104
Chapter 10
Table 10-2:
Partition-Labeling System
Partition
Description
sda1
The first partition (1) on the first (a) SATA drive
sda2
The second (2) partition on the first (a) drive
sda3
The third (3) partition on the first (a) drive
sda4
The fourth (4) partition on the first (a) drive
At times, you may want to view the partitions on your Linux system to
see which ones you have and how much capacity is available in each. You
can do this by using the
fdisk
utility. Using the
-l
switch with
fdisk
lists all
the
partitions of all the drives, as shown in Listing 10-2.
kali >
fdisk -l
Disk /dev/sda: 20GiB, 21474836480 bytes, 41943040 sectors
Units: sectors of 1 * 512 = 512 bytes
Sector size (logical/physical): 512 bytes / 512 bytes
I/O size (minimum/optimal): 512 bytes / 512 bytes
Disk label type: dos
Disk identifier: 0x7c06cd70
Device Boot Start End Sectors Size Id Type
/dev/sda1 * 2048 39174143 39172096 18.7G 83 Linux
/dev/sda2 39176190 41940991 2764802 1.3G 5 Extended
/dev/sda5 39176192 41940991 2764800 1.3G 82 Linux swap /
Solaris
Disk /dev/sdb: 29.8 GiB, 31999393792 bytes, 62498816 sectors
Units: sectors of 1 * 512 = 512 bytes
Sector size (logical/physical): 512 bytes / 512 bytes
I/O size (minimum/optimal): 512 bytes / 512 bytes
Disk label type: dos
Disk identifier: 0xc3072e18
Device Boot Start End Sectors Size Id Type
/dev/sdb1 32 62498815 62498784 29.8G 7 HPFS/NTFS/exFAT
Listing 10-2: Listing partitions with fdisk
As you can see in Listing 10-2, the devices sda1, sda2, and sda5 are
listed in the first stanza. These three devices make
up the virtual disk from
my virtual machine, which is a 20GB drive with three partitions, including
the swap partition (sda5), which acts like virtual RAM—similar
to page
files in Windows—when RAM capacity is exceeded.
If you scan down Listing 10-2 to the third stanza, you see a second
device output designated sdb1—the
b label tells us that this drive is sepa-
rate from the first three devices. This is my 64GB flash drive.
Note that
fdisk
indicates that it is an HPFS/NTFS/ExFAT filesystem type. These file
types—High Performance File System (HPFS), New Technology File System
(NTFS), and Extended File Allocation Table (exFAT)—are
not native to
Linux systems but rather to macOS and Windows systems. It’s worth being
Filesystem and Storage Device Management
105
able to recognize file types native to different systems when you investigate.
The filesystem might indicate what kind of machine
the drive was format-
ted on, which can be valuable information. Kali is able to utilize USB flash
drives created on many different operating systems.
As you saw in Chapter 1, the Linux filesystem is structured significantly
differently than are Windows and other proprietary operating systems. On
top of this, the way files are stored and managed is different in Linux, too.
New versions of
Windows use an NTFS filesystem, whereas older Windows
systems use File Allocation Table (FAT) systems. Linux uses a number of
different types of filesystems, but the most common are ext2, ext3, and
ext4. These are all iterations of the ext (or
extended) filesystem, with ext4
being the latest.