CAINE - A digital forensic project on Live CD
CAINE - Computer Aided INvestigative Environment -is a digital forensics project based on Ubuntu Hardy Heron. It comes complete with the full complement of Ubuntu’s traditional Gnome interface. On top of the Ubuntu kernel is an assembly of open source computer forensics tools held together by a perl wrapper. Tools included are:
- Grissom Analizer
- Automated Image & Restore (AIR)
- Guymager
- libguytools
- Foremost and Scalpel
- Autopsy 2.20 and TSK 3.0
- SFDumper
- Fundl
- Stegdetect
- Ophcrack
As I see it this project is pretty useful for the data collection phase of a digital forensic process. Given that incidence reponse has been handled properly, CAINE will greatly help in gathering the data of evidential value in any investigative process.
This process may be compared to a physical crime scene in Hollywood’s CSI series where blood and hair samples, fingerprints and pictures are taken. The data collection tools used will greatly influence the quality of digital data that is gathered and hence its admissibility in court.
Burn a CAINE Live CD and you have your CSI toolset.
I’m yet to use to it. But I liking the interface already. Great job guys.
Related Posts
December 15th, 2008 at 10:51 am
[...] CAINE - A digital forensic project on Live CD (ENG) [...]
February 20th, 2009 at 5:24 pm
I’ve been using CAINE for a few weeks now and love it. I needed a replacement for Helix which has now gone pay.
February 24th, 2009 at 7:26 pm
Hi,
I announce the new release of Caine:
Caine 0.5
http://www.caine-live.net/
Thank you
March 3rd, 2009 at 11:24 pm
@Joe
Yea you are right and its a shame that Helix has gone commercial. Would you like to share your experience on how CAINE compares to Helix?
Thanks for the tip, I’ll update the tools page.