FIRE is a portable bootable cdrom based distribution with the goal of providing an immediate environment to perform forensic analysis, incident response, data recovery, virus scanning and vulnerability assessment.
Also provides necessary tools for live forensics/analysis on win32, sparc solaris and x86 linux hosts just by mounting the cdrom and using trusted static binaries available in /statbins.
Here are some key features of "FIRE":
Forensics workstation/Data Recovery
· Instantly deploy a forensics workstation with tct, tctutils, mac-robber, and autopsy also provides perl 5.6.1 compiled with Large File Support.
Live System Incident Response
· Binaries are available for Incident Response on a live machine.
· Utilizing F-Prot 3.11beta http://www.f-prot.com you can scan for virii, worms, trojans, and all around harmful code.
· Just mount the filesystems that you want to scan and execute 'f-prot . '
· Any filesystem you can mount, you can scan. mount and scan fat/ntfs/ext2/ext3/reiserfs partitions
· Scan your windows machines offline for virii that may not be detected with an "after the fact" anti-virus
· software installation.
· I should NOT have to explain this portion: If the tools you would like to use are not in the distribution please make a request!