DOCSLIB.ORG

File System Forensic Analysis.Pdf

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
File System Forensic Analysis.Pdf Copyright Many of the designations used by manufacturers and sellers to distinguish their products are claimed as trademarks. Where those designations appear in this book, and the publisher was aware of a trademark claim, the designations have been printed with initial capital letters or in all capitals. The author and publisher have taken care in the preparation of this book, but make no expressed or implied warranty of any kind and assume no responsibility for errors or omissions. No liability is assumed for incidental or consequential damages in connection with or arising out of the use of the information or programs contained herein. The publisher offers excellent discounts on this book when ordered in quantity for bulk purchases or special sales, which may include electronic versions and/or custom covers and content particular to your business, training goals, marketing focus, and branding interests. For more information, please contact: U. S. Corporate and Government Sales (800) 382-3419 [email protected] For sales outside the U. S., please contact: International Sales [email protected] Visit us on the Web: www.awprofessional.com Library of Congress Catalog Number: 2004116962 Copyright © 2005 Pearson Education, Inc. All rights reserved. Printed in the United States of America. This publication is protected by copyright, and permission must be obtained from the publisher prior to any prohibited reproduction, storage in a retrieval system, or transmission in any form or by any means, electronic, mechanical, photocopying, recording, or likewise. For information regarding permissions, write to Pearson Education, Inc. Rights and Contracts Department One Lake Street Upper Saddle River, NJ 07458 Text printed in the United States on recycled paper at R. R. Donnelley in Crawfordsville, Indiana. First printing, March 2005 Dedication THIST BOOK IS DEDICATED TO MY GRANDPARENTS, HENRI, GABRIELLE, ALBERT, AND RITA Foreword Computer forensics is a relatively new field, and over the years it has been called many things: "computer forensics," "digital forensics," and "media analysis" to name a few. It has only been in the past few years that we have begun to recognize that all of our digital devices leave digital breadcrumbs and that these breadcrumbs are valuable evidence in a wide range of inquiries. While criminal justice professionals were some of the first to take an interest in this digital evidence, the intelligence, information security, and civil law fields have enthusiastically adopted this new source of information. Digital forensics has joined the mainstream. In 2003, the American Society of Crime Laboratory Directors–Laboratory Accreditation Board (ASCLD–LAB) recognized digital evidence as a full-fledged forensic discipline. Along with this acceptance came increased interest in training and education in this field. The Computer Forensic Educator's Working Group (now known as the Digital Forensic Working Group) was formed to assist educators in developing programs in this field. There are now over three-dozen colleges and universities that have, or are, developing programs in this field. More join their ranks each month. I have had the pleasure of working with many law enforcement agencies, training organizations, colleges, and universities to develop digital forensic programs. One of the first questions that I am asked is if I can recommend a good textbook for their course or courses. There have been many books written about this field. Most take a targeted approach to a particular investigative approach, such as incident response or criminal investigation. Some tend to be how-to manuals for specific tools. It has been hard to find a book that provides a solid technical and process foundation for the field . That is, until now. This book is the foundational book for file system analysis. It is thorough, complete, and well organized. Brian Carrier has done what needed to be done for this field. This book provides a solid understanding of both the structures that make up different file systems and how these structures work. Carrier has written this book in such a way that the readers can use what they know about one file system to learn another. This book will be invaluable as a textbook and as a reference and needs to be on the shelf of every digital forensic practitioner and educator. It will also provide accessible reading for those who want to understand subjects such as data recovery. When I was first approached about writing this Foreword, I was excited! I have known Brian Carrier for a number of years and I have always been impressed with his wonderful balance of incredible technical expertise and his ability to clearly explain not just what he knows but, more importantly, what you need to know. Brian's work on Autopsy and The Sleuth Kit (TSK) has demonstrated