COEN 252: Computer Forensics

Slides:



Advertisements
Similar presentations
Chapter 12: File System Implementation
Advertisements

Operating Systems Operating Systems - Winter 2009 Chapter 5 – File Systems Vrije Universiteit Amsterdam.
Operating Systems Operating Systems - Winter 2011 Chapter 5 – File Systems Vrije Universiteit Amsterdam.
UC Santa Barbara Project 3 Discussion Bryce Boe 2011/05/17 and 2011/05/20.
File Systems Examples.
Ext2/Ext3 Linux File System Reporter: Po-Liang, Wu.
File System Basics Brandon Checketts. Some terminology Superblocks Inodes Journaling Hard links Symbolic links Directory entries.
File System – Unix baed. An entry of Active File table: 1. Access Right: r/w/x 2. Process Count: no. of processes which are now referring to the file.
CSE 451: Operating Systems Section 7 File Systems; Project 3.
File System Implementation CSCI 444/544 Operating Systems Fall 2008.
File management in UNIX and windows 2000
Computer Forensics Principles and Practices by Volonino, Anzaldua, and Godwin Chapter 6: Operating Systems and Data Transmission Basics for Digital Investigations.
File System Implementation
7/15/2015B.RamamurthyPage 1 File System B. Ramamurthy.
BACS 371 Computer Forensics
1Fall 2008, Chapter 11 Disk Hardware Arm can move in and out Read / write head can access a ring of data as the disk rotates Disk consists of one or more.
Computer Forensics COEN 252.  File systems can be extent-based ◦ E.g. NTFS ◦ Storage space is allocated in extents, large sets of contiguous blocks ◦
Files CS Spring Overview Example: FAT File System File Organization File System Organization –File Directories and File Sharing –Record Blocking.
File System Implementation Chapter 12. File system Organization Application programs Application programs Logical file system Logical file system manages.
File Systems CSCI What is a file? A file is information that is stored on disks or other external media.
Chapter 5 File Management File System Implementation.
File System Implementation
Some basic concepts and information on file systems Portions taken and modified from books by ANDREW S. TANENBAUM.
Files & File system. A Possible File System Layout Tanenbaum, Modern Operating Systems 3 e, (c) 2008 Prentice-Hall, Inc. All rights reserved
Ext2/Ext3 Linux File System Reporter: Po-Liang, Wu.
UNIX File System (UFS) Chapter Five.
The UNIX File System (1) Some important directories found in most UNIX systems.
Linux File system Implementations
Linux File system and VFS. A simple description of the UNIX system, also applicable to Linux, is this: "On a UNIX system, everything is a file; if something.
THE FILE SYSTEM Files long-term storage RAM short-term storage Programs, data, and text are all stored in files, which is stored on.
File Systems Topics Design criteria History of file systems Berkeley Fast File System Effect of file systems on programs fs.ppt CS 105 “Tour of the Black.
Lecture 19 Linux/Unix – File System
Linux file systems Name: Peijun Li Student ID: Prof. Morteza Anvari.
Lecture 20 FSCK & Journaling. FFS Review A few contributions: hybrid block size groups smart allocation.
File system and file structures
1 The File System. 2 Linux File System Linux supports 15 file systems –ext, ext2, xia, minix, umsdos, msdos, vfat, proc, smb, ncp, iso9660, sysv, hpfs,
1 Section 8: File Systems Project 3. 2 Questions?
Getting Started with Linux
Day 28 File System.
File System Examples Unix Fast File System (FFS)
EXT in Detail High-Performance Database Research Center
Operating Systems Chapter 5 – File Systems
Chapter 11: File System Implementation
Chapter 11: Implementing File Systems
Chapter 12: File System Implementation
Day 27 File System.
Chapter 11: File System Implementation
Filesystems.
Journaling File Systems
Chapter 12: File System Implementation
Computer Networks and Operating Systems Lecture-3
File Sharing Sharing of files on multi-user systems is desirable
Chapter 11: File System Implementation
File Structure 2018, Spring Pusan National University Joon-Seok Kim
An overview of the kernel structure
Chapter 11: File System Implementation
File System B. Ramamurthy B.Ramamurthy 11/27/2018.
Chapter 12 File Management
Directory Structure A collection of nodes containing information about all files Directory Files F 1 F 2 F 3 F 4 F n Both the directory structure and the.
CSE 451 Fall 2003 Section 11/20/2003.
Chapter 15: File System Internals
Chapter 11: File System Implementation
File Management System Simulation
CS703 - Advanced Operating Systems
SE350: Operating Systems Lecture 12: File Systems.
CS 105 “Tour of the Black Holes of Computing”
Internal Representation of Files
Lecture 4: File-System Interface
The File Manager Implementation issues
The Design and Implementation of a Log-Structured File System
Presentation transcript:

COEN 252: Computer Forensics Unix File Systems

Unix File System Increasingly important Linux MacOS X Bewildering variety on a laptop Linux versions Free BSD Open BSD Mac

Unix File Systems Almost everything is a file. File has properties such as File type and access permissions. Link count. Ownership & group membership. Date and time of last modification. File name.

Unix File System Owners can change many of these data Including modification time.

Unix File System Based on Inodes. More flexible than tables.

Inodes i_mode (directory IFDIR, block special file (IFBLK), character special file (IFCHR), or regular file (IFREG) i_nlink i_uid (user id) i_gid (group id) i_size (file size in bytes) i_addr (an array that holds addresses of blocks) i_mtime (modification time & date) i_atime (access time & date)

Inodes

Inodes

Unix File System Classical Unix used a file table to mediate between users and their open files. File table had references to the inodes of open files.

Unix File System On-Disk Layout. Superblock contains data on the file system.

Unix File System

Unix File Systems First versions of Unix had a single file system. Unix System V Release 3.0 introduced File System Switch architecture. No longer a tight coupling between kernel and file system.

Unix File Systems SunOS elaborated on this idea. Clear split between file system-dependent and file system-independent kernel. Intermediary layer is the VFS / VOP / veneer layer. Allows disk file systems such as 4.2 BSD FFS, MS-DOS, NFS, RFS.

Unix File Systems Disk Layout not uniform. Ext2 (Linux) file system layout.

Journaling File Systems File systems use caching in order to speed up operations. An unclean dismount can leave the file system in an unclean state. Journaling file system can keep a log, so that they can simply replay the log in order to bring the file system into a consistent state.

Journaling File Systems Log can contain Only records of changes to metadata. Records of changes to metadata and client data. New values of blocks. Research Effort. Not successfully implemented.

Journaling File Systems ext3 (adds journal to ext2) for Linux JFS ReiserFS XFS …

Journaling File Systems Interesting opportunity for forensic investigation. Unfortunately, log entries get purged if too old.

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.