Intrusion analysis in military networks - file systems and logging

This report presents a study of the technical aspects of four file systems, NTFS, FAT32, Ext2, and Ext3. Their structure on disk and organization of data, files, and directories is described at a level enabling further research of the field. This report does, however, not describe how writing, changing, and deleting files is done in the respective file system. Apart from file systems the report also covers the basics of logging and different tools for doing system integrity checking. The report is concluded with a chapter presenting suggested future work, sprung from the file system and logging studies.