his command of this field—his name is a household name in the digital forensic community. I have been privileged to work with Brian in his current role at Purdue University, and he is helping to do for the academic community what he did for the commercial sector: He set a high standard. So, it is without reservation that I recommend this book to you. It will provide you with a solid foundation in digital media. Mark M. Pollitt President, Digital Evidence Professional Services, Inc. Retired Director of the FBI's Regional Computer Forensic Laboratory Program Preface One of the biggest challenges that I have faced over the years while developing The Sleuth Kit (TSK) has been finding good file and volume system (such as partition tables, RAID, and so on) documentation. It also has been challenging to explain to users why certain files cannot be recovered or what to do when a corrupt file system is encountered because there are no good references to recommend. It is easy to find resources that describe file systems at a high level, but source code is typically needed to learn the details. My goal for this book is to fill the void and describe how data are stored on disk and describe where and how digital evidence can be found. There are two target audiences for this book. One is the experienced investigator that has learned about digital investigations from real cases and using analysis tools. The other is someone who is new to the field and is interested in learning about the general theory of an investigation and where digital evidence may exist but is not yet looking for a book that has a tutorial on how to use a specific tool. The value of the material in this book is that it helps to provide an education rather than training on a specific tool. Consider some of the more formal sciences or engineering disciplines. All undergraduates are required to take a couple of semesters of physics, chemistry, or biology. These courses are not required because the students will be using all the material for the rest of their careers. In fact, software and equipment exist to perform many of the calculations students are forced to memorize. The point of the classes is to provide students with insight about how things work so that they are not constrained by their tools. The goal of this book is to provide an investigator with an education similar to what Chemistry 101 is to a chemist in a forensics lab. The majority of digital evidence is found on a disk, and knowing how and why the evidence exists can help an investigator to better testify about it. It also will help an investigator find errors and bugs in his analysis tools because he can conduct sanity checks on the tool output. The recent trends in digital investigations have shown that more education is needed. Forensic labs are being accredited for digital evidence, and there are debates about the required education and certification levels. Numerous universities offer courses and even Master's degrees in computer forensics. Government and university labs are conducting theoretical research in the area and focusing on future, as well as current, problems. There are also peer-reviewed journals for publishing research and investigation techniques. All these new directions require in-depth knowledge outside of a specific tool or technique. The approach of this book is to describe the basic concepts and theory of a volume and file system and then apply it to an investigation. For each file system, this book covers analysis techniques and special considerations that the investigator should make. Scenarios are given to reinforce how the information can be used in an actual case. In addition, the data structures associated with volume and file systems are given, and disk images are analyzed by hand so that you can see where the various data are located. If you are not interested in parsing data structures, you can skip the data structure chapters. Only non-commercial tools are used so that you can download them for free and duplicate the results on your systems. Roadmap This book is organized into three parts. Part 1 provides the basic foundations, and Parts 2 and 3 provide the technical meat of the book. The book is organized so that we move up the layers of abstraction in a computer. We start by discussing hard disks and then discuss how disks are organized into partitions. After we discuss partitions, we discuss the contents of partitions, which are typically a file system. Part 1, "Foundations," starts with Chapter 1, "Digital Investigation Foundations," and discusses the approach I take to a digital investigation. The different phases and guidelines are presented so that you know where I use the techniques described in this book. This book does not require that you use the same approach that I do. Chapter 2, "Computer Foundations," provides the computer foundations and describes data structures, data encoding, the boot process, and hard disk technology.
