Linux Forensics by Philip Polstra
Author:Philip Polstra [Polstra, Philip]
Language: eng
Format: azw3, epub
Publisher: Pentester Academy
Published: 2015-09-30T04:00:00+00:00
0x400
Metadata Csum
Checksums are used on metadata items
0x800
Replica
The filesystem supports replicas
0x1000
ReadOnly
Should only be mounted as read-only
When the Sparse Superblock feature is in use, the superblock is only found in block group 0 or in block groups that are a power of 3, 5, or 7. If there is at least one file greater than 2 gigabytes on the filesystem, the Large File feature flag will be set. The Huge File feature flag indicates at least one huge file is present. Huge files have their sizes specified in clusters (the size of which is stored in the superblock) instead of data blocks.
The Btree Directory feature allows large directories to be stored in binary-trees. This is not common. Another feature related to large directories is Directory Nlink. When the Directory Nlink flag is set, subdirectories are not limited to 32,768 entries as in previous versions of ext3.
The GDT Checksum feature allows checksums to be stored in the group descriptor tables. The Extra Isize feature flag indicates that large inodes are present on the filesystem. If a filesystem snapshot is present, the Has Snapshot flag will be set. Disk quota use is indicated by the Quota feature flag.
The Big Alloc feature is useful if most of the files on the filesystem are huge. When this is in use, file extents (discussed later in this chapter) and other filesystem structures use multi-block clusters for units. The Metadata Checksum flag indicates that checksums are stored for the metadata items in inodes, etc. If a filesystem supports replicas, the Replica flag will be set. A filesystem with the Read Only flag set should only be mounted as read-only. This flag can be set to prevent others from modifying the filesystem’s contents.
Only two features in the read-only compatible set affect the filesystem layout: Sparse Super Blocks and Extra Isize. Sparse super blocks affect which block groups have superblock backups. Like 64-bit mode, the Extra Isize feature affects the layout indirectly by changing the inode size.
Download
This site does not store any files on its server. We only index and link to content provided by other sites. Please contact the content providers to delete copyright contents if any and email us, we'll remove relevant links or contents immediately.
Blockchain Basics by Daniel Drescher(2562)
Mastering Bitcoin: Programming the Open Blockchain by Andreas M. Antonopoulos(2274)
From CIA to APT: An Introduction to Cyber Security by Edward G. Amoroso & Matthew E. Amoroso(2266)
The Art Of Deception by Kevin Mitnick(2045)
Mastering Python for Networking and Security by José Manuel Ortega(1920)
The Code Book by Simon Singh(1876)
Applied Network Security by Arthur Salmon & Michael McLafferty & Warun Levesque(1741)
Wireless Hacking 101 by Karina Astudillo(1691)
Mobile Forensics Cookbook by Igor Mikhaylov(1683)
Serious Cryptography: A Practical Introduction to Modern Encryption by Aumasson Jean-Philippe(1677)
DarkMarket by Misha Glenny(1595)
Bulletproof Android: Practical Advice for Building Secure Apps (Developer's Library) by Godfrey Nolan(1557)
Mastering Azure Security by Mustafa Toroman and Tom Janetscheck(1544)
Bitcoin: The Basics of Blockchain and Investing in Cryptocurrency by K. Connors(1455)
Linux Forensics by Philip Polstra(1334)
Healthcare Information Security and Privacy (All-In-One) by Sean Murphy(1240)
Information Security Risk Assessment Toolkit by Mark Talabis & Jason Martin(1222)
CompTIA CSA+ Cybersecurity Analyst Certification All-in-One Exam Guide (CS0-001) (EBook) by Maymi Fernando & Chapman Brent(1202)
We Are Anonymous: Inside the Hacker World of LulzSec, Anonymous, and the Global Cyber Insurgency by Olson Parmy(1116)
