|
|
|
|
 |
 |
Helix is not perfect by any means. So this log will be an ongoing listing of the changes, additions, fixes to the Helix Live CD.
Helix 1.9a: 31.July.2007
ADDED
Windows Side:
1. Spanish Language - Maximiliano Soler
Linux Side:
1. LFTP - http://lftp.yar.ru
UPDATED
Linux Side:
1. Fixed the Fuse Module (NTFS-3G now works)
2. Fixed the CDFS Module
3. Fixed the Truecrypt Module
Helix 1.9: 13.July.2007
ADDED
Windows Side:
1. RD PassView 1.00 - http://www.nirsoft.net
2. USBDeview 1.05 - http://www.nirsoft.net
3. InjectedDLL 1.00 - http://www.nirsoft.net
4. LSASecretsView 1.10 - http://www.nirsoft.net
5. WirelessKeyView 1.10 - http://www.nirsoft.net
6. Nigilant32 0.1 - http://www.agilerm.net
7. ZeroView 1.1 - http://www.techpathways.com
8. Pre-Search 0.08 - Paul Bright
Linux Side:
1. vinetto 0.06 - http://sourceforge.net
2. Pythonraw 1.0 - http://www.storm.net.nz
3. sg3-utils 1.24-0.1 - http://packages.debian.org
4. Truecrypt 4.3a - http://www.truecrypt.org
5. lzop 1.0.1 - http://www.lzop.org
UPDATED
Windows Side:
1. WFT 3.0.01 - http://www.foolmoon.net
2. IRCR 2.3 - http://tools.phantombyte.com
3. Mail PassView 1.38 - http://www.nirsoft.net
4. MessenPass 1.14 - http://www.nirsoft.net
5. IE PassView 1.05 - http://www.nirsoft.net
6. PstPassword 1.01 - http://www.nirsoft.net
7. NetPass Recovery 1.11 - http://www.nirsoft.net
8. RegScanner 1.51 - http://www.nirsoft.net
Linux Side:
1. Scalpel 1.60 - http://www.digitalforensicssolutions
2. Foremost 1.5 - http://foremost.sourceforge.net
3. dcfldd 1.3.4-1 - http://dcfldd.sourceforge.net
4. libewf-20070512 - http://www.uitwisselplatform.nl
5. mount-ewf-20070512
6. allin1 0.4 - http://www.netmon.ch/forensic
7. Sluethkit 2.09 - http://www.sleuthkit.org
8. RKHunter 1.2.9 - http://rkhunter.sourceforge.net
9. afflib-2.3.0 - http://www.afflib.org
10. NTFS-3g 1.710 - http://www.ntfs-3g.org
11. FUSE 2.7.0 - http://fuse.sourceforge.net
12. CDFS 2.6.19 - http://trappist.elis.ugent.be
13. Kernel 2.6.18 - http://www.kernel.org
14. Linen 6.01 - http://www.guidancesoftware.com
REMOVED
Windows Side:
1. Convair File Recovery
2. Foxit PDF Viewer
Helix 1.8: 6.Oct.2006
Linux Side:
- Fixed Helix Mount code for journaled file systems. Helix will NO longer change the journal mount count when you mount a journaled file system.
