THE DFIR BLOG
Menu

Linux Forensics

Linux Directories

5/6/2024

0 Comments

 
Linux Mnemomic: 
List of directories at the root level and a mnemonic to remember them.
bin, boot, dev, etc, home, lib, mnt, media, sbin, usr, var​

"Binny’s boot doesn’t even have leather material; might sell used version"

Let's understand each of the Linux root-level directory functions:
bin: User Binary (bin) contains common commands like cd, ls, and ps etc used by all the systems.
boot: Contains Bootloader related information
dev: Device Files contains specials files to represent the attached devices tot he system such as USB etc. Also contain the VM's

etc.: contains configuration and system scripts such as the start/stop of each program. No binaries in this directory. A couple of key files in etc is 
  • passwd: This file contains information about all users accessing the machine, including their names, the path to their home directory, and all programs that start running when they log in.
  • shadow: This file contains the authentication info of the user, including username and salted password
  • profile:  Files and commands that start up at the login or startup and can be set at the Global Level.
  • networks:  Contains the names of the network that the system is located on.
  • hosts:  The file contains the machine IP address if it's connected to the network
  • cron: contains cron scripts
  • init.d: Malware uses it to hide and initiate execution upon the system startup
home: Contains Data files and config files of a paticular user
lib: contains software libraries and kernel modules required by /bin and /sbin
mnt:: Temporary Mounting point for the removable external and remote file system 
media: Mounted and Unmount information about each media like CD -Rom
sbin: System Administrator Binaries (sbin) contain root only binaries such is ifconfig, fdisk, \  
usr: Contains binaries that are used by a User
var: Contains Security and Application Logs. syslog, varlog, faillog, also contain /var/tmp


Note: Remember Linux Directories are case-sensitive

0 Comments



Leave a Reply.

    Archives

    August 2024
    May 2024
    December 2023

    Categories

    All
    Digital Forensics

    RSS Feed

  • Infosec
  • Mac Forensics
  • Windows Forensics
  • Linux Forensics
  • Memory Forensics
  • Incident Response
  • Blog
  • About Me
  • Infosec
  • Mac Forensics
  • Windows Forensics
  • Linux Forensics
  • Memory Forensics
  • Incident Response
  • Blog
  • About Me