- Community Home
- >
- Servers and Operating Systems
- >
- Operating Systems
- >
- Operating System - Linux
- >
- Re: Was file created by "dd" command?
Categories
Company
Local Language
Forums
Discussions
Forums
- Data Protection and Retention
- Entry Storage Systems
- Legacy
- Midrange and Enterprise Storage
- Storage Networking
- HPE Nimble Storage
Discussions
Discussions
Discussions
Forums
Forums
Discussions
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
- BladeSystem Infrastructure and Application Solutions
- Appliance Servers
- Alpha Servers
- BackOffice Products
- Internet Products
- HPE 9000 and HPE e3000 Servers
- Networking
- Netservers
- Secure OS Software for Linux
- Server Management (Insight Manager 7)
- Windows Server 2003
- Operating System - Tru64 Unix
- ProLiant Deployment and Provisioning
- Linux-Based Community / Regional
- Microsoft System Center Integration
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Community
Resources
Forums
Blogs
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО06-02-2009 08:43 AM
тАО06-02-2009 08:43 AM
command filename
output shows if the file was originally created using:
dd if=/dev/zero of=filename bs=1k count=4100000
Thanks!
Solved! Go to Solution.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО06-02-2009 09:38 AM
тАО06-02-2009 09:38 AM
Re: Was file created by "dd" command?
a file named filename in whatever directory you were in when you ran the command
SEP
Owner of ISN Corporation
http://isnamerica.com
http://hpuxconsulting.com
Sponsor: http://hpux.ws
Twitter: http://twitter.com/hpuxlinux
Founder http://newdatacloud.com
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО06-02-2009 10:13 AM
тАО06-02-2009 10:13 AM
Re: Was file created by "dd" command?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО06-02-2009 11:04 AM
тАО06-02-2009 11:04 AM
Re: Was file created by "dd" command?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО06-02-2009 12:15 PM
тАО06-02-2009 12:15 PM
Re: Was file created by "dd" command?
For that matter, how would you distinguish this(?):
# touch myfile
# cat /dev/null > myfile
...in each the the resulting file is empty.
This empty file comes about by truncation too:
# cp /etc/hosts myfile && > myfile
If you command, you are creating a "sparse" file. You can't distinguish these cases either:
# dd if=/dev/zero of=file1 bs=1k count=100
# perl -e 'open(FH,">","file2") or die;seek(FH,(1024*99+1023),1);print FH "\000";close FH'
Regards!
...JRF...
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО06-06-2009 03:34 AM
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО06-18-2009 06:06 PM
тАО06-18-2009 06:06 PM
Re: Was file created by "dd" command?
Can knowing where/how a file was created help to detect intrusions? malicious "planted" code, etc?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО06-19-2009 08:02 AM
тАО06-19-2009 08:02 AM
Re: Was file created by "dd" command?
> Can knowing where/how a file was created help to detect intrusions? malicious "planted" code, etc?
More than that, knowing that there has been a _change_ when none was anticipated is an "alarm" to be investigated. You might want to look at 'tripwire':
http://www.tripwire.com/products/servers/features.cfm
Regards!
...JRF...
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО06-19-2009 08:15 AM
тАО06-19-2009 08:15 AM
Re: Was file created by "dd" command?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО06-20-2009 06:39 PM
тАО06-20-2009 06:39 PM
Re: Was file created by "dd" command?
Clearcase is a revision history management system. It isn't really for security.
>Can knowing where/how a file was created help to detect intrusions? malicious "planted" code, etc?
Clearcase works by users wanting to track their changes, and won't work for malicious users, unless you want to protect read only files.