Load more

Recommended publications
  • Copy on Write Based File Systems Performance Analysis and Implementation
    Copy On Write Based File Systems Performance Analysis And Implementation Sakis Kasampalis Kongens Lyngby 2010 IMM-MSC-2010-63 Technical University of Denmark Department Of Informatics Building 321, DK-2800 Kongens Lyngby, Denmark Phone +45 45253351, Fax +45 45882673 [email protected] www.imm.dtu.dk Abstract In this work I am focusing on Copy On Write based file systems. Copy On Write is used on modern file systems for providing (1) metadata and data consistency using transactional semantics, (2) cheap and instant backups using snapshots and clones. This thesis is divided into two main parts. The first part focuses on the design and performance of Copy On Write based file systems. Recent efforts aiming at creating a Copy On Write based file system are ZFS, Btrfs, ext3cow, Hammer, and LLFS. My work focuses only on ZFS and Btrfs, since they support the most advanced features. The main goals of ZFS and Btrfs are to offer a scalable, fault tolerant, and easy to administrate file system. I evaluate the performance and scalability of ZFS and Btrfs. The evaluation includes studying their design and testing their performance and scalability against a set of recommended file system benchmarks. Most computers are already based on multi-core and multiple processor architec- tures. Because of that, the need for using concurrent programming models has increased. Transactions can be very helpful for supporting concurrent program- ming models, which ensure that system updates are consistent. Unfortunately, the majority of operating systems and file systems either do not support trans- actions at all, or they simply do not expose them to the users.
    [Show full text]
  • Proceedings of the Bsdcon 2002 Conference
    USENIX Association Proceedings of the BSDCon 2002 Conference San Francisco, California, USA February 11-14, 2002 THE ADVANCED COMPUTING SYSTEMS ASSOCIATION © 2002 by The USENIX Association All Rights Reserved For more information about the USENIX Association: Phone: 1 510 528 8649 FAX: 1 510 548 5738 Email: [email protected] WWW: http://www.usenix.org Rights to individual papers remain with the author or the author's employer. Permission is granted for noncommercial reproduction of the work for educational or research purposes. This copyright notice must be included in the reproduced paper. USENIX acknowledges all trademarks herein. Rethinking /devand devices in the UNIX kernel Poul-Henning Kamp <[email protected]> The FreeBSD Project Abstract An outstanding novelty in UNIX at its introduction was the notion of ‘‘a file is a file is a file and evenadevice is a file.’’ Going from ‘‘hardware only changes when the DEC Field engineer is here’’to‘‘my toaster has USB’’has put serious strain on the rather crude implementation of the ‘‘devices as files’’concept, an implementation which has survivedpractically unchanged for 30 years in most UNIX variants. Starting from a high-levelviewofdevices and the semantics that have grown around them overthe years, this paper takes the audience on a grand tour of the redesigned FreeBSD device-I/O system, to convey anoverviewofhow itall fits together,and to explain whythings ended up as theydid, howtouse the newfeatures and in particular hownot to. 1. Introduction tax and meaning, so that a program expecting a file name as a parameter can be passed a device name; There are really only twofundamental ways to concep- finally,special files are subject to the same protec- tualise I/O devices in an operating system: The usual tion mechanism as regular files.
    [Show full text]
  • The Linux Kernel Module Programming Guide
    The Linux Kernel Module Programming Guide Peter Jay Salzman Michael Burian Ori Pomerantz Copyright © 2001 Peter Jay Salzman 2007−05−18 ver 2.6.4 The Linux Kernel Module Programming Guide is a free book; you may reproduce and/or modify it under the terms of the Open Software License, version 1.1. You can obtain a copy of this license at http://opensource.org/licenses/osl.php. This book is distributed in the hope it will be useful, but without any warranty, without even the implied warranty of merchantability or fitness for a particular purpose. The author encourages wide distribution of this book for personal or commercial use, provided the above copyright notice remains intact and the method adheres to the provisions of the Open Software License. In summary, you may copy and distribute this book free of charge or for a profit. No explicit permission is required from the author for reproduction of this book in any medium, physical or electronic. Derivative works and translations of this document must be placed under the Open Software License, and the original copyright notice must remain intact. If you have contributed new material to this book, you must make the material and source code available for your revisions. Please make revisions and updates available directly to the document maintainer, Peter Jay Salzman <[email protected]>. This will allow for the merging of updates and provide consistent revisions to the Linux community. If you publish or distribute this book commercially, donations, royalties, and/or printed copies are greatly appreciated by the author and the Linux Documentation Project (LDP).
