From: William Salusky [change@dmzs.com]
Sent: Sunday, April 14, 2002 5:27 AM
To: forensics@securityfocus.com
Subject: a few new DoD developed/enhanced forensic tools

In working with a contact in the air force, I've recently been granted 
permission to distribute several tools with biatchux that are claimed not to 
have been previously available to the public.

The tools are named fatback, foremost, and dcfldd (an enhanced dd with MD5 
hashing).  I did not develop these tools, and do not maintain them, but since 
they do not have a current public download location I've placed them on the 
biatchux site as they are making their initial availability to the public in 
the biatchux distribution.

Fatback v1.3 - undelete files from FAT filesystems
http://prdownloads.sourceforge.net/biatchux/fatback-1.3.tar.gz
 author, Nick Harbour - DoD Computer Forensics Lab  harbourn (at) dcfl dot gov

DCFL-DD v1.0 - (an enhanced dd with MD5 hashing)
http://prdownloads.sourceforge.net/biatchux/dcfldd-1.0.tar.gz
 based on available docs, I haven't determined who made the enhancements

Foremost v.62 - digs through image (dd) files to recover files based on 
header info
http://prdownloads.sourceforge.net/biatchux/foremost-0.62.tar.gz
 authors, Jesse Kornblum and Kris Kendall -  jesse.kornblum (at) ogn.af.mil

-- 
William Salusky





-----------------------------------------------------------------
This list is provided by the SecurityFocus ARIS analyzer service.
For more information on this free incident handling, management 
and tracking system please see: http://aris.securityfocus.com