Kabo e khethehileng ea Linux, CAINE 11.0, e lokollotsoe, e etselitsoeng ho etsa tlhahlobo ea forensic le ho batla tlhahisoleseling e patiloeng. Mohaho ona oa Live o thehiloe ho Ubuntu 18.04, o tšehetsa UEFI Secure Boot, le likepe tse nang le Linux 5.0 kernel.
Kabo e u lumella ho sekaseka tlhahisoleseling e setseng ka mor'a ho qhekella lits'ebetsong tsa Unix le Windows. Setsi se kenyelletsa palo e kholo ea lisebelisoa tsa mosebetsi. Ka thoko, re hlokomela sesebelisoa se ikhethileng sa WinTaylor bakeng sa tlhahlobo ea OS ho tsoa Redmond.
Lisebelisoa tse ling li kenyelletsa GtkHash, Air, SSdeep, HDSentinel, Bulk Extractor, Fiwalk, ByteInvestigator, Autopsy, Foremost, Scalpel, Sleuthkit, Guymager, DC3DD, hammoho le mangolo a mookameli oa faele ea Caja, a u lumellang hore u hlahlobe likarolo tsohle tsa FS, ho akarelletsa le li-partitions tsa disk, ngoliso ea Windows, metadata le lifaele tse hlakotsoeng.
Sistimi e ncha e ts'ehetsa ho hlongoa ha li-partitions ka mokhoa o ikhethileng. Kabo e boetse e fokotsa nako ea boot, 'me setšoantšo sa boot se ka kopitsoa ho RAM. Lisebelisoa tse ekelitsoeng bakeng sa ho fumana data ho tsoa litsing tsa memori le tlhaiso-leseling e setseng ho tsoa litšoantšong tsa disk.
U ka khoasolla sehlahisoa se secha sehokelong. Kabo e tla ba molemo ho batsamaisi ba sistimi, litsebi tsa forensics tsa likhomphutha, litsebi tsa forensic le litsebi tsa ts'ireletso ea tlhahisoleseling.
Source: linux.org.ru