Package: tct (1.11-6.3)

Links for tct

Debian Resources:

Download Source Package tct:

Maintainer:

Andrew Stribblehill (QA Page)

Similar packages:

Forensics related utilities.

The Coroner's Toolkit (TCT) is a collection of programs by Dan Farmer and Wietse Venema for a post-mortem analysis of a UNIX system after a break-in. TCT enables you to collect date regarding deleted files, modification times of files and more.

Install this BEFORE you need to use it, so you don't risk destroying essential forensic data before you begin.

Tools contained within this package: grave-robber, lazarus, inode-cat (ex icat), ils, unrm and pcat.

Tags: User Interface: Command Line, Role: Program, Scope: Utility, Security: Forensics, Intrusion Detection

Other Packages Related to tct

depends

recommends

suggests

dep: file

Determines file type using "magic" numbers
dep: libc6 (>= 2.3.5-1) [not alpha, i386, ia64]

GNU C Library: Shared libraries
also a virtual package provided by libc6-udeb

dep: libc6 (>= 2.3.6-6) [i386]
dep: libc6.1 (>= 2.3.5-1) [alpha, ia64]

GNU C Library: Shared libraries
also a virtual package provided by libc6.1-udeb
dep: libdate-manip-perl

a perl library for manipulating dates
dep: perl

Larry Wall's Practical Extraction and Report Language
dep: timeout

Run a command with a time limit.

rec: lsof

List open files

sug: acct

The GNU Accounting utilities for process and login accounting

Download tct

Download for all available architectures
Architecture	Package Size	Installed Size	Files
alpha	155.0 kB	604 kB	[list of files]
amd64	150.1 kB	588 kB	[list of files]
arm	147.1 kB	386 kB	[list of files]
hppa	151.5 kB	592 kB	[list of files]
i386	147.1 kB	572 kB	[list of files]
ia64	165.9 kB	640 kB	[list of files]
mips	150.9 kB	596 kB	[list of files]
mipsel	150.8 kB	596 kB	[list of files]
powerpc	148.3 kB	584 kB	[list of files]
s390	149.4 kB	584 kB	[list of files]
sparc	147.3 kB	580 kB	[list of files]