Blog: SANS Digital Forensics and Incident Response Blog

Blog: SANS Digital Forensics and Incident Response Blog

Faster SIFT 3.0 Download and Install #DFIR #SIFT3

Having trouble downloading new SIFT 3.0? We are experiencing heavy traffic currently. Try bootstrap install option.
  • Download and install.http://releases.ubuntu.com/12.04/ubuntu-12.04.4-desktop-amd64.iso
  • Open terminal
  • Type:wget --quiet -O - https://raw.github.com/sans-dfir/sift-bootstrap/master/bootstrap.sh | sudo sh -s -- -i -s -y
  • There will be a couple of times it will ask you a few questions. Easy to answer.
  • Takes about 20 minutes to install from bootstrap.

This is the same version that was installed in the VM and will probably be quicker for you to setup.


Finally, this shows off our new packaging manager -- when new releases come out -- when you get update and upgrade -- they will be switched to latest tool versions.


Happy hunting.


Discuss your experiences with SIFT using the #SIFT3 hashtag.

1 Comments

Posted May 23, 2014 at 12:37 AM | Permalink | Reply

BJ

It appears that the "log2timeline-sift" command no longer works in v3.0 so the cheatsheet provided on the desktop cannot be followed any longer. As a linux novice it would be great if you guys could provide a blog post with the new commands.

Post a Comment






* Indicates a required field.