Mac System Setup Guide (Pre-Class)



Similar documents
How to install and use the File Sharing Outlook Plugin

TSM for Windows Installation Instructions: Download the latest TSM Client Using the following link:

RLM Server Guide. For Macintosh and Windows

Computer Science and Engineering MacOS Cisco VPN Client Installation and Setup Guide

Installation Guidelines (MySQL database & Archivists Toolkit client)

Setting Up a Windows Virtual Machine for SANS FOR526

EBSCO MEDIA FILE TRANSFER SOFTWARE INSTALLATION INSTRUCTIONS

1. Product Information

Online Backup Client User Manual Linux

Disabling Microsoft SharePoint in order to install the OneDrive for Business Client

Installing the Android SDK

FTP Over SSL (FTPS) Core FTP LE. Installing Core FTP LE"

Online Backup Client User Manual

Online Backup Client User Manual Mac OS

Online Backup Client User Manual Mac OS

Getting Started using the SQuirreL SQL Client

Knappsack ios Build and Deployment Guide

Adobe Reader Settings

Local Caching Servers (LCS): User Manual

Installing FEAR on Windows, Linux, and Mac Systems

BioDiscovery Product Activation Group Floating Windows

It is recommended that you use a clean installation of Lion client before upgrading to Lion Server.

VPN User Guide. For Mac

Online Backup Client User Manual

MY WORLD GIS. Installation Instructions

RecoveryVault Express Client User Manual

FUGU - SFTP FOR MACS- REFERENCE GUIDE

How To Sync Google Drive On A Mac Computer With A Gmail Account On A Gcd (For A Student) On A Pc Or Mac Or Mac (For An Older Person) On An Ipad Or Ipad (For Older People) On

ANYWHERE POLLING - POLLING WITH A QUESTION LIST

MAMP 3 User Guide! March 2014 (c) appsolute GmbH!

Android Development Setup [Revision Date: 02/16/11]

Uninstalling the software Uninstallation procedure is different between Mac OS X 10.5 and 10.6 & Please follow the instruction below.

Murus Logs Visualizer. User Manual

How To Use Senior Systems Cloud Services

Online Backup Linux Client User Manual

Other documents in this series are available at: servernotes.wazmac.com

Standard Client Configuration Requirements

Installing the Virtual Desktop Application (MAC)

Online Backup Client User Manual

Installing C++ compiler for CSc212 Data Structures

XConsole GUI setup communication manual September 2010.

M a r k B o o k C Y, M a r k B o o k A M, v e r s i o n, e d i t i o n. MarkBook for Windows on a Mac 1

Shearwater Research Dive Computer Software Manual

Frequently Asked Questions for the USA TODAY e-newspaper

POOSL IDE Installation Manual

Setting Up Your Android Development Environment. For Mac OS X (10.6.8) v1.0. By GoNorthWest. 3 April 2012

Dynamics CRM 2011 Outlook Configuration Guide With Windows XP

YubiKey OSX Login. yubico. Via Yubico-PAM Challenge-Response. Version 1.6. October 24, 2015

SAPIP GUI INSTALLATION. Table of Contents

Docufide Client Installation Guide for Windows

Adept Backup Solution - Storegrid Apple Mac OS X Client Setup. Supported Apple Mac OS X Operating Systems

How to Configure Windows 8.1 to run ereports on IE11

TakeMySelfie ios App Documentation

ADOBE DRIVE CC USER GUIDE

Batch Eligibility Long Term Care claims

Installing TestNav Mac with Apple Remote Desktop

Citrix Receiver 11.8 for Macintosh OS X

SQL EXPRESS INSTALLATION...

White Label ios Application Installation and Customization Guide

MERLIN SERVER. The Quick Start Guide for collaborative project management ProjectWizards GmbH, Melle, Germany. All rights reserved.