- Updated md5deep suite to 1.12
- Updated Clamav to 0.88.2
- Updated Sleuthkit to 2.06
- Updated Autopsy to 2.08
- Updated Foremost to 1.3
- Updated Scalpel 1.54 to carve data
- Updated EnCase Linen to 5.05f
- Updated Adepto 2.0 - With AFF support now
- Added endeavour2 file manager
- Added ssdeep 1.0 for fuzy hashing
- Added AFFlib 1.6.31 for image acquisition
- Added NTFS-3G for native NTFS write support
- Added libewf library
- Added ptfinder memory analysis code from Andreas Schuster
- Removed Solaris static binaries from CD
- Replaced evince with xpdf
Windows Side:
- Updated the Helix executable code
- Update code for command shell paths
- Update all Cygwin tools to latest
- Updated all unxutil tools
- Updated Static Binaries (linux)
- Updated MessenPass to v1.08
- Updated Mail PassView to v1.36
- Updated Protected Storage PassView to v1.63
- Updated Network Password Recovery to v1.03
- Updated IECookiesView to v1.70
- Updated IEHistoryView to v1.32
- Updated RegScanner to v1.30
- Updated FTK Imager to 1.5.1
- Updated Forensic Server Project to 1.0
- Updated PsTools Version to 2.34 (Psexec, psinfo, pslist, etc)
- Updated Process Explorer to 10.2
- Added PstPassword v1.00
- Added Access PassView 1.12
- Added PC On/Off Time
- Added Winaudit v2.15
- Added Drive Manager v3.23
- Added ReSysInfo v2.1
- Added Icon to start a NC listener
- Added code to Windows GUI for investigative notes
Helix 1.7: 7.Mar.2006
Updated EULA/License
Linux Side:
- Updated 2.6.14 Kernel
- Updated Firefox to 1.5.0.1
- Updated dcfldd to 1.3.4
- Updated md5deep suite to 1.10
- Updated Clamav to 0.88.1-1
- Updated PyFlag to 0.80-1
- Updated EnCase Linen to 5.04
- Updated/Fixed Boot time help code and Grub options
- Added xhfs 3.2.6 to browse HFS volumes
- Added Totem 1.2.1-3 to play videos
- Added Air 1.2.8 to replace deprecated Grab
- Added Scalpel 1.53 to carve data
- Added Graveman 0.3.12-4-2.1 graphical CD burner
- Added Gcombust 0.1.55-2 graphical CD burner
- Added Sleuthkit binaries to path
- Replaced devfs with udev 0.079-1
- Restored missing replay utility
- Removed Grab (deprecated)
- Removed /usr/share/docs to make room on CD
Windows Side:
- Updated the Helix executable code
- Cleaned up GUI interface
- Added a new menu bar for quick launch
- Added new options to acquisition screen
- Helix translated to Italian
- Helix translated to Russian
- Update all Cygwin tools to latest
- Updated all unxutil tools
- Updated Static Binaries (linux, solaris)
Helix 1.7: 7.Dec.2005
Linux Side:
- New 2.6.14 Kernel
- New RAID & SATA Drivers
- Switched from Cloop to Squashfs (should be faster)
- Updated Autopsy to 2.06
- Updated Sleuthkith to 2.03
- Updated Firefox to 1.5
- Updated dcfldd 1.2.4
- Updated Clamav to 0.87.1-1
- Added new desktop icons for mounting devices
- Added EnCase Linen Utility
- Added All-in-1-step-GUI 0.3 for the Sleuthkith
- Added 855resolution for Intel Widescreen Laptops
- Added e2undel 0.8-7
- Added evince PDF viewer 0.4.0-1
- Added foomatic for installing printers
- Added hfsplus to access HFS+ formatted volumes
- Added tcpxtract 1.0.1-1 from Nick Harbour
- Removed Kismet
- Removed aircrack
- Removed nessus
- Removed dsniff
Windows Side:
- Updated the Helix executable code
- Cleaned up GUI interface
- Added a new menu bar for navigation
- Helix log is now saved in PDF
- Helix translated to French
- Helix translated to Russian(Pending)
- Revamped IR directory to clean and streamline it
- Update WFT to version 2.0
- Update all Cygwin tools to latest
- Updated all unxutil tools
- Updated FRED Script
- Added new IRCR v2
- Added Forensic Server Project
- Added PuTTY SSH client
- Added FTK Imager 2.3
- Re-Added Static Binaries (gnu, linux, solaris)
Helix 1.6: 28.July.2005
Linux Side:
- Updated Grub to 0.96-1 which fixed error 21
- Updated Autopsy/Sluehtkit to 2.05 and 2.02
- Updated dcfldd to 1.2.4
- Updated pyflag to 0.76
- Updated Retriever to 2.0
- Rewrote grab now Adepto 1.0
- Added OpenOffice
- Update clamav to 0.85-1
- Update firefox to 1.06
Windows Side:
- Updated the Helix executable code
- Fixed FRED script
- Fixed missing split.exe
- Added 3 new tools from Nirsoft
Helix 1.6: 12.March.2005
Linux Side:
- Removed SMART per request. For SMART please go to ASR DATA
- Fixed missing helix.htm file
- Fixed Grub error 21 by releasing 2nd ISO that does not use Grub
Windows Side:
- Updated the Helix executable code
- Fixed error in scan for Images/Pictures
- Added new section for System Info
- Added 4 new tools from Nirsoft
- Updated GUI
Helix 1.6: 07.March.2005
Linux Side:
- Removed many many packages (including kde/fluxbox)
- Uses XFce 4.02 Window Manager exclusively
- Wrote a new tool "Retriever" for finding Picture/Movies/Documents/Mail
- Updated PyFLAG to 0.74 and fixed DB errors
- Replaced GKrellm with Torsmo
- Boot now uses GRUB
- Added stego tools
- Outguess 0.2-5
- Stegdetect 0.5-6
- Added Intel IPW2200 drivers
- Tremendously updated Hardware detection scripts
- hwdate package
- pci.ids file
- pcitable file
- Updated the antivirus signatures and engines for ClamAV and F-Prot
- Added a GUI interface to ClamAV (clamscan) and F-Prot
- Adjusted the automount.sh script
- Added a filesystem overlay (Unionfs) so you can seemingly make writes to the CD.
- Added a custom 2.6.10 non preemptive kernel
- Added Regviewer
- Added chntpw
- Added grepmail 5.3030
- Updated rkhunter to 1.2.0
- Updated chkrootkit to 0.44-2
- Added logfinder 0.1 from EFF
- Added LVM / LVM2 support
- Rewrote the Helix users manual
Windows Side:
- Updated the Helix executable code
- Change the acquisition page to be easier
- Added Windows ME/98 shells
- Added new section to scan for Images/Pictures
- Added new tool RootKitRevealer from Sysinternals
- Updated Cygwin binaries
Helix 1.5: 12.December.2004
Linux Side:
- Removed Mozilla and all Mozilla components
- Replaced ROX file manager with Xfe 0.72
- Updated FireFox to 1.0 and added many extensions
- Updated PyFLAG to 0.72 and fixed DB errors
- Updated Sleuthkit to 1.73
- Updated Grab to 1.2.2
- Copied memdump to Linux Static Tools
- Added TSClient 0.132
- Added Tcltls 1.5.0-2 (Used for Sguil)
- Added Argus 2.0.6
- Added Chkrootkit 0.44
- Adjusted themes
- Fixed German menus in KDE (will display english now)
Windows Side:
- Updated the Helix executable code
- Updated the IR.sh scripts to account for variable paths
- Added HoverSnap (screenshot utility) from Hoverdesk
- Added PC Smart media recovery from Convar
- Added PC File recovery from Convar
Helix 1.5: 07.October.2004
Linux Side:
- Fixed GRAB code (had a dumb programming error) v 1.2.1
- Added glimpse 4.18.0
Windows Side:
- Updated Windows code for German users
Helix 1.5: 30.September.2004
Linux Side:
- Turned off java and javascript in firefox as it caused crashes on certain web pages
- Set up shells to automatically use logging
- Updated Autopsy/Sleuthkit to 2.03/1.72
- Fixed the Bash Shell to show a color difference between root and helix user
- Fixed the missing images in the Helix index.html page
- Fixed the fstab rebuild script
- Added the directory AddOn to /cdrom/ for user remaster files
- Added 2hash v 0.2 by Thomas Akin
- Added F-Prot Virus Scanner
- Added Sguil-0.5.2 Client
Windows Side:
- Updated dd Acuquistion page to be Interactive
- Helix now logs all activity by default
- Added 2hash v 0.2 by Thomas Akin
Helix 1.5: 07.September.2004
Linux Side:
- Update Base Helix Structure - updated all programs to latest version as of Sept 1, 2004
- Many major upgrades to hardware detection (default USB2 support, etc)
- Fixed IPW2100 Intel Centrino Drivers updated to ver 0.54
- Updated Kernels to 2.4.27 and 2.6.7
- Updated Captive-NTFS
- Added ClamAV Antivirus
- Added Aircrack 1.41
- Added Ghost for Linux
- Added lshw (Hardware Lister) under Forensic Tools
- Re-added German Language module and keyboard layouts for many other languages
- Updated firefox to 0.9.3
- Updated Autopsy/Sleuthkit to 2.02/1.71 with indexing patch. Also added to PATH
- Updated PyFLAG to 0.64
- Fixed execute bit on Static binaries
Windows Side:
- Major Update Improvement to User Interface
- Interface is now interactive meaning tools are no longer static. So a user can assign input for the tools such as WFT, etc.
