- As the title of this post indicates, this is a bootable, live linux CD. It is a heavily modified version of Knoppix.
- It is specifically for forensics and incident response. For this reason, such features as never using swap space are always on. This distro is also updated every 3 months to stay current.
- In addition to a bootable CD, it can also be used as a Windows application.
The quote below and much more can be found in their document, Helix for Beginners.
Helix operates in two different modes – Windows and Linux.
Helix is a forensically sound bootable Linux environment much like Knoppix, but a whole lot more. The “other side” of Helix, a Microsoft Windows executable feature, contains approximately 90 MB of incident response tools for Windows. The rationale behind this was that a majority of incidents require interaction with a live Windows system, the dominant operating system in the computer market.
For the whole scoop:
Hope this helps,