ODBC Driver Version 4 Manual

Downloading, Installing, and Updating Sophos Anti-Virus

CenterLight Remittance Reader Installation Guide(64 bit) CenterLight Remittance Reader Installation Guide (64 bit) Page 1 of 15

BioWin Network Installation

Installing Sun's VirtualBox on Windows XP and setting up an Ubuntu VM

Installing (1.8.7) 9/2/ Installing jgrasp

5.6.2 Optional Lab: Restore Points in Windows Vista

Enterprise Apple Xserve Wiki and Blog using Active Directory. Table Of Contents. Prerequisites 1. Introduction 1

Primavera P6 Professional Windows 8 Installation Instructions. Primavera P6. Installation Instructions. For Windows 8 Users

ELECOM Mouse Assistant Macintosh version

NS Financials. Client Platform Guide for Mac Using Safari Incl Citrix Setup As A Local Client

How to File the FBAR Electronically. The following steps describe the process of filing an FBAR electronically with our system.

Instructions for Configuring Your Browser Settings and Online Security FAQ s. ios8 Settings for iphone and ipad app

XF Extracellular Flux Analyzer. Installation and Troubleshooting Guide

Installing FileMaker Pro 11 in Windows

How To Configure CU*BASE Encryption

ios App for Mobile Website! Documentation!

Installing and Configuring Microsoft Dynamics Outlook Plugin to Use with ipipeline MS CRM

Wireless Printing Setup Guide

Installation Guide for Kurzweil 3000 Web License (Visual Walkthrough) Macintosh Version 14

Using a login script for deployment of Kaspersky Network Agent to Mac OS X clients

Signiant Agent installation

Installing Basic PAYE Tools onto a networked computer

How to use

Using Free PGI and Xcode

CODESOFT Installation Scenarios

Java. How to install the Java Runtime Environment (JRE)

INSTALLATION INSTRUCTIONS FOR UKSSOGATEWAY

How to Configure Windows 7 to run ereports on IE 11

RE:Open for SQL Anywhere. Installation Guide. RE:Open for SQL Anywhere Installation Guide 1

Contents. Hardware Configuration Uninstalling Shortcuts Black...29

Dial-up Installation for CWOPA Users (Windows Operating System)

VPN: Virtual Private Network Setup Instructions

Administering FileVault 2 on OS X Lion with the Casper Suite. Technical Paper July 2012

Microsoft Entourage 2008 / Microsoft Exchange Server Installation and Configuration Instructions

Setting up a Mac on the CU network

DOE VPN Client Installation and Setup Guide March 2011

Quick Start Using DASYLab with your Measurement Computing USB device

PC Troubleshooting Steps

Transcription:

Mac System Setup Guide (Pre-Class) Objectives Download Prep File Located here: http://dfir.to/for518-prep Install required software for FOR518 Mac Forensic Analysis Class Preparation This exercise should take approximately 1 hour, including download time. Xcode is very large will take a long time to download; depending on your connection the exercise could take longer. You may use your host system or a virtual machine, however this setup has not been fully tested in a VM. If you choose to go this route, please be aware that not all tools may work as intended. ***NOTE: It is very important that steps 1-5 are following in order to ensure proper software installation.*** You may download the files at their respective websites listed or you may download an archive of these files at the provided SANS link here: http://dfir.to/for518-prep Gatekeeper Settings: Some installer files are from unidentified developers. Users may allow these files to be installed by Control+clicking the installer file and choosing Open. A window will pop-up, select Open.

To permanently change this setting, navigate to the Security & Privacy Preferences Panel (Apple Menu System Preferences Security & Privacy General Tab). Select Anywhere under Allow apps downloaded from:. This may require Administrative privileges. 1. Xcode If you have not already done so, register for an Apple Developer Account here. It requires an Apple ID, if you do not have one you may also register for one at https://developer.apple.com/register/ 1. Please download the latest Xcode available for your system from the App Store or https://developer.apple.com/downloads/ 2. Please download the latest Command Line Tools (for your version of OS X) from https://developer.apple.com/downloads/ 3. Install Xcode (Note: This will take a while, grab some coffee) i. If installing via App Store, installation will be done for you.

