Free Software Foundation!

Join now

TCT

From Free Software Directory
 
Jump to: navigation,
[edit]

TCT

http://www.porcupine.org/forensics/tct.html
'TCT' is a collection of programs for a post-mortem analysis of a *NIX system after break-in. It is meant to create areconstruction of the past - determining as much as possible what happened with a static snapshot of a system. 'TCT' was designed primarily for people in the trenches - systems administrators, security response teams, security investigators, etc. There are currently four major parts to TCT:

  • grave-robber (data capturing tool)
  • the C tools (ils, icat, pcat, file, etc.)
  • unrm & lazarus (collection & analysis of data on a file)
  • mactime (analyzes the mtime file)

Documentation

User README and man pages included


Download

Download version 1.15 (beta)
released on 6 January 2004

Categories




Licensing

LicenseVerified byVerified onNotes
IBM Public License 1.0Janet Casey5 August 2004



Leaders and contributors

Contact(s)Role
Dan FarmerMaintainer
Wietse Venema Maintainer


Resources and communication

Audience Resource type URI
Bug Tracking,Developer,Support E-mail mailto:tct-users@porcupine.org
Bug Tracking,Developer,Support Newsgroup comp.security.unix


Software prerequisites

Kind Description
Required to use Perl 5.004 or later

This entry (in part or in whole) was last reviewed on 5 August 2004.



Entry

























Permission is granted to copy, distribute and/or modify this document under the terms of the GNU Free Documentation License, Version 1.3 or any later version published by the Free Software Foundation; with no Invariant Sections, no Front-Cover Texts, and no Back-Cover Texts. A copy of the license is included in the page “GNU Free Documentation License”.

The copyright and license notices on this page only apply to the text on this page. Any software or copyright-licenses or other similar notices described in this text has its own copyright notice and license, which can usually be found in the distribution or license text itself.


Personal tools
Namespaces

Variants
Actions
Navigation
Contribute