ISSC 457 Week 6 Interactive Lab
Week 6 Interactive Lab
Estimated completion time: 1 hour
Complete one of the Hands-On projects on page 4-65 of the textbook.
Report the steps you need to perform these tasks.
- Validate your steps and findings
- Download dd for Windows from http://www.chrysocome.net/dd.
- Unzip the dd-0.5.zip file to C:\dd-0.5.
- Click Start->Run, write cmd and press Enter to open a new command prompt window.
- In the command prompt window type cd c:\dd-0.5 and press Enter.
- Connect the pendrive to your computer and check the drive letter assigned to it. Note: For this exercise, the pendrive was assigned H. Notice also that the file system is reported as FAT32.
- Before acquiring the image, you need to know the preferred name for the device. For this, type dd –list and press Enter.
- Now, to acquire the image type dd –progress if=\\.\h: of=pendrive.img and press Enter.
- Verify that the image file was created. Type dir and press Enter. A file named pendrive.img should be listed. Note: the size of the file depends on the capacity of the flash drive. In our case, we are working with a 256Mb drive.
- Next, we will mount this image on a Linux box and analyze the data acquired. Copy the pendrive.img file to another flash drive and take it with you.
- Use your Linux workstation for the following steps. Note: In our case, we will boot on the same computer using Knoppix 5.1 Live CD, but any other Linux distribution can also be used. When booting from the same computer, you can mount the image directly from the computer hard disk instead of the flash drive. However, we will mount the image copied to your flash drive to avoid any confusion.
- Connect your flash drive with the acquired image to your Linux computer. Note: You may need to manually mount it if the drive wasn’t automatically mounted. Check man mount for help. Also, in our case, the flash drive was mounted to /media/sda1/. This might be different on each computer.
- Open a new shell window and type su to gain root privileges.
- You need to create a mounting directory before mounting the image. Type mkdir /mnt/pendrive and press Enter.
- To mount the image type mount –t vfat –o loop /media/sda1/pendrive.img /mnt/pendrive and press Enter.
Note: We are using vfat as the file system type since the image was acquired from a FAT32 device. Check man mount for other file systems options.
- Read the man pages for the mount command and fill the table below with the appropriate option for mounting the following file systems:
|File System||Mount -t option|
- Now use your preferred file explorer and open the /mnt/pendrive directory.
- The mounting command used above mounts the image with read and write permissions. It is advisable to mount the image for read-only operations. For this, type mount –t vfat –o loop,ro,umask=0222 /media/sda1/pendrive.img /mnt/pendrive and press Enter.
What does umask=0222 mean? What other values are accepted?
- Now type cd /mnt/pendrive and press Enter to go to the mounted image. Then, try creating a new directory with mkdir NewDir and press Enter. Notice the error message.