Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: UNIX files timestamping - Need experts opinion as testimonial
Special Forums Cybersecurity UNIX files timestamping - Need experts opinion as testimonial Post 302896176 by docflied on Saturday 5th of April 2014 03:35:18 AM
Old 04-05-2014
Thank you again Corona688, your explanation is quite logic

Now I have a subsequent question. For those recently deleted files which investigators wasn't able to recover contents nor MAC timestamps, is it normal and logic that they were able to fully recover filenames? Hence they were are able to find for each File15 to File16 its exact full name as it was supposed to exist on the file system.

I am just wondering if the filename is stored also at some address (offset and length) of the i-Node and how this info is near or far from MAC timestamps addresses and so how we can trust or not the fact that the filename was recoverable but not the MAC timestamps.

Many thanks to any one who can direct me to any official readings or statistical studies, will really appreciate
 

10 More Discussions You Might Find Interesting

1. UNIX Desktop Questions & Answers

Need your help and opinion

Hey all, I'm brand new to Unix/Linux and have a couple of questions. I own a small education/consulting company that has a staff of approx. 50 employees. Most our work is geared towards the office-style environment (i.e. Word, Excel, Powerpoint, etc.). There are also some C and Java programmers... (4 Replies)
Discussion started by: dennie1
4 Replies

2. Solaris

Your Opinion requested

Ladies/Gentlemen, I am looking for a web-based tool to keep track of my Sun inventory. The following list of fields are fields I would like to store: Root Passwd (needs to be secure) / Hostid / Console Port / IP Address / Platform / Application / Hostname . . . you get the point. Do any of... (4 Replies)
Discussion started by: pc9456
4 Replies

3. Post Here to Contact Site Administrators and Moderators

Opinion

Hi, I am new at this site and at unix. I was reading some answers that the administrators and moderators have posted to others, and sometimes I feel like their a little sarcastic. I am asking just to be patient to me, I know nothing about unix but I do want to learn, and I think that positive... (7 Replies)
Discussion started by: HN19
7 Replies

4. What is on Your Mind?

I Am Calling All Unix Experts Young Mind In Need

My name is Courtney Robinson, and I am just a young man trying to figure out were he wants his life to head. I am currently in school for Computer Science and have once class left and jsut figured out I hate programming. However I am in love with Storage (SAN), UNIX, LINUX. I want to learn more.... (10 Replies)
Discussion started by: Courtney3216
10 Replies

5. Shell Programming and Scripting

forums to hire unix experts

Please recommend forums where I could look for unix expert candidates. (3 Replies)
Discussion started by: itmgr
3 Replies

6. UNIX for Dummies Questions & Answers

Unix Experts Answer this INterview Questions please

1, why Boot server should be in a network in jumpstart? 2, what is the different between patch and package? 3, how to list the avilable NIC in solaris9? 4, User complaing system is slow (solaris) what are the steps to check? 5, what is hardware error and software error and Transport Error? in... (5 Replies)
Discussion started by: suresh_krish
5 Replies

7. UNIX for Advanced & Expert Users

Expert Opinion

This perhaps does not belong in ths category; apologies, however, we have a heated debate going and your input will decide the result. Should UNIX (HP, AIX, etc) be rebooted following a monthly cycle (Every month, or a qtr, etc.). We have some UX admins (grumps) who say they have seen a UX... (6 Replies)
Discussion started by: rsheikh
6 Replies

8. Shell Programming and Scripting

NEED HELP FROM SHELL EXPERTS ASAP ..Compare of two files

I have seen the old forums before posting this thread...I did not find the designated answer for my shell script... I am novice in shell programming: Can some one help on how i can loop with in the loop when comparing two files... I need to compare ID in File1 with IDs in File2...If the ID... (1 Reply)
Discussion started by: rspotula
1 Replies

9. Shell Programming and Scripting

File timestamping issue

Hello, I am working on moving a data file to archive dir from the processing directory using the following lines in my FTP script. Sometimes the mv command does not work as the timestamp is is changed by seconds as the current date in the following code is changed. I have tried to use... (6 Replies)
Discussion started by: vidyab35
6 Replies

10. What is on Your Mind?

Something in my mind - what's your opinion ?

Dear Forum staff / Advisors / members , I am having something in my mind, about Linux / Unix possible Interview questions collections, I guess if I post them here,which might be useful for our members and for students, and in meantime we can discuss also about those questions, what's your... (4 Replies)
Discussion started by: Akshay Hegde
4 Replies

LEARN ABOUT OSF1

learp

learp(8)						      System Manager's Manual							  learp(8)

NAME

       learp - Displays the contents of a LAN-Emulation Address Resolution Protocol (LE-ARP) table

SYNOPSIS

       /usr/sbin/learp [-u unit_number] -a

OPTIONS

       Specifies  a  LE-ARP  cache. The unit number is the same as is displayed by the netstat -i command.  For example: elan0 is unit 0, elan1 is
       unit 1, and so on.

	      If the -u option is not specified, the default unit number is 0.	Displays all entries in the LAN-Emulation Address Resolution  Pro-
	      tocol (LE-ARP) table.

DESCRIPTION

       Each  LAN-Emulation Client interface (displayed as elann in netstat output) has an Address Resolution Protocol (LE-ARP) table that contains
       mappings of 6-byte medium access control (MAC) addresses to 20-byte Asynchronous Transfer Mode (ATM) addresses.	The learp command displays
       the contents of the LE-ARP table.

       Each  LE-ARP  table entry contains the following information: Each MAC address that has been or is being contacted through the ATM-emulated
       LAN.  One of the following state values: AP -- LE-ARP is pending.  The ATM address associated with the MAC address is  not  known.   DE	--
       Delete  of  the LE-ARP cache entry is pending. When there are no more VCs for a LE-ARP entry, it is marked for deletion.  After there is no
       activity for 5 minutes (age periond), the entry is removed for the cache.  FD -- Forward Direct.  Packets flowing to  the  destination  are
       using  the  data-direct VC.  FL -- Flush is pending.  A new VC has been established with the remote node and the broadcast channel is being
       flushed so packets flowing on the new VC will not arrive out of order.  VP -- Virtual Channel (VC) setup is pending.  The  ATM  address	is
       known,  but no VC is established with the remote node.  If known, the 20-byte ATM address associated with the MAC address.  One of the fol-
       lowing flags: R -- Remote entry.  The MAC address is on a legacy (that is, Ethernet) network on the back side of an ATM edge device.  P	--
       Permanent  entry.   The	LE-ARP entry is permanent.  If known, this is the Virtual Path Identifier (VPI) and the Virtual Channel Identifier
       (VCI) of the data-direct VC used by packets destined to the MAC address.  Many MAC addresses may use the same VC.

EXAMPLES

       The following example shows the output of a learp -a command in which the LE-ARP cache contains five entries: # learp -a le-arp cache  con-
       tains 5 entries.
	  MAC  Address	   State	     ATM  Address		    Flags  VPI/VCI  08-00-2b-01-01-01  (AP) pending 08-00-2b-01-01-02 (VP)
       39000000000000000000000000.08002b010102.00      pending	08-00-2b-01-02-02  (FL)  39000000000000000000000000.08002b010203.00    R      0/65
       08-00-2b-01-02-03 (FD) 39000000000000000000000000.08002b010203.00       0/65

SEE ALSO

       Commands: atmconfig(8), atmelan(8), atmsig(8)

																	  learp(8)
All times are GMT -4. The time now is 11:25 PM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy