On 03/17/2014 01:16 AM, Eriberto wrote: > Hi! > > I looked over the new autopsy 3 (currently in 3.0.9 version)[1]. The > upstream says[2]: > > "Although Autopsy is designed to be cross-platform (Windows, Linux, > MacOSX), the current version is fully functional and fully tested only > on Windows. > We have run it on XP, Vista, and Windows 7 with no problems." > > My first impression is that is a pure Windows based program. The > upstream stuffed several third-party softwares in his tarball, doing > 79 MB. An example: > > $ ls thirdparty > ant-contrib crt gstreamer jdiff jfxrt junit libscalpel_jni > mactime pasco2 sigar > > I think that the upstream linked autopsy with some specific versions > of the other programs. Exemple: > > $ ls thirdparty/ant-contrib/1.0b3/lib > bcel-5.1.jar commons-httpclient-3.0.1.jar commons-logging-1.0.4.jar > ivy-1.3.1.jar > > As I talked before, I will analyse all in two or three weeks. But I > think that this is a Windows only code... > > Good night! > > Cheers, > > Eriberto > > [1] https://github.com/sleuthkit/autopsy/releases > [2] https://github.com/sleuthkit/autopsy > > > 2014-03-14 12:16 GMT-03:00 Henri Salo <[email protected]>: >> I'm happy to help with testing. We can talk more in #debian-forensics
Hello, my first impression was about the same - it doesn't look like the most Debian/Linux-friendly upstream to me ;) OTOH, their github repository (or repositories, one for sleuthkit, one for autopsy) compiles without problems using an up to date wheezy/sid install. I haven't tried replacing the included jars and libs with ones available in Debian. I can run Autopsy and ingest a raw image (didn't try other formats), but some features are broken. E.g., viewing recovered images or videos only displays a black panel instead of the actual content. I am sure other stuff does not work as expected as well, I only had time for limited tests. I will report back as soon as I found the time to test some more. Kind regards, Fabian -- GPG: https://web.student.tuwien.ac.at/~fgruenbi/key.asc or on your favourite keyserver _______________________________________________ forensics-devel mailing list [email protected] http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/forensics-devel
