Re: NTFS and inodesMar 14 2005 03:22PM Brian Carrier (carrier cerias purdue edu)
On Mar 14, 2005, at 6:47 AM, H Carvey wrote:
> When booting a Windows XP system with a Linux distro, one mounts the
> NTFS drive and runs a command such as "ls -li". In the output, what
> does the inode number refer to in the NTFS structure?
As you can read in my book (sorry, I've always wanted to give that
response to a question and couldn't resist. :) I promise I won't do it
again. ), the numbers refer to the Master File Table (MFT) entry
address. NTFS stores a file's metadata in an MFT entry, like UFS /
ExtX store a file's metadata in an inode. The MFT is a big table and
the "ls -i" number is the index into it. Each file and directory has
at least one entry and some entries are reserved for special files and
directories. An NTFS directory stores the name and MFT entry address
for the files and subdirectories that it contains.
brian
http://www.digital-evidence.org
-----------------------------------------------------------------
This list is provided by the SecurityFocus ARIS analyzer service.
For more information on this free incident handling, management
and tracking system please see: http://aris.securityfocus.com
> When booting a Windows XP system with a Linux distro, one mounts the
> NTFS drive and runs a command such as "ls -li". In the output, what
> does the inode number refer to in the NTFS structure?
As you can read in my book (sorry, I've always wanted to give that
response to a question and couldn't resist. :) I promise I won't do it
again. ), the numbers refer to the Master File Table (MFT) entry
address. NTFS stores a file's metadata in an MFT entry, like UFS /
ExtX store a file's metadata in an inode. The MFT is a big table and
the "ls -i" number is the index into it. Each file and directory has
at least one entry and some entries are reserved for special files and
directories. An NTFS directory stores the name and MFT entry address
for the files and subdirectories that it contains.
brian
http://www.digital-evidence.org
-----------------------------------------------------------------
This list is provided by the SecurityFocus ARIS analyzer service.
For more information on this free incident handling, management
and tracking system please see: http://aris.securityfocus.com
[ reply ]