ii. If installing via DMG file, open the DMG file and drag the application to the /Applications directory. 4. Install Command Line Tools i. Open the DMG file, double-click the package installer and follow the default prompts. 2. OS X FUSE 1. Download OSXFUSE 2.6.* from http://osxfuse.github.io/ 3. libewf 1. Download libewf-20131230.tar.gz (or newer) from http://googledrive.com/host/0b3fbvzttpiismtdoavexwwnsrjg/ or http://code.google.com/p/libewf/ (click on the Downloads link on the righthand side) 2. Locate and open the Terminal.app from /Applications/Utilities/ 3. Use the cd command to open the default Downloads directory. 4. Use the tar command to unpack the libewf-20131230.tar.gz file. 5. Once unpacked, cd into the libewf-20131230 directory. 6. Configure and install libewf using the commands:./configure; make; sudo make install. 7. A summary screen will be shown to you once complete. Ensure the Fuse support equals yes. You may need to exit this Terminal window and install again if it shows no. $ cd ~/Downloads $ tar -xvf libewf-20131230.tar.gz $ cd libewf-20131230 $./configure $ make $ sudo make install 4. xmount v0.5.0 1. Download xmount-0.5.0-x86_64.pkg (or newer) from http://www.pinguin.lu/ a. Click the XMOUNT link on the right side under Projects. b. Download the package labeled, Mac OS X 64bit package 5. The Sleuth Kit 1. Download sleuthkit-4.1.3.tar.gz (or newer) from http://sourceforge.net/projects/sleuthkit/ 2. Locate and open the Terminal.app from /Applications/Utilities/ 3. Use the cd command to open the default Downloads directory.

4. Use the tar command to unpack the sleuthkit-4.1.3.tar.gz file. 5. Once unpacked, cd into the sleuthkit-4.1.3.tar.gz directory. 6. Configure and install sleuthkit using the commands:./configure; make; sudo make install 7. Ensure the install was successful and the libewf package was recognized by executing the mmls command. a. If you do not see the string ewf (Expert Witness format (encase)) in this list something went wrong. Please attempt to reinstall libewf and The Sleuth Kit. $ cd ~/Downloads $ tar -xvf sleuthkit-4.1.3.tar.gz $ cd sleuthkit-4.1.3 $./configure $ make $ sudo make install $ mmls i list 6. exiftool 1. Download ExifTool-9.48.dmg (or newer) from http://www.sno.phy.queensu.ca/~phil/exiftool/ 7. Synalyze It! 1. Download Synalyze It! Pro Trial from http://www.synalysis.net/downloads/. This is a 30 trial; you may also purchase the non-pro version for $6.99 from the App Store. 2. If purchased from the App Store, it will install automatically. 3. If you downloaded the trial, unzip the file and move the application to your /Applications directory. 8. Firefox & SQLite Manager Add-on 1. Firefox a. Download the latest version of Firefox from firefox.com. b. Open the DMG file, drag the Firefox application to the /Applications directory. 2. SQLite Manager Add-on a. From Firefox, download from http://addons.mozilla.org/en- US/firefox/addon/sqlite-manager/ b. Click the green + Add to Firefox button, press the Install Now button, and restart Firefox. i. To ensure successful installation, go to Tools in the menu you should see SQLite Manager.

9. Hex Editors You may choose your favorite, these are recommended: i. Hex Fiend 1. Download from http://ridiculousfish.com/hexfiend/ 2. Unzip and move the application to the /Applications directory. ii. 0xED 1. Download from http://www.suavetech.com/0xed/ 2. Open the BZip2 archive by double clicking, then move the application to the /Applications directory. 10. ibackupbot 1. Download ibackupbot for Mac Trial from http://www.icopybot.com/download.htm 2. Open the DMG file, drag the ibackupbot application to the /Applications directory. 11. Spotlight Inspector 1. Download the OSX version (select the appropriate checkbox) of Spotlight Inspector from http://www.504ensics.com/tools/digital-forensics-tool-spotlightinspector/ a. This will require you to input and name and email. 2. Double-click to unzip the archive. 3. Unzip and move the application to the /Applications directory. 12. The Unarchiver 1. Download The Unarchiver from the Mac App Store or from http://unarchiver.c3.cx/unarchiver, under the Links heading. 2. Double-click to unzip. 3. Drag the Unarchiver.app file to the /Applications directory. 13. Create a FOR518 directory The exercises for this class will reference a FOR518 folder in the user s home directory to dump various files for use in other exercises. (~/FOR518) Please create a directory named FOR518. You do not have to create it in your home directory, but be sure to remember where it is. The command below shows how to create this folder in your home directory. You may also use the GUI interface to do this. $ mkdir ~/FOR518

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information