michael37
August 18th, 2009, 12:09 AM
This is a fairly complex technical question about recovery of maliciously damaged partition table and file systems.
My laptop was configured to dual-boot Ubuntu and Windows. Windows partition was formatted under NTFS and was fully accessible (read/write) from Ubuntu using ntfs-3g. Linux partition was formatted as ext-3 and not accessible from Windows.
Someone intentionally damaged my partition table and possibly data on the Windows partition. The Windows partition now shows up as FAT32 in fdisk. I am able to mount this partition as vfat, but the FAT and the data shows up badly garbled. I suspect the label is wrong, but the real data underneath is still original NTFS.
Ubuntu partition was damaged too, but I was able to largely recover it. The computer now boots into Jaunty with no problems.
Question: which tools are available in Linux to dig inside a broken NTFS partition? I will likely need to manually find and identify Master File Tables and the rest of the NTFS metafiles. I am fairly comfortable with what I am doing around file systems, so no worries about damaging it more than it already is.
Thanks in advance for help.
My laptop was configured to dual-boot Ubuntu and Windows. Windows partition was formatted under NTFS and was fully accessible (read/write) from Ubuntu using ntfs-3g. Linux partition was formatted as ext-3 and not accessible from Windows.
Someone intentionally damaged my partition table and possibly data on the Windows partition. The Windows partition now shows up as FAT32 in fdisk. I am able to mount this partition as vfat, but the FAT and the data shows up badly garbled. I suspect the label is wrong, but the real data underneath is still original NTFS.
Ubuntu partition was damaged too, but I was able to largely recover it. The computer now boots into Jaunty with no problems.
Question: which tools are available in Linux to dig inside a broken NTFS partition? I will likely need to manually find and identify Master File Tables and the rest of the NTFS metafiles. I am fairly comfortable with what I am doing around file systems, so no worries about damaging it more than it already is.
Thanks in advance for help.