System administrators often face a necessity to perform some analytical and reconstructing works. In order to make your life easier and save some time and efforts, use efficient tools and software that will help you to accomplish your tasks much faster and without much haste and stress.
For a common user sysadmin is a wizard who can undo all harm caused by inappropriate usage of software or accidental click, restore data that was deleted and figure out what happened with files gone missing.
But sysadmins know that these tools can do even more:
- DEFT – an open source tool that will help you to create your own toolkit of analytical tools for Linux.
- Xplico – interesting network tool that assists admins in extracting app data from the Internet traffic. What is good in this open source tool is that it can work with different protocols.
- SANS SIFT – it is a CD packed with Ubuntu goodness – log2timeline, Rifiuti checks the recycle bin, Scalpel with data carving.
- Digital Forensic Framework – a tool that supports RAW, AFF and EWF file formats, finds and recovers deleted files, searches for hidden ones, checks the condition of file system data and can get access to remote devices.
- The Sleuth Kit – the tool for real detectives – it gives access to such depths of file systems that you could ever imagine.
- Mandiant RedLine – analytics tool for evaluation of network computers’ activities.
- Bulk Extractor. Really interesting tool that checks all images, files and directories and finds there credit cards numbers, emails and other essential information.
- FTK Imager – this tool creates a preview of all stored in folders and files on disks and checks content in memory dumps.
- Oxygen Forensic Suite 2013 Standard – helps to search for necessary information stored on the mobile phone.
- LastActivityView – extremely useful tool for admins as it shows the list of actions performed by user on certain PC. It helps to figure out what operations lead to issues with the computer and how to fix it.