Easier installation of log2timeline
I decided to make the installation of log2timeline a bit easier, since I know that the installation of all those Perl libraries can be a burden sometimes, especially since most packaging systems don’t have all of the libraries in their repositories. So I started out creating an Ubuntu repository that contains not only log2timeline but also the Perl libraries that are not part of the standard distribution. All you need to do is to add the following line to the /etc/apt/sources.list file:
deb http://log2timeline.net/pub/ karmic main
Then to get apt to accept my GPG key you need to download it from here (MD5/SHA256) and make apt use it by issuing the command:
apt-key add gpg.asc
This is it… now you should be able to use the repository and simply issue the command:
apt-get update
apt-get install log2timeline-perl
And all the dependencies should be fixed and you have a working copy of log2timeline on your Ubuntu box, as simple as that. The only problem I’ve had so far is that I’m only distributing the code in the i386 and all architectures, so for those that are using a different architecture (let’s say amd64) you need to either download the “all” package or use the good old manual installation until I’ve added your architecture to the repository.
In other news, if you are using Fedora, you should be able to use the CERT repository. They are maintaining a Fedore repository for forensics tools. So if you are using a Fedora machine, all you need to do is to follow the instructions given here and then issue
yum install log2timeline
And all dependencies will be sorted out for you. Couldn’t be simpler to get it installed.
The next step would be to make the code OS neutral and create a working Windows executable to distribute, since there are still some parts of the code that are *NIX only, such as problems with the / vs. \ and the use of temporary directories, all minor issues but need to be solved nonetheless. And it would be nice as well to add a macports package as well, to make installation easier on the Mac OS X platform, something to work on in the near future…
And check out the new post from Chris talking about timescanner. He got timescanner to run on Windows, although I can see in the output that not all of the code seem to work, such as getting the username for some of the input modules. This is most likely to do with the / vs. \ problem (*NIX vs. WIN), so this is one of the issues I need to fix to get the tool to properly run on the Windows platform.