I have 2 very big files (27G and 40G), which are output of dd command on a failing hard drive.
I wanted to compare the first bytes to see if the 27G bytes is the begining/substring of the 40G.
I wanted to use head command. Since these files are binary, I used -c argument:
# ls -ahl *.dd
-rw-r--r-- 1 root root 40G May 17 20:16 mac.dd
-rw-r--r-- 1 root root 27G May 18 09:47 mac2.dd
Trying to get 1K of raw data:
# head -c1K mac.dd
(returns nothing)
Trying to get 1K with hexdump:
# head -c1K mac.dd | hexdump
0000000 0000 0000 0000 0000 0000 0000 0000 0000
*
0000400
(end)
Trying to get 10K with hexdump:
# head -c10K mac.dd | hexdump
0000000 0000 0000 0000 0000 0000 0000 0000 0000
*
0002800
(end)
Although:
Trying to get 100 bytes of raw data on /bin/ls:
# head -c100 /bin/ls
ELF>�H@@p�@8 @@@@@@�
Trying to get 100 bytes of hex data on /bin/ls:
# head -c100 /bin/ls | hexdump
0000000 457f 464c 0102 0001 0000 0000 0000 0000
0000010 0002 003e 0001 0000 4880 0040 0000 0000
0000020 0040 0000 0000 0000 b670 0001 0000 0000
0000030 0000 0000 0040 0038 0009 0040 001c 001b
0000040 0006 0000 0005 0000 0040 0000 0000 0000
0000050 0040 0040 0000 0000 0040 0040 0000 0000
0000060 01f8 0000
0000064
The results on the mac2.dd are exactly the same, but it seems the output is not really what I'm expecting so I don't think this means the files start with the same data.
Head on binary /bin/ls is what I was expecting.
I don't understand this output of dd files. Can anyone explain this to me please ?
Thank you.
