mac-robber_1.02-3_amd64.deb


Advertisement

Description

mac-robber - collects data about allocated files in mounted filesystems

Property Value
Distribution Debian 8 (Jessie)
Repository Debian Main amd64
Package name mac-robber
Package version 1.02
Package release 3
Package architecture amd64
Package type deb
Installed size 53 B
Download size 8.55 KB
Official Mirror ftp.br.debian.org
mac-robber is a digital investigation tool (digital forensics) that collects
metadata from allocated files in a mounted filesystem. This is useful during
incident response when analyzing a live system or when analyzing a dead
system in a lab. The data can be used by the mactime tool in The Sleuth Kit
(TSK or SleuthKit only) to make a timeline of file activity. The mac-robber
tool is based on the grave-robber tool from TCT (The Coroners Toolkit).
mac-robber requires that the filesystem be mounted by the operating system,
unlike the tools in The Sleuth Kit that process the filesystem themselves.
Therefore, mac-robber will not collect data from deleted files or files that
have been hidden by rootkits. mac-robber will also modify the Access times
on directories that are mounted with write permissions.
mac-robber is useful when dealing with a filesystem that is not supported
by The Sleuth Kit or other filesystem analysis tools. You can run mac-robber
on an obscure, suspect UNIX filesystem that has been mounted read-only on a
trusted system.

Alternatives

Package Version Architecture Repository
mac-robber_1.02-3_i386.deb 1.02 i386 Debian Main
mac-robber - - -

Requires

Name Value
libc6 >= 2.4

Download

Type URL
Binary Package mac-robber_1.02-3_amd64.deb
Source Package mac-robber

Install Howto

  1. Update the package index:
    # sudo apt-get update
  2. Install mac-robber deb package:
    # sudo apt-get install mac-robber

Files

Path
/usr/bin/mac-robber
/usr/share/doc/mac-robber/README
/usr/share/doc/mac-robber/changelog.Debian.gz
/usr/share/doc/mac-robber/changelog.gz
/usr/share/doc/mac-robber/copyright
/usr/share/man/man1/mac-robber.1.gz

Changelog

2014-08-09 - Joao Eriberto Mota Filho <eriberto@debian.org>
mac-robber (1.02-3) unstable; urgency=medium
* New maintainer email address.
* debian/control:
- Updated the Standards-Version from 3.9.4 to 3.9.5.
- Updated the Vcs-Browser field.
* debian/copyright: updated packaging copyright years.
* debian/man/:
- Added genman.sh to automate the manpage creation.
- Fixed minus hyphen as minus sign in mac-robber.{txt,1}.
2013-10-17 - Joao Eriberto Mota Filho <eriberto@eriberto.pro.br>
mac-robber (1.02-2) unstable; urgency=low
* debian/control: fixed the Vcs-Browser field.
* debian/rules: disabled the DH_VERBOSE option.
2013-05-16 - Joao Eriberto Mota Filho <eriberto@eriberto.pro.br>
mac-robber (1.02-1) unstable; urgency=low
* Initial release (Closes: #708528)

See Also

Package Description
macchanger-gtk_1.1-4_all.deb a GTK+ interface for GNU/MACchanger
macchanger_1.7.0-5.3_amd64.deb utility for manipulating the MAC address of network interfaces
mace2_3.3f-1.1_amd64.deb program that searches for finite models of first-order statements
macfanctld_0.6+repack1-1_amd64.deb fan control daemon for Apple MacBook / MacBook Pro computers
macopix-gtk2_1.7.4-5+b1_amd64.deb Mascot Constructive Pilot for X based on GTK+ 2
macs_2.0.9.1-1_amd64.deb Model-based Analysis of ChIP-Seq on short reads sequencers
mactelnet-client_0.4.0-1+deb8u1_amd64.deb Console tools for telneting and pinging via MAC addresses
mactelnet-server_0.4.0-1+deb8u1_amd64.deb Telnet daemon for accepting connections via MAC addresses
macutils_2.0b3-16_amd64.deb Set of tools to deal with specially encoded Macintosh files
madbomber-data_0.2.5-6_all.deb Datafiles for madbomber
madbomber_0.2.5-6_amd64.deb Kaboom! clone
madison-lite_0.20_all.deb display versions of Debian packages in an archive
madlib-doc_1.3.0-2.1_all.deb mesh adaptation library
madplay_0.15.2b-8_amd64.deb MPEG audio player in fixed point
madwimax_0.1.1-1_amd64.deb user-space driver for mWiMAX equipment based on Samsung CMC-730
Advertisement
Advertisement