Archive for the ‘DEFT’ Category

DEFT 7.2 was released a couple of weeks ago.  Some highlights of this release:

  • Option to use DEFT as a virtual appliance based on Vmware 5 with USB3 support
  • Kernel 3.0.0-26
  • Autopsy 3 beta 5 (using Wine – please note that you need minimum 1GB ram)
  • Log2tmeline 0.65
  • Guymager 0.6.12-1
  • Vmfs support
  • Some mirror fixes


Also, YUMI was released last week.  You will have to un-install any previous versions of DEFT through the YUMI interface, then install DEFT 7.2 through the same interface.  It takes about 25 minutes total.  A quick note about installation – you will have to manually browse for the DEFT 7.2 .iso file (put in *.* under file name) as YUMI wants to install version 7.1, not 7.2.  I’ve tested it, and YUMI will boot DEFT 7.2 without any problems.  I’m actually using DEFT 7.2 from YUMI to simultaneously image 3 drives on our portable forensics box via Guymager right now as I’m typing.

DEFT 7.1 is my current “Live CD” of choice. Based on Ubuntu, DEFT is constantly updated to include the newest drivers (it even installed my 3rd party ExpressCard USB 3.0 port), allows commands to be executed to customize the kernel before starting the GUI, and has almost every open source tool that I use for digital forensics. My only complaints were how long it took to load and the response time once it was in the GUI. These complaints were directly connected to DEFT running on a DVD; the OS had to constantly task back and forth from the DVD, which made it crawl sometimes. So, I went on a hunt to install it onto a flash drive, thinking it would be a long and arduous task. I thought wrong. already had installers built to run Linux distributions straight off a flash drive. And one of those distributions was DEFT 7.1. Not only that, but there was one called Your Universal Multiboot Installer (YUMI) that allowed me to choose from multiple builds at startup.

Installation onto the USB flash drive took just a few minutes, and now my boot-up time in DEFT 7.1 is 5 times faster.  Plus, the GUI never intermittently crawls like it used to on DVD.  In addition, I can also choose from other builds I installed onto the flash drive, such as BackTrack, Clonezilla, and a number of others.  I don’t even boot off my hard drive anymore – I just use YUMI installed on my USB flash drive.  I highly recommend this for digital forensics, penetration testing, anti-virus cleaning, data recovery, and too much else to name.