Help on ForensiX:

ForensiX is a program designed to assist the digital forensic analyst by
automating some of the common tasks involved in search and analysis of
digital evidence.  The ForensiX program operates exclusively within the
Linux operating environment, and using the capabilities of that
environment provides capabilities to:

Collect Forensic Evidence:
	Image disks and disk partitions
	Collect IP traffic from an Ethernet
	Collect data from Web and other Internet sites
	Cryptographically checksum (i.e., fingerprint) colelcted data
	Compress and store evidence on diverse media
	Track and timestamp the evidence collection process
	Collect evidence in a 'read-only' mode without alteration

Analyze Forensic Evidence:
	Mount and review disk imaged contents in a READ ONLY mode
		From MAC, DOS, WIN, UNIX, and other file systems
		From tapes, ethernets, CDROMS, and other media
	Examine deleted areas, unused areas, end of block areas,
		'bad sectors' and ALL OTHER AREAS of these media
	Reformulate TCP data into sessions between IP address pairs
	Search for strings or regular expressions
	Rapidly find and examine image files
	Play sound files
	Unzip, Uncompress, Deflate, and otherwise handle compressed files
	Do this process while assuring integrity of original images

Document the process:
	Add comments to the process
	Track the process automatically
	Rerun the analysis processes
	Demonstrate system integrity
