 1.15 beta released 2004-01-06 |
| Version date | 6 January 2004 + |
| Version download | http://www.porcupine.org/forensics/tct-1.15.tar.gz + |
| Version identifier | 1.15 + |
| Version status | beta + |
| Modification dateThis property is a special property in this wiki. | 24 May 2012 22:41:18 + |
| Page has default formThis property is a special property in this wiki. | Entry + |
| EmailThis property is a special property in this wiki. | wietse@porcupine.org + |
| hide properties that link here |
| TCT#5 + | License of |
|---|---|
| TCT#1 + , TCT#2 + | Person of |
| TCT#3 + , TCT#4 + | Resource of |
| TCT#6 + | Software prerequisite of |
Permission is granted to copy, distribute and/or modify this document under the terms of the GNU Free Documentation License, Version 1.3 or any later version published by the Free Software Foundation; with no Invariant Sections, no Front-Cover Texts, and no Back-Cover Texts. A copy of the license is included in the page “GNU Free Documentation License”.
The copyright and license notices on this page only apply to the text on this page. Any software described in this text has its own copyright notice and license, which can usually be found in the distribution itself.