    [Show full text]
  • Non-Binary Analysis
    The Art of Mac Malware: Analysis p. wardle (The Art of Mac Malware) Volume 1: Analysis Chapter 0x5: Non-Binary Analysis Note: This book is a work in progress. You are encouraged to directly comment on these pages ...suggesting edits, corrections, and/or additional content! To comment, simply highlight any content, then click the icon which appears (to the right on the document’s border). 1 The Art of Mac Malware: Analysis p. wardle Content made possible by our Friends of Objective-See: ​ ​ Airo SmugMug Guardian Firewall SecureMac iVerify Halo Privacy In the previous chapter, we showed how the file utility [1] can be used to effectively ​ ​ identify a sample’s file type. File type identification is important as the majority of static analysis tools are file type specific. Now, let’s look at various file types one commonly encounters while analyzing Mac malware. As noted, some file types (such as disk images and packages) are simply the malware’s “distribution packaging”. For these file types, the goal is to extract the malicious contents (often the malware’s installer). Of course, Mac malware itself comes in various file formats, such as scripts and binaries. For each file type, we’ll briefly discuss its purpose, as well as highlight static analysis tools that can be used to analyze the file format. Note: This chapter focuses on the analysis of non-binary file formats (such as scripts). ​ ​ Subsequent chapters will dive into macOS’s binary file format (Mach-O), as well as discuss both analysis tools and techniques. 2 The Art of Mac Malware: Analysis p.
    [Show full text]
  • Oracle® Linux 7 Release Notes for Oracle Linux 7.2
    Oracle® Linux 7 Release Notes for Oracle Linux 7.2 E67200-22 March 2021 Oracle Legal Notices Copyright © 2015, 2021 Oracle and/or its affiliates. This software and related documentation are provided under a license agreement containing restrictions on use and disclosure and are protected by intellectual property laws. Except as expressly permitted in your license agreement or allowed by law, you may not use, copy, reproduce, translate, broadcast, modify, license, transmit, distribute, exhibit, perform, publish, or display any part, in any form, or by any means. Reverse engineering, disassembly, or decompilation of this software, unless required by law for interoperability, is prohibited. The information contained herein is subject to change without notice and is not warranted to be error-free. If you find any errors, please report them to us in writing. If this is software or related documentation that is delivered to the U.S. Government or anyone licensing it on behalf of the U.S. Government, then the following notice is applicable: U.S. GOVERNMENT END USERS: Oracle programs (including any operating system, integrated software, any programs embedded, installed or activated on delivered hardware, and modifications of such programs) and Oracle computer documentation or other Oracle data delivered to or accessed by U.S. Government end users are "commercial computer software" or "commercial computer software documentation" pursuant to the applicable Federal Acquisition Regulation and agency-specific supplemental regulations. As such, the use, reproduction, duplication, release, display, disclosure, modification, preparation of derivative works, and/or adaptation of i) Oracle programs (including any operating system, integrated software, any programs embedded, installed or activated on delivered hardware, and modifications of such programs), ii) Oracle computer documentation and/or iii) other Oracle data, is subject to the rights and limitations specified in the license contained in the applicable contract.
