mstoeck3/autopsy-flatpak
1
0
Fork 0
mirror of https://github.com/overcuriousity/autopsy-flatpak.git synced 2025-07-12 16:06:15 +00:00
Code Issues Packages Projects Releases Wiki Activity

Updated docs

Browse Source
This commit is contained in:
Brian Carrier 2012-06-12 12:26:00 -04:00
parent 10ee4c4d66
commit e28ca07b03
4 changed files with 92 additions and 66 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

38
BUILDING.txt
View File

@ -1,3 +1,5 @@
Last Updated: June 12, 2012
This file outlines what it takes to build Autopsy from source. This file outlines what it takes to build Autopsy from source.
Note that it currently only works out of the box on Windows. We Note that it currently only works out of the box on Windows. We
@ -5,33 +7,48 @@ are working on getting the process working under non-WIndows systems.
It generally works, but needs some custom mangling to find the It generally works, but needs some custom mangling to find the
correct C libraries. correct C libraries.
STEPS: STEPS:
1) Download and install 32-bit version of JDK (32-bit is currently 1) Get Java Setup
1a) Download and install 32-bit version of JDK (32-bit is currently
needed even if you have a 64-bit system). needed even if you have a 64-bit system).
2) Ensure that JDK_HOME is set to the root JDK directory. 1b) Ensure that JDK_HOME is set to the root JDK directory.
3) Download and install Netbeans IDE 7.0.1 (http://netbeans.org/) 1c) Download and install Netbeans IDE 7.0.1 (http://netbeans.org/)
4) Download and build the release version of Libewf2 (20120304 or later). All you need is the dll file. Note that you will get a launching error if you use libewf 1.
2) Get Sleuth Kit Setup
2a) Download and build the release version of Libewf2 (20120304 or later). All you need is the dll file. Note that you will get a launching error if you use libewf 1.
- http://sourceforge.net/projects/libewf/ - http://sourceforge.net/projects/libewf/
5) Set LIBEWF_HOME environment variable to root directory of LIBEWF 2b) Set LIBEWF_HOME environment variable to root directory of LIBEWF
6) Download and build release version of Sleuth Kit (TSK) 4.0. You 2c) Download and build release version of Sleuth Kit (TSK) 4.0. You
need to build the tsk_jni project. need to build the tsk_jni project.
- At the time of this writing, 4.0 is not released. You can get it from either - At the time of this writing, 4.0 is not released. You can get it from either
-- GIT: git://github.com/sleuthkit/sleuthkit.git -- GIT: git://github.com/sleuthkit/sleuthkit.git
-- SVN: http://svn.github.com/sleuthkit/sleuthkit.git -- SVN: http://svn.github.com/sleuthkit/sleuthkit.git
7) Build the TSK JAR file by typing 'ant' in bindings/java from a 2d) Build the TSK JAR file by typing 'ant' in bindings/java from a
command line or by opening the project in NetBeans. command line or by opening the project in NetBeans.
8) Set TSK_HOME environment variable to the root directory of TSK 2e) Set TSK_HOME environment variable to the root directory of TSK
9) Start NetBean IDE and open the Autopsy project.
10) Choose to build the Autopsy project / module. It is the highest 3) Get gstreamer Setup
If Autopsy installer is not used, add the following entries to Windows PATH environment variable
(replace GSTREAMER_INSTALL_DIR with the location of gstreamer install root directory):
GSTREAMER_INSTALL_DIR\bin\;
GSTREAMER_INSTALL_DIR\lib\gstreamer-0.10\;
4) Compile Autopsy
4a) Start NetBean IDE and open the Autopsy project.
4b) Choose to build the Autopsy project / module. It is the highest
level project that will then cause the other modules to be compiled. level project that will then cause the other modules to be compiled.
@ -55,5 +72,4 @@ rebuild both the dll and the JAR file.
--------------- ---------------
Brian Carrier Brian Carrier
4/6/2012
carrier <at> sleuthkit <dot> org carrier <at> sleuthkit <dot> org

26
KNOWN_ISSUES.txt
View File

@ -1,17 +1,17 @@
Known issues and limitations Known Issues
We plan to address the following issues in future releases. Last Reviewed: June 12, 2012
General:
- Only a single instance of the application can be started at once.
There is no check if another instance is already running. Running a second instance will cause issues.
- Only a single case can be opened at a time.
Keyword search module: This lists the bugs and issues thare are known and could effect
- Keyword search maximum size of files of known types to be indexed and searched is 100MB. investigation results. There are other minor interface bugs that
There is no limit on size of unknown file types indexed using string extraction. are not listed here.
- Currently we extract only English strings from files of unknown types.
Installation: Keyword Search module:
- Installer version currently supports only Windows OS (XP or newer), - Slack space of files is not added to the index and therefore will
- Currently only 32 bit version of Autopsy is provided with the installer (works on 64 bit Windows OS) not be searched.
- Files larger than 100MB AND that are file types that are supported
by Tika (word docs, PDF, HTML, JPEG, etc.) are not being added to
the index.
- For unknown file types, we extract UTF-8 (Ascii) and UTF-16 English
strings. No non-English strings are extracted.

