EXT3 File Recovery via Indirect Blocks - SANS Computer Forensics

Download PDF
14 downloads 871 Views 850KB Size Report
Comment
Jan 16, 2011 ... EXT2: Simply mark inode as unallocated. (File recovery is trivial).  EXT3: Zeroes block pointers, marks as unallocated. (File recovery?
   

          

   



  

 



 



 



 



 



 

 

 

           

   

           



    

        

         

        

       

      



      

                    



 

        

 

    

     

                

    

     

                           

         

              



               



           

