The mounting policy for any internal or external devices adopted by CAINE: never mount automatically any device and when the user clicks on the device icon the system will mount it in read only mode on a LOOP device.
- When a user decide to mount a device through the Disk Mounter applet, it will always mounted with the following options: ro,loop,noatime,noexec (as shown in figure).
Disk Mounter applet and “mount” command output
- If the user decides to mount a device via terminal, he can use the “mount” command but all the mount options must be specified.
- If the user wants to mount and write on an NTFS media should instead use the "ntfs-3g" command (e.g., sudo ntfs-3g /dev/sda1 /media/sda1).
- sudo ntfs-3g /device-path /your-mount-point
You can redirect the output on an RW mounted device in these ways:
The ext3 driver will be ignored when ext2 and ext3 partitions are mounted in the future and the ext2 driver used instead. This protects any ext3 partitions from a forensic point-of-view. Ext2 does not use journaling, so when an ext3 partition is mounted, there is no danger of modifying the meta-data when increasing the count inside said journal.
Applying a special patch (Maxim Suhanov's patch) we fixed the bug, that changed the journal of the ext3/ext4 file system, when the computer was switched off not using the shutdown procedure. Fixed in the fstab: forbidding the auto-mounting of the MMCs and put a control for the "esotic names" like /dev/sdad1
Bash Scripts Tools directory:
the tools MUST be launched by sudo sh script_name.sh
2. LiveUSB issue
The guide to create the USB version of CAINE during the live session is here.
3. Language Support
The CAINE report supports the following languages: English, Italian, French, German and Portuguese. The translations of report template in French and German were kindly made by Guy Vucken, developer of Guymager, who previously cooperate with the team to integrate his forensic software inside CAINE. The Portuguese translation has been gently provided by Tony Rodrigues a portuguese Digital and Computer Forensics expert.
We hope to increase the number of translations in the future. If you wish to participate by providing the translation of the report in your language or if you report a translation mistake, please contact the CAINE team.
CAINE Live CD uses the USA keyboard layout. We suggest to change the layout using the program “Keyboard Preferences” in System -> Preferences, in the GNOME menu or using the command “sudo setxkbmap -layout xy” (xy = “it”, “gb”, “de”...) in the command line. BTW there is a launcher on the desktop.
In the CAINE TEXT MODE only, it is possible to change the keyboard layout by "sudo loadkeys xy" (xy = “it”, “gb”, “de”...)
4. CAINE building
CAINE Distro has been realized from Ubuntu Linux 8.04 using also Remastersys developed by Tony Brijeski and released with GNU GPL license, version 2.