    [Show full text]
  • CD-ROM, CD-R, CD-RW, and DVD-ROM Drives) Are the Hardware Devices That Read Computer Data from Disks
    A Brief History of CD/DVD The first disc that could be written and read by optical means (using light as a medium) was developed by James T. Russell. In the late 1960s, Russell created a system that recorded, stored, and played audio/video data using light rather than the traditional contact methods, which could easily damage the disks during playback. Russell developed a photosensitive disc that stored data as 1 micron-wide dots of light and dark. The dots were read by a laser, converted to an electrical signal, and then to audio or visual display for playback. Russell's own company manufactured the first disc player in 1980, although the technology never reached the marketplace until Philips and Sony developed the technology. In late 1982, Philips and Sony released the first of the compact disc (CD) formats, which they then called CD-DA (digital audio). In the years since, format has followed format as the original companies and other industry members developed more adaptations of the original specifications. Digital Versatile disc (DVD) had its beginning in 1994, when two formats, Super disc (SD) and Multimedia CD (MMCD) were introduced. Promoters of the competing technologies failed to reach an agreement on a single standard until 1996, when DVD was selected as a convergence format. DVD has, in the few years since, grown to include variations that do anything that CD does, and more efficiently. Standardization and compatibility issues aside, DVD is well-placed to supplant CD. Magnetic vs Optical Media Optical media are storage media that hold information in digital form and that are written and read by a laser; these media include all the various CD and DVD variations, as well as optical jukeboxes and autochangers.
    [Show full text]
  • Imagen Y Diseño # Nombre 1 10 Christmas Templates 2 10 DVD
    Imagen Y Diseño # Nombre 1 10 Christmas Templates 2 10 DVD Photoshop PSD layer 3 10 Frames for Photoshop 4 1000 famous Vector Cartoons 5 114 fuentes de estilo Rock and Roll 6 12 DVD Plantillas Profesionales PSD 7 12 psd TEMPLATE 8 123 Flash Menu 9 140 graffiti font 10 150_Dreamweaver_Templates 11 1600 Vector Clip Arts 12 178 Companies Fonts, The Best Collection Of Fonts 13 1800 Adobe Photoshop Plugins 14 2.900 Avatars 15 20/20 Kitchen Design 16 20000$ Worth Of Adobe Fonts! with Adobe Type Manager Deluxe 17 21000 User Bars - Great Collection 18 240+ Gold Plug-Ins for Adobe Dreamweaver CS4 19 30 PSD layered for design.Vol1 20 300.000 Animation Gif 21 32.200 Avatars - MEGA COLLECTION 22 330 templates for Power Point 23 3900 logos de marcas famosas en vectores 24 3D Apartment: Condo Designer v3.0 25 3D Box Maker Pro 2.1 26 3D Button Creator Gold 3.03 27 3D Home Design 28 3D Me Now Professional 1.5.1.1 -Crea cabezas en 3D 29 3D PaintBrush 30 3D Photo Builder Professional 2.3 31 3D Shadow plug-in for Adobe Photoshop 32 400 Flash Web Animations 33 400+ professional template designs for Microsoft Office 34 4000 Professional Interactive Flash Animations 35 44 Cool Animated Cards 36 46 Great Plugins For Adobe After Effects 37 50 BEST fonts 38 5000 Templates PHP-SWISH-DHTM-HTML Pack 39 58 Photoshop Commercial Actions 40 59 Unofficial Firefox Logos 41 6000 Gradientes para Photoshop 42 70 POSTERS Alta Calidad de IMAGEN 43 70 Themes para XP autoinstalables 44 73 Custom Vector Logos 45 80 Golden Styles 46 82.000 Logos Brands Of The World 47 90 Obras
    [Show full text]
  • Developer Guide(KAE Encryption & Decryption)
    Kunpeng Acceleration Engine Developer Guide(KAE Encryption & Decryption) Issue 15 Date 2021-08-06 HUAWEI TECHNOLOGIES CO., LTD. Copyright © Huawei Technologies Co., Ltd. 2021. All rights reserved. No part of this document may be reproduced or transmitted in any form or by any means without prior written consent of Huawei Technologies Co., Ltd. Trademarks and Permissions and other Huawei trademarks are trademarks of Huawei Technologies Co., Ltd. All other trademarks and trade names mentioned in this document are the property of their respective holders. Notice The purchased products, services and features are stipulated by the contract made between Huawei and the customer. All or part of the products, services and features described in this document may not be within the purchase scope or the usage scope. Unless otherwise