Time
4 hours
Difficulty
Beginner
CEU/CPE
4

Video Transcription

00:00
hi and welcome to everyday digit forensics. My name's just on his son,
00:04
and today I'll be taking you through the first episode of module to the file system.
00:11
In this video, we will go over basic definitions for Sparrow Systems. We're gonna define what a foul system is going to. Concepts like a file, a directory, a path
00:21
I wouldn't object it.
00:23
And with this just kind of review, the basic concepts of what a file system is before we jump into forensics. If you don't understand this,
00:32
this is good. Poor concepts.
00:34
If you're tired of hearing about objects, you go ahead and check on Episode two
00:39
Episode 2.2 years where we actually start reviewing file systems such as the fact file system and anti FS.
00:47
So what is the fastest?
00:49
I gave this photo as a little hints.
00:52
See if you can come up with what a file system.
01:00
So by definition of file system is a process that manages how and where data on a store device
01:07
typically your hard disk drive or in this day and age, a solid state drive is stored access and managed. It is a logical disc opponent that manages any dis internal operations as it relates to computer and is abstract to him. So a file system is a hiring. You have your top level folder, and from that folder you break down into
01:26
other filters.
01:26
And then those other folders break down into more folders, documents, or they're just empty. As you see, the thesis folder under Tom is empty, however, the data directory breaks down into
01:40
into two objects
01:41
to text files.
01:42
So now for some file system concepts,
01:46
so file. If I was a container in a computer system for storing information,
01:51
you hear it interchangeably. Referred to as an object.
01:53
It's quite similar to paper documents used in an office
01:57
or at home
02:00
or even at the library. Those documents air the information you received when you buy a house to buy a car. Those are considered objects or files in a computer system.
02:08
Types of objects go from text files, data files, i n ery directories and graphics. The file types refers to the ability off the operating system to distinguish different different types of files, such as a text file, a source file and a binary file. These file types are like that. PDF
02:29
that text
02:30
that MP four It tells the computer
02:34
how to run
02:36
this particular object. This file
02:38
many operatives isn't support many different types of fires,
02:43
so we have some special files, which are device files. They represent physical devices.
02:49
So these are files that hold Munna data for jester, temporary folders,
02:53
your terminal histories, your print queues, your network data
02:58
and so on. There's two types. Do you have the character special files and you have the block special files. Then there's also ordinary files. These contain user information. They could just be text documents, databases, executable files that similar to your bash files, Microsoft Office applications and so on.
03:17
There's different operations that could be applied to these types of files. So ordinary files you're allowed to add them,
03:23
modifying them, delete them and even just remove the
03:27
removing will be similar to moving a file from one directory to the next. So wasn't directory
03:32
the directories, a container that stores these files and other directories. As I showed in the higher key picture of Tom, Tom was a directory and Tom broke down into individual directories. And then we also had that one directory that just had nothing and that was the end of it. A directory is a file.
03:50
It's just the file that users permitted to use so to file for storage. In that sense,
03:54
ah, user cannot write toe directory. So you're not gonna be able to open up a directory into a word
04:00
into Microsoft Office and modified the data? No, it just opens up into a different storage area,
04:06
Theo asked. The operative system itself
04:10
holds the responsibility for brain directories. So the only way that you are actually able to write a directory is sort of the operative system. And this is when you right click and say on directory
04:20
directories or not file systems. A file system is a directory, but a directory is not a file system.
04:30
A file system is a combination of directories and files. You cannot say that
04:35
a combination of directories and files is a file system, so pass
04:40
you use pass every day as you use your computer. These are the paths of the euro string. Similarly, the route path of cyberia dot i t is https w w don't be cyber. He don t however, as you move forward, you're creating these absolute paps too
04:59
started areas of a file system.
05:01
So an absolute path
05:03
refers to the complete details needed to locate ah, file or folder. It starts at the root level, triangulate all the way to the ending subdirectory where your files located. Like I said, this is used in Web sites and operating systems for locating files.
05:19
Now the related paths is a way to specifically locate a directory from another directory.
05:26
So
05:27
this is saying that it within your current location,
05:30
what is the path you need to take to reach destination B?
05:34
So, for example, in your documents you have see sample documents and your index is see simple index.
05:42
The absolute path for documents is see sample dish
05:46
documents. However, your your relative path is dot dot directories because all you have to do is reach up to the parent level, and then this way you're able to actually locate the index directory.
05:59
So that made sense, right? Let's go back to our example, Tom
06:02
Exercise number one if a file called ANC thought text is located within the old directory.
06:11
So
06:12
down in this directory we have now a file called banking dot tex what would be the absolute path to this file,
06:19
then coming from to dock Tex What is the relative path to get to your stats directory?
06:28
So for the absolute path you're starting at Tom's,
06:32
you're scrolling down to tools.
06:34
You're heading down to old,
06:36
and you go into banking dot text file for question number two.
06:41
You started to
06:43
you do dot dot
06:44
the name of director dot dot to bring you up to the data directory, then your CD. Two tools. If you're using Mac or in a boon to flavor Lennox
06:55
and then city as well. Two stacks so you ready to path will be done. Got tools, sets
07:00
now file structure
07:02
a file structure. This is kind of just required format that the operating system can understand.
07:09
So file has a defined structured according to its type, So Pdf is a different structure than a word document.
07:15
The way textile works. If it's adopt text file, it's simple. It's just a sequence of characters organized into lines. If you break it down into the hex of that symbol, values as you're doing your analysis, you'll see that after the header, because each file have a header and a footer is just
07:34
pretty much a string of characters, and those strings of characters are the words that use them. Pipe
07:40
a source file. This is like your dot pie files for python or somewhere sourcing code that an object is a sequence of bites organized into blocks that understood Find the machine. This could be thought of as the binary files.
07:55
So in today's video wheat, we defined what a file system is. We discuss that it is hierarchy or folders. You start from a root level and you triangulate down.
08:05
We went over some of the common concepts, such as a file, a path, a directory and file structure.
08:11
We did some exercises to understand what an absolute path this
08:16
and what a relative path. This. And we also discussed that a directory does not mean that it's a file system. My file system
08:24
is a combination of directories and files, but a combination of directories and files is not a file system. So in the upcoming that use for this module will go over binary hexi decimal on decimals,
08:37
do some conversions. Just a touch upon that atomic level will do some logical expressions. Learn the logic tables and or and not talk about the paralysis of types and then dive into those different types. The types that will be focusing is a fat fast system NT fs
08:56
the exterior and the X three.
08:58
Alright, guys, I hope you enjoy this video
09:01
and I'll catch you on the next one.

Up Next

Everyday Digital Forensics

In this course, you will be presented with an overview of the principles and techniques for digital forensics investigation in the spectrum of file system analysis.

Instructed By

Instructor Profile Image
Yesenia Yser
Engineering Manager, Security Research & Development at SoFL, Women in Tech Committee Member, University Outreach and STEM Instructor
Instructor