May, 2007

Volume Boot Sector Format of FAT

There are times when you don’t have sufficient tools to understand the file system. At that time your knowledge in field of digital forensics will play a crucial role. In this article we will study a volume boot sector format of FAT32 file system and will see how to take out crucial information from it like sectors in particular volume, bytes per sector etc…I will be using Encase to explain this article but users can view their hard disk in any hex viewer like for win hex or xxd in Linux. Just open your hard disk’s fat volume in hex editor and follow the steps to understand it.

Read the full article »

7 Comments

May, 2007

Dare to delete my files!

by Nikhil Wagholikar, NII Consulting
Introduction

One of the recommended file-system for Linux is Ext-3. Ext-3 file-system might not be as robust and powerful as compared to the Microsoft NTFS file-system but it has some built-in features that makes Linux a power performer.

Here we will explore one such feature of Ext-3 file-system here. This feature is actually an attribute, which if set on a file/folder, will not even allow “root” user to delete, modify or rename it.

Read the full article »

Comments

Checkmate

May, 2007

Volume Boot Sector Format of FAT

May, 2007

Dare to delete my files!

Visit us at
NII Consulting
Penetration Testing Services
Forensics Services
AuditPro™
Firesec™

Recent Posts

Archives

Categories

Pages

Search

Subscribe

Feeds

Other Links

Blogroll

Checkmate

May, 2007

Volume Boot Sector Format of FAT

May, 2007

Dare to delete my files!

Visit us at NII Consulting Penetration Testing Services Forensics Services AuditPro™ Firesec™

Recent Posts

Archives

Categories

Pages

Search

Subscribe

Feeds

Other Links

Blogroll

Visit us at
NII Consulting
Penetration Testing Services
Forensics Services
AuditPro™
Firesec™