Professional Documents
Culture Documents
CSI Linux
CSI Linux
CSI Linux
• CSI Linux Investigator contains all 3 of the CSI Linux Virtual Machines. When you download this, it will
automatically setup and load them into VirtualBox.
• CSI Linux Analyst is the main investigation workstation that is used for digital forensics.
• CSI Linux Gateway is required to send all CSI Linux Analyst traffic through Tor and protect the source IP
addresses. This is to keep the anonimity of users and minimize potential back tracing of the investigators.
• CSI Linux SIEM is used for Incident Response and Intrusion Detection. This can be used as a stand
alone or with CSI Linux Analyst for a more indepth analysis.
The download has been packaged in a VirtualBox appliance OVA. You must install VirtualBox
(https://www.virtualbox.org/wiki/Downloads) first, install the VirtualBox Extension Pack, then run the downloaded
OVA file. This will take a few minutes to build. The current appliance comes with CSI Linux Analyst, CSI SIEM,
and CSI Gateway.
The individual VMs have been packaged in VirtualBox appliance OVAs. There are three download links, one for
each. You must install VirtualBox (https://www.virtualbox.org/wiki/Downloads) first, install the VirtualBox
Extension Pack, then run the downloaded OVA file. This will take a few minutes to build each one.
Whonix (CSI Linux Gateway will be up soon, use Whonix while you wait)