How To Install lime-forensics-dkms on Ubuntu 20.04

Introduction

In this tutorial we learn how to install lime-forensics-dkms on Ubuntu 20.04.

What is lime-forensics-dkms

lime-forensics-dkms is:

LiME (Linux Memory Extractor, formerly DMD) is a Loadable Kernel Module (LKM), which allows the acquisition of volatile memory (RAM) from Linux and Linux-based devices, such as those powered by Android. In others words, you can use it to get a memory image from a machine.

The tool supports acquiring memory either to the file system of the device or over the network. LiME is unique in that it is the first tool that allows full memory captures from Android devices. It also minimizes its interaction between user and kernel space processes during acquisition. It will produce memory captures that are more forensically sound than those of other tools designed for Linux memory acquisition. The dump format provided as “lime” is fully compatible with volatility framework.

This package provides the source code for the lime-forensics kernel modules to be build with dkms.

Kernel source or headers are required to compile these modules.

Package: lime-forensics-dkms Architecture: all Version: 1.9-1 Priority: optional Section: universe/kernel Source: lime-forensics Origin: Ubuntu Maintainer: Ubuntu Developers [email protected] Original-Maintainer: Debian Security Tools [email protected] Bugs: https://bugs.launchpad.net/ubuntu/+filebug Installed-Size: 52 Provides: lime-forensics Depends: dkms (>= 2.1.0.0) Recommends: linux-headers-amd64 | linux-headers-686-pae | linux-headers-686 | linux-headers-arm64 | linux-headers-armmp | linux-headers-loongson-3 | linux-headers-marvell | linux-headers-octeon | linux-headers-powerpc64le | linux-headers-s390x | linux-headers Suggests: volatility Enhances: volatility Filename: pool/universe/l/lime-forensics/lime-forensics-dkms_1.9-1_all.deb Size: 13168 MD5sum: 86ef1ca8cfc41a1acff418fa95650640 SHA1: 442a58b58e8dde44e104cd4d4eb8ebab862c7072 SHA256: 9a719104bfa416544ee1a939b110592c31086e7bd7ae01cc7b84e6a881356027 Homepage: https://github.com/504ensicsLabs/LiME Description-en: kernel module to memory dump (DKMS) LiME (Linux Memory Extractor, formerly DMD) is a Loadable Kernel Module (LKM), which allows the acquisition of volatile memory (RAM) from Linux and Linux-based devices, such as those powered by Android. In others words, you can use it to get a memory image from a machine.

The tool supports acquiring memory either to the file system of the device or over the network. LiME is unique in that it is the first tool that allows full memory captures from Android devices. It also minimizes its interaction between user and kernel space processes during acquisition. It will produce memory captures that are more forensically sound than those of other tools designed for Linux memory acquisition. The dump format provided as “lime” is fully compatible with volatility framework.

This package provides the source code for the lime-forensics kernel modules to be build with dkms.

Kernel source or headers are required to compile these modules.

There are three methods to install lime-forensics-dkms on Ubuntu 20.04. We can use apt-get, apt and aptitude. In the following sections we will describe each method. You can choose one of them.

Install lime-forensics-dkms Using apt-get

Update apt database with apt-get using the following command.

sudo apt-get update

After updating apt database, We can install lime-forensics-dkms using apt-get by running the following command:

sudo apt-get -y install lime-forensics-dkms

Install lime-forensics-dkms Using apt

Update apt database with apt using the following command.

sudo apt update

After updating apt database, We can install lime-forensics-dkms using apt by running the following command:

sudo apt -y install lime-forensics-dkms

Install lime-forensics-dkms Using aptitude

If you want to follow this method, you might need to install aptitude first since aptitude is usually not installed by default on Ubuntu. Update apt database with aptitude using the following command.

sudo aptitude update

After updating apt database, We can install lime-forensics-dkms using aptitude by running the following command:

sudo aptitude -y install lime-forensics-dkms

How To Uninstall lime-forensics-dkms on Ubuntu 20.04

To uninstall only the lime-forensics-dkms package we can use the following command:

sudo apt-get remove lime-forensics-dkms

Uninstall lime-forensics-dkms And Its Dependencies

To uninstall lime-forensics-dkms and its dependencies that are no longer needed by Ubuntu 20.04, we can use the command below:

sudo apt-get -y autoremove lime-forensics-dkms

Remove lime-forensics-dkms Configurations and Data

To remove lime-forensics-dkms configuration and data from Ubuntu 20.04 we can use the following command:

sudo apt-get -y purge lime-forensics-dkms

Remove lime-forensics-dkms configuration, data, and all of its dependencies

We can use the following command to remove lime-forensics-dkms configurations, data and all of its dependencies, we can use the following command:

sudo apt-get -y autoremove --purge lime-forensics-dkms

References

• lime-forensics-dkms website
• lime-forensics-dkms on packages.ubuntu.com

Summary

In this tutorial we learn how to install lime-forensics-dkms package on Ubuntu 20.04 using different package management tools: apt, apt-get and aptitude.