2
NEWS.txt
View File

@ -1,4 +1,4 @@
3.0.0b3 (June X, 2012) 3.0.0b3 (June 12, 2012)
New Features: New Features:
- Ingest manager runs triage/ingest task after disk is added. - Ingest manager runs triage/ingest task after disk is added.
- Keyword search (indexed via SOLR) - Keyword search (indexed via SOLR)

114
README.txt
View File

@ -21,61 +21,71 @@ There is no need for manual installation of additional dependencies if the insta
Refer to the next section for additional info on third-party software requirements to run Autopsy without installer. Refer to the next section for additional info on third-party software requirements to run Autopsy without installer.
Refer to the KNOWN_ISSUES.txt file for known bugs that could cause investigation problems.
EMBEDDED SOFTWARE
Autopsy (core) utilizes the following third-party software tools.
The tools are bundled with the installer, unless specified otherwise.
* JRE (Java Runtime Environment) 1.6, 32 bit
Web page: http://www.oracle.com/technetwork/java/index.html
Oracle license: http://www.oracle.com/technetwork/java/javase/terms/license/index.html
JRE needs to be manually installed on the system if Autopsy installer is not used.
* Netbeans 7.0.1 RCP platform and .jar files bundled with the platform
Web page: http://netbeans.org/features/platform/
License:
http://services.netbeans.org/downloads/licence/nb-7.0-final-2011-04-20-license.txt
* Solr (including Lucene and TIKA)
Web page: http://projects.apache.org/projects/solr.html
Apache license: http://www.apache.org/licenses/LICENSE-2.0
* GStreamer
Web page: http://gstreamer.freedesktop.org/
License: http://www.gnu.org/licenses/lgpl.html
If Autopsy installer is not used, add the following entries to Windows PATH environment variable
(replace GSTREAMER_INSTALL_DIR with the location of gstreamer install root directory):
GSTREAMER_INSTALL_DIR\bin\;
GSTREAMER_INSTALL_DIR\lib\gstreamer-0.10\;
* GStreamer-java SUPPORT
Web page: http://code.google.com/p/gstreamer-java/
License: http://www.gnu.org/licenses/lgpl.html
There is a built-in help system in Autopsy once you get it started. There is also a QuickStart Guide that came
* Regripper with the installer.
(regripper and custom plugins found in autopsy/thirdparty)
Web page: http://regripper.wordpress.com/
License: http://www.gnu.org/licenses/gpl.html
* Pasco
Web page: http://sourceforge.net/projects/odessa/files/Pasco/
* Advanced installer 9.0 (Freeware)
(not embedded in Autopsy, but used to generate Autopsy installer.)
If you want to generate Autopsy installer, you will need to install the freeware version of Advanced Installer software)
Web page: http://www.advancedinstaller.com/
FEEDBACK
Send any bug reports or feature requests to the sleuthkit-users e-mail list. Send any bug reports or feature requests to the sleuthkit-users e-mail list.
http://www.sleuthkit.org/support.php http://www.sleuthkit.org/support.php
LICENSE
The Autopsy code is released under the Apache License, Version 2. See LICENSE-2.0.txt for details.
EMBEDDED SOFTWARE
This section lists the software components and libraries that are used inside of
Autopsy. These tools are bundled with the installer, unless specified otherwise.
JRE (Java Runtime Environment) 1.6, 32 bit
- Web page: http://www.oracle.com/technetwork/java/index.html
- License: http://www.oracle.com/technetwork/java/javase/terms/license/index.html
Netbeans 7.0.1 RCP platform and .jar files bundled with the platform
- Web page: http://netbeans.org/features/platform/
- License:
http://services.netbeans.org/downloads/licence/nb-7.0-final-2011-04-20-license.txt
Sleuth Kit for analyzing disk images.
- Web page: http://www.sleuthkit.org/sleuthkit/
- License: http://sleuthkit.org/sleuthkit/licenses.php
Libewf for opening E01 files
- Web page: http://sourceforge.net/projects/libewf/
- License: http://www.gnu.org/licenses/lgpl.html
zlib for opening E01 files
- Web page: http://zlib.net/
- License: http://zlib.net/zlib_license.html
Solr (including Lucene and TIKA) for keyword search
- Web page: http://projects.apache.org/projects/solr.html
- License: http://www.apache.org/licenses/LICENSE-2.0
GStreamer for viewing video files
- Web page: http://gstreamer.freedesktop.org/
- License: http://www.gnu.org/licenses/lgpl.html
GStreamer-java for viewing video files
- Web page: http://code.google.com/p/gstreamer-java/
- License: http://www.gnu.org/licenses/lgpl.html
Regripper for pulling recently activity
(Including custom plugins)
- Web page: http://regripper.wordpress.com/
- License: http://www.gnu.org/licenses/gpl.html
Pasco2 for pulling Internet Explorer activity
- Web page: http://sourceforge.net/projects/pasco2/
- License: http://www.gnu.org/licenses/gpl.html
Advanced installer 9.0 (Freeware)
(not embedded in Autopsy, but used to generate Autopsy installer.)
- Web page: http://www.advancedinstaller.com/