Re: [PLUG] "unerase" for linux ext3?

JP Vossen on 14 Feb 2008 16:33:16 -0800

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

Re: [PLUG] "unerase" for linux ext3?

From: JP Vossen <jp@jpsdomain.org>

To: plug@lists.phillylinux.org

Subject: Re: [PLUG] "unerase" for linux ext3?

Date: Thu, 14 Feb 2008 19:33:09 -0500

Reply-to: Philadelphia Linux User's Group Discussion List <plug@lists.phillylinux.org>

Sender: plug-bounces@lists.phillylinux.org

User-agent: Thunderbird 2.0.0.9 (Windows/20071031)

> Date: Thu, 14 Feb 2008 17:15:41 -0500 > From: Eric <eric@lucii.org> > Subject: Re: [PLUG] "unerase" for linux ext3? > > When I ran the grep command it told me that "binary file /dev/sdb2 > matches" :-) Good! So you've found *something*... > I need a command that finds the matching string and outputs the next > block of characters to a file (on another device of course.). Hummm > Perl comes to mind. Sorry, my mistake. Add '-a' to grep to force ASCII mode. See also -B, -A, -C for the before, after, or both context amount options. Here's the thread on my oops, less than 1 year ago. Huh, thought it was longer. http://groups.google.com/group/pantug/msg/b67213cfcad4bfa1 Grep commands (as root) I used, where my data partition on my RAID5 array is on /dev/sda2: # grep -a -A 700 'llr2tab.pl' /dev/sda2 | strings | less # grep -a -A 200 '# First, check the entire record verbatim' /dev/sda2 | strings | less ~~~~~~~~~~~~~~~~ Kristian Erik Hermansen wrote: > Check out foremost. http://www.linuxjournal.com/node/1005913 Nice article. And Foremost sounds most impressive. I've just prophylactically installed it on a couple of key machines, just in case. ~~~~~~~~~~~~~~~~ Mark wrote: > See also: http://www.fish2.com/tct/help-recovering-file That sounds like a more structured and automated version of my half-assed, "just grep it" solution. Bookmarked it. > TCT, TSK, Autopsy (http://www.sleuthkit.org/) sudo aptitude install sleuthkit autopsy :-) Nice. Again, good luck to Eric, JP ----------------------------|:::======|------------------------------- JP Vossen, CISSP |:::======| jp{at}jpsdomain{dot}org My Account, My Opinions |=========| http://www.jpsdomain.org/ ----------------------------|=========|------------------------------- Microsoft has single-handedly nullified Moore's Law. Innate design flaws of Windows make a personal firewall, anti-virus and anti-malware software mandatory. The resulting software arms race has effectively flattened Moore's Law on hardware running Windows. ___________________________________________________________________________ Philadelphia Linux Users Group -- http://www.phillylinux.org Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce General Discussion -- http://lists.phillylinux.org/mailman/listinfo/plug

Follow-Ups:

Re: [PLUG] "unerase" for linux ext3?
From: JP Vossen <jp@jpsdomain.org>

Prev by Date: Re: [PLUG] "unerase" for linux ext3?

Next by Date: Re: [PLUG] "unerase" for linux ext3?

Previous by thread: Re: [PLUG] "unerase" for linux ext3?

Next by thread: Re: [PLUG] "unerase" for linux ext3?

Index(es):

Date

Thread