From db1157510b1f01752b231f3d7b8aef5d6ed18632 Mon Sep 17 00:00:00 2001 From: Mark Pulford Date: Mon, 17 Feb 2003 09:19:01 +0000 Subject: [PATCH] Add mac-robber 1.00, a tool for listing Modify, Access, Create timestamps from files. PR: 47011 Submitted by: Yonatan --- security/Makefile | 1 + security/mac-robber/Makefile | 22 ++++++++++++++++++++++ security/mac-robber/distinfo | 1 + security/mac-robber/pkg-descr | 11 +++++++++++ security/mac-robber/pkg-plist | 2 ++ 5 files changed, 37 insertions(+) create mode 100644 security/mac-robber/Makefile create mode 100644 security/mac-robber/distinfo create mode 100644 security/mac-robber/pkg-descr create mode 100644 security/mac-robber/pkg-plist diff --git a/security/Makefile b/security/Makefile index 6d67c08caa69..3e1589fb4c6c 100644 --- a/security/Makefile +++ b/security/Makefile @@ -123,6 +123,7 @@ SUBDIR += logcheck SUBDIR += lsh SUBDIR += lxnb + SUBDIR += mac-robber SUBDIR += mcrypt SUBDIR += mdcrack SUBDIR += mhash diff --git a/security/mac-robber/Makefile b/security/mac-robber/Makefile new file mode 100644 index 000000000000..5f50164724f4 --- /dev/null +++ b/security/mac-robber/Makefile @@ -0,0 +1,22 @@ +# Ports collection makefile for: mac-robber +# Date created: Jan 12 2003 +# Whom: Yonatan +# +# $FreeBSD$ +# + +PORTNAME= mac-robber +PORTVERSION= 1.00 +CATEGORIES= security +MASTER_SITES= http://www.atstake.com/research/tools/ + +MAINTAINER= Yonatan@xpert.com +COMMENT= A tool for listing Modify, Access, Create timestamps from files + +do-build: + cd ${WRKSRC}; ${CC} ${CFLAGS} -o mac-robber mac-robber.c + +do-install: + ${INSTALL_PROGRAM} ${WRKSRC}/mac-robber ${PREFIX}/bin + +.include diff --git a/security/mac-robber/distinfo b/security/mac-robber/distinfo new file mode 100644 index 000000000000..0812c6e09b70 --- /dev/null +++ b/security/mac-robber/distinfo @@ -0,0 +1 @@ +MD5 (mac-robber-1.00.tar.gz) = 4fa05cf85dd0d28c2780b6151b74f9f0 diff --git a/security/mac-robber/pkg-descr b/security/mac-robber/pkg-descr new file mode 100644 index 000000000000..1611afb1c094 --- /dev/null +++ b/security/mac-robber/pkg-descr @@ -0,0 +1,11 @@ +mac-robber is a Forensics & Incident Response tool used to collect +the Modified, Access, and Change (MAC) times from allocated files. +It recursively reads MAC times of files and directories and prints +them in 'time machine' format to STDOUT. This format is the same +that the mactime tool from The Coroners Toolkit (TCT) reads. + +mac-robber is based on the grave-robber tool from The Coroners +Toolkit (TCT) when using the '-m' flag, except it does not require +Perl! + +WWW: http://www.atstake.com/research/tools/forensic/ diff --git a/security/mac-robber/pkg-plist b/security/mac-robber/pkg-plist new file mode 100644 index 000000000000..98a05252dad5 --- /dev/null +++ b/security/mac-robber/pkg-plist @@ -0,0 +1,2 @@ +@comment $FreeBSD$ +bin/mac-robber