In this project, you will explore another free Linux forensics tool. The Digital Evidence and Forensics Toolkit (DEFT) was created at the University of Bologna, Italy.

1. Start a Web browser, if necessary, and go to www.deftlinux.net. Download the DEFT ISO file and the user's manual. Use the ISO file to create a bootable DVD. (You aren't installing it on your hard drive. You might need to change the BIOS to boot from the CD/DVD.)

2.Start DEFT. The opening window should look similar to figure 7-18. Click Start, DEFT.

3. Open the MountManager tool, and take a screenshot of this window for your report. In the DEFT 8 - Warning! message box, click I know what I am doing to continue. Next, click Start, DEFT. Point to hashing, and click Dhash2. Make a note (and provide a screenshot) of the types of hashes that are available, and then close this tool.

4. Click the Autopsy icon to open the Autopsy Forensic Browser Window and the text interface. Take a screenshot of these windows, and then exit both.

5. Click the Digital Forensic Framework (DFF) icon. Examine the interface to get an idea of what functions it has. If you have time, go to its website to learn more about it.

6. Finally, click the GHex icon. This tool is a simple hex and binary editor. Examine its interface, and take a screenshot.

7. Write a one- to three- page paper how this tool could be used in forensics and include your screenshot.