('binary' encoding is not supported, stored as-is) Any ideas as to why I can not see files of a mounted ntfs imaage? The ntfs disk has two partitions (`fdisk -l /dev/hdc`) I've made an image of both partitions (hdc1 hdc5). I can mount both images but only see files in the mounted hdc5. If I mount the partition (/dev/hdc1) and cd in the mount point, I see files. Any thoughts on why the dd image does not appear to have files when I issue an ls. My commands: dd if=/dev/hdc1 conv=noerrors of=hdc1.img mount -r -o loop -t ntfs hdc1.img /mnt/hdc1 mount -r -t ntfs -o loop /dev/hdc1 /mnt/real ls /mnt/real --> lots of files ls /mnt/hdc1 --> no files strings hdc1.img |less --> lots of data. I see a msword doc. I've also tried rda with --skip-errors which yields the same results. the dd stream reports a read error and continues. rda reports 'no bad blocks' Additionally, autopsy doesn't recognize the image either. ----------------------------------------------------------------- This list is provided by the SecurityFocus ARIS analyzer service. For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com
This archive was generated by hypermail 2b30 : Tue Aug 26 2003 - 21:40:57 PDT