setup.py: system-wide installation, missing package
by RB
I know 1.3 is Beta, but is there any reason setup.py references
"memory_objects.Linux" when it's not in the distribution? I'm
packaging this for my own purposes, and used the attached patch to
greatly minimize the amount of work I had to do for installation.
Now, I can use 'python setup.py install' and everything goes where one
would expect them to.
For system-wide installation purposes, it'd be even nicer if
volatility carved out its own namespace/hierarchy (i.e.
'volatility.forensics', 'volatility.vmodules') so as to lessen chance
of collision with other packages, but know that would likely end up
making an API change forcing plugin authors to accomodate.
RB
17 years
- 1
- 0
list open sockets?
by Jun Koi
Hi,
I am using Volatility to list the open sockets on my WinXP file image,
with command "sockets". It should display all the open sockets, like
"netstat -a" does, but it didnt display anything. Is that a bug, or
that is the way it supposes to work?
I tried with "sockscan" on the same image, and yes, this time it shows
a lot of open sockets. The problem is that this command is really
slow: it took a minute or so on a 400MB image.
Meanwhile, "sockscan2" is a lot faster: it returns information almost
immediately.
"connections", "connscan" and "connscan2" shows nothing. is that expected??
I suppose that "connections" and "sockets" are about the same thing.
is that correct?
Thanks,
Jun
17 years
- 2
- 2