linux Ó¦¼±ÏàÓ¦¹¤¾ß°üºÍlivecd
http://www.forensicswiki.org/wiki/Helix3
http://www.sleuthkit.org/index.php
»Ö¸´²½Öè:
root@srv01 [/home/recovery]# ./fls -a -r -p /dev/sdb3 > sdb3usrdirlist.txt
root@srv01 [/home/recovery]# grep -i "access_log" /home/recovery/sdb3usrdirlist.txt
r/r 2195490: local/cpanel/logs/access_log
r/r * 2199010(realloc): local/cpanel/logs/access_log-cpanelsync
r/r 2362208: local/apache/logs/access_log
root@srv01 [/home/recovery]# ./icat -r -s -f ext3 /dev/sdb3 2195490 > /tmp/access_log
root@srv01 [/home/recovery]# ls -la /tmp/access_log
-rw-r--r-- 1 root root 13312000 Jun 11 03:38 /tmp/access_log
root@srv01 [/home/recovery]#
Ïà¹ØÎĵµ£º
£¨L2CAPÐÒé¼ò½é£¬L2CAPÔÚBlueZÖеÄʵÏÖÒÔ¼°L2CAP±à³Ì½Ó¿Ú£©
Ò»£ºL2CAPÐÒé¼ò½é£º
Logical Link Control and Adaptation Protocol(L2CAP)
Âß¼Á¬½Ó¿ØÖƺÍÊÊÅäÐÒé (L2CAP) ΪÉϲãÐÒéÌṩÃæÏòÁ¬½ÓºÍÎÞÁ¬½ÓµÄÊý¾Ý·þÎñ£¬²¢Ìṩ¶àÐÒ鹦ÄܺͷָîÖØ×é²Ù×÷¡£L2CAP ³äÐíÉϲãÐÒéºÍÓ¦ÓÃÈí¼þ´«ÊäºÍ½ÓÊÕ×î´ó³¤¶ÈΪ 64K µÄ L2CAP Ê ......
ÀýÒ»£º·¢ËÍSignaling Packet£º
Signaling CommandÊÇ2¸öBluetoothʵÌåÖ®¼äµÄL2CAP²ãÃüÁî´«Êä¡£ËùÒÔµÃSignaling CommandʹÓÃCID 0x0001.
¶à¸öCommand¿ÉÒÔÔÚÒ»¸öC-frame£¨control frame£©Öз¢ËÍ¡£
Èç¹ûÒªÖ±½Ó·¢ËÍSignaling Command.ÐèÒª½¨Á¢SOCK_RAWÀàÐ͵ÄL2CAPÁ¬½ÓSocket¡£ÕâÑù²ÅÓлú»á×Ô¼ºÌî³äCommand Code£¬Identi ......
Service Discovery Protocol(SDP)ÌṩһÖÖÄÜÁ¦£¬ÈÃÓ¦ÓóÌÐòÓз½·¨·¢ÏÖÄÄÖÖ·þÎñ¿ÉÓÃÒÔ¼°ÕâÖÖ·þÎñµÄÌØÐÔ¡£
·þÎñ·¢ÏÖÐÒé(SDP»òBluetooth SDP)ÔÚÀ¶ÑÀÐÒéÕ»ÖжÔÀ¶ÑÀ»·¾³ÖеÄÓ¦ÓóÌÐòÓÐÌØÊâµÄº¬Ò⣬·¢ÏÖÄĸö·þÎñÊÇ¿ÉÓõĺÍÈ·¶¨ÕâЩ¿ÉÓ÷þÎñµÄÌØÕ÷¡£SDP¶¨ÒåÁËbluetooth client·¢ÏÖ¿ÉÓÃbluetooth server·þÎñºÍËüÃǵÄÌØÕ÷µÄ·½·¨¡£ ......
дµÃÂùºÃµÄlinuxѧϰ±Ê¼Ç
linuxĿ¼¼Ü¹¹
/ ¸ùĿ¼
/bin ³£ÓõÄÃüÁî binary file µÄÄ¿錄
/boot ´æ·ÅϵͳÆô¶¯Ê±±ØÐë¶ÁÈ¡µÄµµ°¸£¬°üÀ¨ºËÐÄ (kernel) ÔÚÄÚ
/boot/grub/menu.lst GRUBÉèÖÃ
/boot/vmlinuz& ......
²âÊÔϵͳÔÚLinuxÉϵÄÐÔÄÜ·¢ÏÖ¶ª°üÂʼ«ÎªÑÏÖØ£¬·¢210000ÌõÊý¾Ý£¬¶ª°ü´ï110000Ö®¾Þ£¬¶ª°üÂʳ¬¹ý50%¡£Í¬µÈÇéÐÎÏÂWindowsÉϲâÊÔ£¬½ö¶ª¼¸ÌõÊý¾Ý¡£ÐÎÊÆÑϾþ£¬±ØÐë½â¾ö¡£¿¼ÂÇ¿ÉÄÜÊÇÒòΪÐÒéÕ»BufferÌ«µÍËùÖ£¬ÓÚÊÇÏÈ¿´¿´Ä¬ÈÏÇé¿ö£º
sysctl -a |grep net.core
·¢ÏÖ
net.core.rmem_max = 131071
net.core.rmem_default = 11264 ......
