Slueth 1.72 and Aut...
 
Notifications
Clear all

Slueth 1.72 and Autopsy

4 Posts
4 Users
0 Likes
423 Views
(@benjiga69)
Posts: 4
New Member
Topic starter
 

I am in the midst of finding a bachelors program for computer forensic. There is one at southern oregon university that I am considering attending in the following year. I found this site while looking for various schools offering such a program. I just wanted to give a little preface to my situation. I dont know a lot about the field just yet but I find it very excitng and interesting. I have read some books on c programming and HTML, however I am finding that I know very little. My real question is how do I install the Slueth 1.72 and Autopsy forensics programs on my computer? I looked at the install file, the author refered to typing in $make? But he/she did not say where to type this in? Like for example a compiler program, dos prompt, run? I just need a little help getting started so I can explore these two programs. The answer is something very simple i'm sure, ha, ha!
Thanks

 
Posted : 06/11/2004 3:26 am
(@steve)
Posts: 10
Active Member
 

I believe these tools are written to be run on Linux systems not Windows.

 
Posted : 06/11/2004 5:13 am
 Andy
(@andy)
Posts: 357
Reputable Member
 

Autopsy is a web-based graphical interface that uses the Sleuthkit command-line tools. Sleuthkit needs to be installed/compilled first, then autopsy. They are both Linux programs, and to my knowledge not yet been ported into Windows.

It can be run using cygwin. Cygwin is a Linux-like environment for Windows. It can be downloaded here: http://www.cygwin.com/

Cygwin in Windows and Linux can be complicated if you are not too familiar with them (and by the sound of things you arn't) you might want to try taking a look at a CD-ROM based distro such as Penguin Sleuth Kit at:

http://www.linux-forensics.com/downloads.html

Alternatively (and my personal preference) Helix at:

http://www.e-fense.com/helix/

You can download both onto your Windows box as iso files, burn them to CD, and then you can boot to them in a Linux environment. No messing with installing Linux onto your machine, it doesn't harm your Windows install, and no need for a dual boot setup, etc. Once your finished you simply remove the CD and reboot, back into Windows.

Both distros have Sleuth and Autopsy built in. Autopsy is the front end HTML based browser for Sleuth. I thought it was a bit tricky to get to grips with when I first used it, and much prefer something more COTS.

Andy

 
Posted : 06/11/2004 10:50 am
Jamie
(@jamie)
Posts: 1288
Moderator
 

Autopsy/TSK under Cygwin…I never thought of that 😯

Interesting…

Jamie

 
Posted : 07/11/2004 4:14 pm
Share: