Bienvenido! - Willkommen! - Welcome!

Bitácora Técnica de Tux&Cía., Santa Cruz de la Sierra, BO
Bitácora Central: Tux&Cía.
Bitácora de Información Avanzada: Tux&Cía.-Información
May the source be with you!

Monday, January 24, 2011

Helix 3 Pro

e-fense Inc. announces new management team
Helix3 vs Helix3 Pro
Helix2008R1.iso http://mirrors.cmich.edu/helix/
Source 
Helix 2009 R1 ISO locally hosted here.
Source
Windows mode
In this mode, Helix is used just as any other CD inside Windows. Double-click to launch the application. You'll be warned about your actions.
Windows warning
The Windows mode differs from the Linux side in being a floating application rather than a complete operating system. Therefore, the navigation is a little different.
First, you have the Quick Launch.
Quicklaunch
Then, there is the Page menu, which allows you to browse different categories of tools.
Pages
The Windows side contains a broad range of highly useful utilities.
The Incident Response page is particularly rich, with lots of excellent programs. Did I say you should be knowledgeable and extremely careful when running these tools, as you can very easily obliterate your system and even cause significant damage to the LAN? There, I said it.
Windows tools 1
An entire section is dedicated to viewing (and retrieving) passwords, cookies and logs.
Windows tools 2
You also have tools for auditing of the system, remote connection (including VNC, SSH), file recovery, and rootkit scanning.
Windows tools 3
Like in Linux, it is possible to acquire entire disk drives (and even the physical memory).
Windows tools 4
You can also browse contents of files and folders, calculate hashes, check time stamps, and more. This allows you to look for suspicious, clandestine activities in your data archives.
Windows tools 5
As mentioned earlier, you can run full audits of your system.
Audit
Conclusion Helix is a highly useful toolbox. The dual mode is especially valuable, since quite a few system administrators are not that proficient in Linux. Furthermore, it allows Helix users to approach Windows-related problems with several methods, first trying to cope with problems while still logged in Windows and then escalating to the Linux live CD mode.
Helix is a stable, complete package, with a broad range of great utilities that will significantly increase your ability to respond to problems, threats and incidents in your environment.
For more details about forensics in general, please see the Introduction.

No comments: