sleuthkit-users Mailing List for The Sleuth Kit (Page 166)

SourceForge Headquarters 1320 Columbia Street Suite 310 San Diego, CA 92101 +1 (858) 422-6466

Hi list,

I have a dd image of a floppy.

when examining this floppy with the disktype command I get:

> disktype floppy1.001
>
> --- floppy1.001
> Regular file, size 1.406 MiB (1474560 bytes)
> FAT12 file system (hints score 5 of 5)
>   Volume size 1.390 MiB (1457664 bytes, 2847 clusters of 512 bytes)

When I want to list the partitions on this image i do:

> mmls floppy1.001
> DOS Partition Table
> Sector: 0
> Units are in 512-byte sectors
>
>      Slot    Start        End          Length       Description
> 00:  -----   0000000000   0000000000   0000000001   Primary Table (#0)
> 01:  -----   0000000001   1112359496   1112359496   Unallocated
> 02:  00:01   1112359497   1651347857   0538988361   Novell Netware (0x65)
> 03:  00:02   1126178899   1126198689   0000019791   Win LVM / Secure 
> FS (0x42)
> 04:  -----   1126198690   1869562399   0743363710   Unallocated
> 05:  00:00   1869562400   3503645331   1634082932   GoBack (0x44)

When I want some extra info about this FAT12 disk I do:
This also confirms its a FAT12.
> dosfsck -v floppy1.001
> dosfsck 2.11 (12 Mar 2005)
> dosfsck 2.11, 12 Mar 2005, FAT32, LFN
> Checking we can access the last sector of the filesystem
> Boot sector contents:
> System ID "IBM  3.3"
> Media byte 0xf0 (5.25" or 3.5" HD floppy)
>        512 bytes per logical sector
>        512 bytes per cluster
>          1 reserved sector
> First FAT starts at byte 512 (sector 1)
>          2 FATs, 12 bit entries
>       4608 bytes per FAT (= 9 sectors)
> Root directory starts at byte 9728 (sector 19)
>        224 root directory entries
> Data area starts at byte 16896 (sector 33)
>       2847 data clusters (1457664 bytes)
> 18 sectors/track, 2 heads
>          0 hidden sectors
>       2880 sectors total
> Checking for unused clusters.
> floppy1.001: 1 files, 0/2847 clusters

When I check how many space there is left on the disk I get :

> df -h
> Filesystem            Size  Used Avail Use% Mounted on
> /dev/floppy/0         1.4M   51K  1.4M   4% /mnt/floppy

I can list the contents of this disk, no problem.

Where does the information that mmls produces come from?
Why can I read the disk without any problems on my linux box and windows 
box?
How can the OS handle this disk since the partition layout is completely 
wrong?

Thanks in advance list,

Js.

2002	Jan	Feb	Mar	Apr	May	Jun	Jul (6)	Aug	Sep (11)	Oct (5)	Nov (4)	Dec
2003	Jan (1)	Feb (20)	Mar (60)	Apr (40)	May (24)	Jun (28)	Jul (18)	Aug (27)	Sep (6)	Oct (14)	Nov (15)	Dec (22)
2004	Jan (34)	Feb (13)	Mar (28)	Apr (23)	May (27)	Jun (26)	Jul (37)	Aug (19)	Sep (20)	Oct (39)	Nov (17)	Dec (9)
2005	Jan (45)	Feb (43)	Mar (66)	Apr (36)	May (19)	Jun (64)	Jul (10)	Aug (11)	Sep (35)	Oct (6)	Nov (4)	Dec (13)
2006	Jan (52)	Feb (34)	Mar (39)	Apr (39)	May (37)	Jun (15)	Jul (13)	Aug (48)	Sep (9)	Oct (10)	Nov (47)	Dec (13)
2007	Jan (25)	Feb (4)	Mar (2)	Apr (29)	May (11)	Jun (19)	Jul (13)	Aug (15)	Sep (30)	Oct (12)	Nov (10)	Dec (13)
2008	Jan (2)	Feb (54)	Mar (58)	Apr (43)	May (10)	Jun (27)	Jul (25)	Aug (27)	Sep (48)	Oct (69)	Nov (55)	Dec (43)
2009	Jan (26)	Feb (36)	Mar (28)	Apr (27)	May (55)	Jun (9)	Jul (19)	Aug (16)	Sep (15)	Oct (17)	Nov (70)	Dec (21)
2010	Jan (56)	Feb (59)	Mar (53)	Apr (32)	May (25)	Jun (31)	Jul (36)	Aug (11)	Sep (37)	Oct (19)	Nov (23)	Dec (6)
2011	Jan (21)	Feb (20)	Mar (30)	Apr (30)	May (74)	Jun (50)	Jul (34)	Aug (34)	Sep (12)	Oct (33)	Nov (10)	Dec (8)
2012	Jan (23)	Feb (57)	Mar (26)	Apr (14)	May (27)	Jun (27)	Jul (60)	Aug (88)	Sep (13)	Oct (36)	Nov (97)	Dec (85)
2013	Jan (60)	Feb (24)	Mar (43)	Apr (32)	May (22)	Jun (38)	Jul (51)	Aug (50)	Sep (76)	Oct (65)	Nov (25)	Dec (30)
2014	Jan (19)	Feb (41)	Mar (43)	Apr (28)	May (61)	Jun (12)	Jul (10)	Aug (37)	Sep (76)	Oct (31)	Nov (41)	Dec (12)
2015	Jan (33)	Feb (28)	Mar (53)	Apr (22)	May (29)	Jun (20)	Jul (15)	Aug (17)	Sep (52)	Oct (3)	Nov (18)	Dec (21)
2016	Jan (20)	Feb (8)	Mar (21)	Apr (7)	May (13)	Jun (35)	Jul (34)	Aug (11)	Sep (14)	Oct (22)	Nov (31)	Dec (23)
2017	Jan (20)	Feb (7)	Mar (5)	Apr (6)	May (6)	Jun (22)	Jul (11)	Aug (16)	Sep (8)	Oct (1)	Nov (1)	Dec (1)
2018	Jan	Feb	Mar (16)	Apr (2)	May (6)	Jun (5)	Jul	Aug (2)	Sep (4)	Oct	Nov (16)	Dec (13)
2019	Jan	Feb (1)	Mar (25)	Apr (9)	May (2)	Jun (1)	Jul (1)	Aug	Sep	Oct	Nov	Dec
2020	Jan (2)	Feb	Mar (1)	Apr	May (1)	Jun (3)	Jul (2)	Aug	Sep	Oct (5)	Nov	Dec
2021	Jan	Feb	Mar (1)	Apr	May	Jun (4)	Jul (1)	Aug	Sep (1)	Oct	Nov (1)	Dec
2022	Jan	Feb (2)	Mar	Apr	May (2)	Jun	Jul (3)	Aug	Sep	Oct	Nov	Dec
2023	Jan (2)	Feb	Mar (1)	Apr	May	Jun	Jul	Aug	Sep	Oct (1)	Nov	Dec
2024	Jan	Feb (3)	Mar	Apr (1)	May	Jun	Jul	Aug	Sep	Oct	Nov	Dec
2025	Jan	Feb	Mar	Apr	May	Jun	Jul (1)	Aug	Sep	Oct	Nov	Dec

sleuthkit-users Mailing List for The Sleuth Kit (Page 166)

sleuthkit-users — List to discuss Autopsy and The Sleuth Kit.