
Xplico 0.6.1 for Fedora 11, 12, 13, and 14
Folks:
I have built and released Xplico 0.6.1 for Fedora 11 (i386), 12 (i386 and x86_64), 13 (i386 and x86_64), and 14 (i386 and x86_64). You can find it at the CERT Linux Forensics Tools Repository (
http://www.cert.org/forensics/repository/). Follow the directions to connect to the repository and then do
I took lots of time (because I had to) to make the installation preserve an existing database. With the addition of additional configuration files in the database creation script, i needed to see if in fact these tables were missing from the database, in which case they needed to be added. Here is the post install script:
Code:
/sbin/chkconfig --add xplico
DB=/opt/xplico/xplico.db
cd /opt/xplico/script/db/sqlite
if [ -e $DB ]; then
echo "Preserving previous Xplico database"
service xplico status | grep -q running
XPLICO_SERVER_STATUS=$?
if [ "$XPLICO_SERVER_STATUS" -eq 0 ]; then
service xplico stop
fi
if echo .tables | sqlite3 $DB | grep -q '\<msn_chats\>'
then
echo "Database $DB already has msn_chats table"
else
echo -n "Adding msn_chats table to $DB..."
sqlite3 $DB < msns.sql
echo "done"
fi
if echo .tables | sqlite3 $DB | grep -q '\<paltalk_rooms\>'
then
echo "Database $DB already has paltalk_rooms table"
else
echo -n "Adding paltalk_rooms table to $DB..."
sqlite3 $DB < paltalks.sql
echo "done"
fi
echo -n "Turning foreign_keys on in database $DB..."
echo "PRAGMA foreign_keys = ON;" | sqlite3 $DB
echo "done"
echo -n "Value of auto_vacuum in database $DB is "
echo "PRAGMA auto_vacuum ;" | sqlite3 $DB
if [ "$XPLICO_SERVER_STATUS" -eq 0 ]; then
service xplico start
fi
else
echo "Creating new Xplico database"
sh create_xplico_db.sh /
fi
if [ -f /usr/bin/pcl6 ]; then
cp -p /usr/bin/pcl6 /opt/xplico/bin
fi
if [ -f /usr/bin/videosnarf ]; then
cp -p /usr/bin/videosnarf /opt/xplico/bin
fi
This release and the previous one (0.6.0) install the code necessary to use the Web interface. I've also provided an init script (that goes in
/etc/init.d/xplico) that is based on the Ubuntu startup script.
Please provide any comments and feedback to
lrr@cert.org. With the holidays coming up, I may not be in a position to respond immediately but I will try.
Thanks!
Lawrence R. Rogers
Senior Member, Technical Staff
Member:
Digital Investigations and Intelligence (
http://www.cert.org/forensics)
Survivability and Information Assurance (SIA) Curriculum Development Team (
http://www.cert.org/sia)
CERT Certified Computer Security Incident Handler
GIAC Certified Forensics Analyst
CERT Program*
Software Engineering Institute
Carnegie Mellon University
4500 Fifth Avenue
Pittsburgh, PA 15213
lrr@cert.orglrr@sei.cmu.edulrr@cmu.eduPhone: 412-268-8042 (Direct)
FAX: 412-268-9260
KeyID: 0x16441F81 (RSA)
Fingerprint: C851 9DA0 0BC8 2B6F E0C4 DB15 CF3B 92D4
http://pgp.mit.edu:11371/pks/lookup?op= ... 0x16441F81KeyID: 0xF8546B01 (DSA)
Fingerprint: 002C B634 E913 9EF1 EEE3 8B4F 8313 51B0 F854 6B01
http://pgp.mit.edu:11371/pks/lookup?op= ... 0xF8546B01* CERT is registered in the U.S. Patent and Trademark Office by Carnegie Mellon University.