specified in the contract, all statements, information, and recommendations in this document are provided "AS IS" without warranties, guarantees or representations of any kind, either express or implied. The information in this document is subject to change without notice. Every effort has been made in the preparation of this document to ensure accuracy of the contents, but all statements, information, and recommendations in this document do not constitute a warranty of any kind, express or implied. Issue 15 (2021-08-06) Copyright © Huawei Technologies Co., Ltd. i Kunpeng Acceleration Engine Developer Guide(KAE Encryption & Decryption) Contents Contents 1 Overview....................................................................................................................................1
    [Show full text]
  • Master Boot Record Vs Guid Mac
    Master Boot Record Vs Guid Mac Wallace is therefor divinatory after kickable Noach excoriating his philosophizer hourlong. When Odell perches dilaceratinghis tithes gravitated usward ornot alkalize arco enough, comparatively is Apollo and kraal? enduringly, If funked how or following augitic is Norris Enrico? usually brails his germens However, half the UEFI supports the MBR and GPT. Following your suggested steps, these backups will appear helpful to restore prod data. OK, GPT makes for playing more logical choice based on compatibility. Formatting a suit Drive are Hard Disk. In this guide, is welcome your comments or thoughts below. Thus, making, or paid other OS. Enter an open Disk Management window. Erase panel, or the GUID Partition that, we have covered the difference between MBR and GPT to care unit while partitioning a drive. Each record in less directory is searched by comparing the hash value. Disk Utility have to its important tasks button activated for adding, total capacity, create new Container will be created as well. Hard money fix Windows Problems? MBR conversion, the main VBR and the backup VBR. At trial three Linux emergency systems ship with GPT fdisk. In else, the user may decide was the hijack is unimportant to them. GB even if lesser alignment values are detected. Interoperability of the file system also important. Although it hard be read natively by Linux, she likes shopping, the utility Partition Manager has endeavor to working when Disk Utility if nothing to remain your MBR formatted external USB hard disk drive. One station time machine, reformat the storage device, GPT can notice similar problem they attempt to recover the damaged data between another location on the disk.
    [Show full text]
  • ® Apple® A/UXTM Release Notes Version 1.0 Ii APPLE COMPUTER, INC
    .® Apple® A/UXTM Release Notes Version 1.0 Ii APPLE COMPUTER, INC. UNIBUS, VAX, VMS, and VT100 are trademarks of Digital © Apple Computer, Inc., 1986 Equipment Corporation. 20525 Mariani Ave. Cupertino, California 95014 Simultaneously published in the (408) 996-1010 United States and Canada. Apple, the Apple logo, APPLE'S SYSTEM V AppleTalk, ImageWriter, IMPLEMENTATION A/UX LaserWriter, Macintosh, RELEASE 1.0 RUNNING ON A MacTerminal, and ProDOS are MACINTOSH II COMPUTER registered trademarks of Apple HAS BEEN TESTED BY THE Computer, Inc. AT&T-IS' SYSTEM V VERIFICATION SUITE AND Apple Desktop Bus, A!UX, CONFORMS TO ISSUE 2 OF EtherTalk, and Finder are AT&T-IS' SYSTEM V trademarks of Apple Computer, INTERFACE DEFINITION Inc. BASE PLUS KERNEL Ethernet is a registered EXTENSIONS. trademark of Xerox Corporation. IBM is a registered trademark, and PC-DOS is a trademark, of International Business Machines, Inc. - ITC Avant Garde Gothic, ITC Garamond, and ITC Zapf Dingbats are registered trademarks of International Typeface Corporation. Microsoft and MS-DOS are registered trademarks of Microsoft Corporation. NFS is a registered trademark, and Sun Microsystems is a trademark, of Sun Microsystems, Inc. NuBus is a trademark of Texas Instruments. POSTSCRIPT is a registered trademark, and TRANSCRIPT is a trademark, of Adobe Systems Incorporated. UNIX is a registered trademark of AT&T Information Systems. Introduction to A/UX Release Notes, Version 1.0 These release notes contain late-breaking information about release 1.0 of the A!UXI'M software for the Apple® Macintosh® II computer. This package contains two kinds of materials: o Specific information that was not available in time to be incorporated into the printed manuals.
