What tools have you read or heard about that run

What tools have you read or heard about that run on UNIX or Linux. Do these tools have similar functionality to tools you are familiar with that run on other platforms?

  • Do the UNIX or Linux tools provide protection against hostile code or viruses?
    • If so, how is it used to protect against hostile code or viruses?
    • If not, what would you do to supplement the tool to ensure you have adequate protection for your system during an investigation?
  • How do you think investigators can best use this tool?
  • When do you recommend using this tool? Why?