- Multi-language support now built in. German and English are the only two active currently
- Updated all of the Windows utilities to latest versions as of 1 Sept 2004
- Updated FRED Scripts
- Updated Secreport from Alexander Kotkov http://kotkov.tripod.com/getinfo.zip
- Updated Documents
- Updated FAU from George M. Garner Jr to build Build 1034
- Update script files such as ir.bat, ir2.bat, cmdenv.bat, etc
- Added reg queries for Run keys for the Local User
- Added %~d0 to each item in the path so that the drive letter the script is run from is prepended to the item. This allows more flexible navigation within the CMD env.
- Updated the PATH to include all directories on the CD
- Added the following files FoundStone tools to \IR\Foundstone
- galleta.exe -- examines IE cookie files
- pasco.exe -- examines IE URL History
- rifiuti.exe -- examines the contents of the INFO2 recycle bin file
- NetSchedScan -- Remote Task Scheduler scanner
Helix 1.4: 04.July.2004
- Kismet Log Viewer 0.9.7
- Airtraf 1.1
- rkhunter 1.1.1
- idesk 0.5.6-2
- TcpTrack
- ipgrab 0.9.8-2
- logsh - console logging script
- Tweaked the mounting code to insure forensic integrity
- Updated captive-ntfs
- Added helix2hd install script
- Updated Fluxbox to use idesk instead of rox (rox is still the file Manager)
- Uses FireFox 0.9 instead of Mozilla
Helix 1.4: 03.June.2004
- Windows Side Autorun updated with new features
- Many fixes to source code
- Many updates in Incident Response & Forensic tools
- Updated to Autopsy 2.01 and Sleuthkit 1.70
- Updated IR scripts
Helix 1.4: 18.May.2004
- Kernel 2.4.26 (default) and Kernel 2.6.5 (as boot option) with ACPI enabled (use helix acpi=off in case of problems, helix26 to try Kernel 2.6)
- New wireless drivers for: ipw2100 ("Centrino"(TM)), madwifi
- New captive-ntfs installer
- Fluxbox 0.9.9
- /dev/modem setup tool supporting serial, USB, bluetooth and irda devices
- gprs connection tool
- Many improvements in hardware detection and new boot options, see helix-cheatcodes.txt
- Many updates in Incident Response & Forensic tools
- Updated to Autopsy 2.0 and Sleuthkit 1.69
- Updated IR scripts
- Updated FLAG to pyflag 0.62.
- Updated GRAB to ver 1.2
Helix 1.3.3b: 03.Feb.2004
- Fixed some buggy issues and cleaned up code. (Thanks Rob Lee, Mike Poor)
Helix 1.3.3: 01.Feb.2004
- Switched from syslinux to isolinux (no emulation) boot method
- Eliminated all windows managers except KDE & fluxbox. Fluxbox is default.
- Update nessus plugins
- If you have 640MB of RAM or more you run boot: helix toram and free up the CD drive
- patched orinoco driver is the default.
- Kismet updated to 3.0.1 and is pre-configured for orinoco on eth0
- all init scripts now check the helix home dir before copying from the CD.This means that if you're using a persistant home dir the init scripts act as restore scripts
- added many new tools and updated all existing tools
Helix 1.3.3: 01.Feb.2004
Helix 1.3.2: 23.Nov.2003 : initial Public beta release
Helix 1.3.1: 5.Sep.2003
Helix 1.3.0: 13.Aug.2003
Helix 1.2.0: 3.Jun.2003
Helix 1.1.1: 22.Apr.2003
Helix 1.0: 9.Feb.2003
|
|
 |
|
 |
|
|
Home
CD Contents
Downloads
Training
Changelog
Forums
Links
FAQ
Documents
Screenshots
