CAINE 3.0 review

A couple of the forensics applications are bash scripts that must be run from a shell terminal, while the rest have graphical interfaces. There is, for example, AIR (Automated Image & Rescue), which is actually a graphical frontend for dd and dc3dd. dd id a file converter and copier, while dc3dd is dd enhanced with features for digital forensics – on-the-fly hashing, split output files, pattern writing, progress meter, and file verification. The main interface of AIR is shown below.
Caine AIR

Another interesting application in CAINE 3 is Autopsy, a browser interface to the command-line tools available in The Sleuth Kit (TSK). TSK, designed for investigative analysis of disk images, is powerful stuff, and there is a version called Sleuth Kit Hadoop, which integrates TSK into a Hadoop cluster. It was initially funded by the US Army Intelligence Center of Excellence (USAICoE).

These applications may be accessed individually, or you can use a graphical application called Caine interface, which provides a single-hop interface for using the installed forensic applications. The next five screen shots show the windows of the Caine interface:

This is the main interface. Pressing Create Report prompts you for authentication.

Upon successful authentication, you then see this:
Caine Interface

The Collection tab.
Caine Interface

Analysis tab.
Caine Interface

Report tab.
Caine Reports

Aside from the Caine interface, all the other applications are already in the repository of your favorite distribution, but the Caine interface just makes the distribution a lot easier to use for what it is designed for. So like BackTrack, CAINE is one of those distributions you might want to dual-boot with your regular distribution on an external drive or install in a virtual environment, if you are interested in digital forensics.

Resources: You may download a 32-bit installation image of CAINE 3 from here (there is no 64-bit installation image). A complete list of applications, both forensics-specific and standard, installed on CAINE 3, is available here.

Screen Shots: More screen shots from a test installation of CAINE 3.0.

CAINE 3’s GRUB menu.
Caine 3 GRUB Menu

The default CAINE 3.0 MATE desktop
Caine 3 MATE Desktop

The desktop with the menu showing installed applications in the System Tools category.
Caine 3 Desktop

Firefox is the only installed application in the Internet category.
Caine 3 Desktop

The desktop with the menu showing installed graphics applications.
Caine 3 Desktop

Related Posts

Jolicloud 1.0 review As the name suggests, Jolicloud is a cloud-based operating system. It is derived from the desktop edition of Ubuntu 9.04, and is the first stable and ...
Ubuntu 10.10 review Ubuntu 10.10, aka Maverick Meerkat, is the latest stable release of the Debian-based Linux distribution. This is the second and the last release for t...
Ubuntu 11.10: Screenshot preview Ubuntu 11.10 Alpha 2 was recently released for the brave and adventuresome to test. I did not do much of a testing, but ran the system in a virtual en...
OpenMandriva Lx 2013.0 review OpenMandriva Lx 2013 is the first stable edition of OpenMandriva, a distribution that is a continuation of what used to be Mandriva Desktop. Like ...
Zentyal 2.0 review Zentyal, formerly known as eBox Platform, is a multi-purpose Linux distribution based on Ubuntu server. It can function as a network gateway, unified ...
Debian 6 review Debian 6.0, aka Debian "Squeeze", is the latest stable release of Debian. It was made available for download earlier this month. In Debian country, a...

We Recommend These Vendors and Free Offers

ContainerizeThis 2016 is a free, 2-day conference for all things containers and big data. Featured, will be presentations and free, hands-on workshops. Learn more at

Launch an SSD VPS in Europe, USA, Asia & Australia on Vultr's KVM-based Cloud platform starting at $5:00/month (15 GB SSD, 768 MB of RAM).

Deploy an SSD Cloud server in 55 seconds on DigitalOcean. Built for developers and starting at $5:00/month (20 GB SSD, 512 MB of RAM).

Want to become an expert ethical hacker and penetration tester? Request your free video training course of Online Penetration Testing and Ethical Hacking

Whether you're new to Linux or are a Linux guru, you can learn a lot more about the Linux kernel by requesting your free ebook of Linux Kernel In A Nutshell.

One Comment

  1. First;
    “It is now a project of Digital Forensics for Inter-department Center for Research on Security (CRIS) at the same university.”

    It’s not true…since 2009 I’m the project manager as you can read in Caine’s website everywhere

    And….a forensic distro like Caine is not only an Ubuntu filled of many forensic tools…there are many patches for avoiding the changes to attached devices, as the forensic best practices suggest…write blocking etc.

    Thank you for your review and have a nice day 😉

Leave a Comment

Your email address will not be published. Required fields are marked *