    [Show full text]
  • Guidelines on Mobile Device Forensics
    NIST Special Publication 800-101 Revision 1 Guidelines on Mobile Device Forensics Rick Ayers Sam Brothers Wayne Jansen http://dx.doi.org/10.6028/NIST.SP.800-101r1 NIST Special Publication 800-101 Revision 1 Guidelines on Mobile Device Forensics Rick Ayers Software and Systems Division Information Technology Laboratory Sam Brothers U.S. Customs and Border Protection Department of Homeland Security Springfield, VA Wayne Jansen Booz Allen Hamilton McLean, VA http://dx.doi.org/10.6028/NIST.SP. 800-101r1 May 2014 U.S. Department of Commerce Penny Pritzker, Secretary National Institute of Standards and Technology Patrick D. Gallagher, Under Secretary of Commerce for Standards and Technology and Director Authority This publication has been developed by NIST in accordance with its statutory responsibilities under the Federal Information Security Management Act of 2002 (FISMA), 44 U.S.C. § 3541 et seq., Public Law (P.L.) 107-347. NIST is responsible for developing information security standards and guidelines, including minimum requirements for Federal information systems, but such standards and guidelines shall not apply to national security systems without the express approval of appropriate Federal officials exercising policy authority over such systems. This guideline is consistent with the requirements of the Office of Management and Budget (OMB) Circular A-130, Section 8b(3), Securing Agency Information Systems, as analyzed in Circular A- 130, Appendix IV: Analysis of Key Sections. Supplemental information is provided in Circular A- 130, Appendix III, Security of Federal Automated Information Resources. Nothing in this publication should be taken to contradict the standards and guidelines made mandatory and binding on Federal agencies by the Secretary of Commerce under statutory authority.
    [Show full text]
  • Roxio Toast 17 Titanium User Guide
    Rax1a· toastTITANIUM··11 ¥a-t:;;J-�-@J USER GUIDE Roxio® Toast® 17 Titanium User Guide i Contents Getting Started 1 1 Installing The Software . 2 The Toast Main Window. 3 Burning Your First Disc With Toast . 5 Converting Video. 7 Choosing the Right Project . 7 About Discs . 9 Using the Media Browser . 10 Changing Recorder Settings . 13 Saving and Opening Toast Projects. 14 Erasing Discs . 15 Ejecting a Disc . 15 Toast Extras . 16 Technical Support Options . 19 Toast Titanium ii www.roxio.com Making Video Discs 21 2 Types of Video Discs . 22 Overview of Making a Video Disc. 23 Making a video disc with MyDVD . 24 Making a DVD or BD Video Disc . 25 Using Plug & Burn. 33 Making a DVD From VIDEO_TS Folders . 41 Making a VIDEO_TS Compilation. 44 Making a BDMV Folder Disc. 45 Creating an AVCHD Archive . 46 Making a video with Live Screen Capture 48 Editing videos with Toast Slice . 48 Editing Video . 48 Using Other Toast Features 51 3 Saving Disc Images . 52 Mounting Disc Images . 53 Comparing Files or Folders . 54 Creating a Temporary Partition . 55 Making Data Discs 57 4 What is a Data Disc?. 58 Toast Titanium Contents iii Types of Data Discs . 58 Overview of Making a Data Disc . 60 Burning Projects to Multiple Recorders . 61 Making a Mac Only Disc . 63 Making a Mac & PC Disc . 69 Making a DVD-ROM (UDF) Disc . 74 Making an ISO 9660 Disc . 75 Making a Photo Disc. 76 Encrypting a disc with Roxio Secure Burn. 77 Using Toast Dynamic Writing . 78 Making Audio Discs 79 5 What is an Audio Disc?.
    [Show full text]