The FTimes Project The HashDig Project The WebJob Project The PaD Project
Location: / Home / FTimes / History
FTimes
Home
History

The official or given name of this utility is FTimes, but operationally it is referred to as ftimes. In the fledgling stages of development, the name FTimes was short for File Times. This was because its primary purpose was to collect timestamp information from systems suspected of having been compromised.

The first version of FTimes was written in the Spring of 1998 to support a forensic examination of a compromised system. At that time, FTimes was primarily a workbench tool for the forensic practitioner. As time passed, its audience expanded to include system administrators and computer security professionals who needed tools to monitor the integrity of their systems. Eventually, it became a core component in Exodus' Content Integrity Monitoring Service (CIMS).

In the Fall of 2001, Exodus Communications, Inc. approved my request to make FTimes Open Source. At that time version two was very stable, but I was in the throes of creating version three which was a major restructuring of the code base. Consequently, I decided to wait until the new version was complete before releasing it to the community.

On January 29, 2002, the first Open Source version of FTimes was released from SourceForge.

FTimes continues to support the workbench environment, but has evolved into a tool that can be utilized to support Integrity Monitoring in large, diverse, and distributed environments. Today, FTimes more appropriately equates to File Topography and Integrity Monitoring on an Enterprise Scale.

The original design objectives for FTimes were to build a tool that:

  • does one thing extremely well (i.e., collect file attributes),

  • utilizes a simple, effective, and well understood algorithm that can be applied equally well to different operating systems,

  • generates output that is easily assimilated by a wide variety of existing tools,

  • has built-in logging that is complete, precise, and useful for analysis purposes,

  • is accurate, efficient, and minimally invasive,

  • doesn't need to be installed on the target system,

  • is small enough to run from floppy even if statically compiled, and

  • provides only a command line interface.

Copyright 2000-2014 The FTimes Project, All Rights Reserved.
The FreeBSD Project SourceForge Logo KoreLogic, Inc.