The fast growth and rapid metamorphosis of the computer science and information technology come with a hoard of security and privacy issues. One is never 100 percent secure irrespective of the servers, operating system, and database management system they are using. Security wise, many sources allude that Linux OS beats MicrosoftÆs windows OS, but they can all be subjects to security and privacy breaches. When carrying out forensics investigations for the two, procedures may be the same or differ for various reasons such systemÆs architectural design and specifications.

You're lucky! Use promo "samples20"
and get a custom paper on
"Windows and Linux Forensics Investigations"
with 20% discount!
Order Now

The biggest contrast between windows and Linux forensics is that with windows one will have to look for data from various administrative accounts, while for Linux, investigations target one administrative account (Liu, 2011). The root, which is the only administrative account in Linux, has all the information about system control (Liu, 2011). Secondly, during Linux forensics, investigators can access all the files in a single OS, while this is not the case with MicrosoftÆs windows. This is possible because Linux uses a virtual file system (VFS) to merge all files (Liu, 2011). Thirdly, the criteria used for viewing file permissions differ in Linux and Windows. For Linux, one runs IS I common on specific file or directory, while in windows one finds this in the security tab by opening the registry artifacts.

The first similarity of windows and Linux forensics investigations is that same tools can be used in both cases. Secondly, both operating systems have permissions for files, which are important during forensics investigations (Bajgoric?, 2009). Thirdly, both operating systems have hierarchal file management systems (Bajgoric?, 2009). This helps in examination of physical hard drives. As a result, knowing the type of Operating System one is dealing with is a critical part in forensics investigation. It helps when determining the investigative approach.

  • Bajgoric?, N. (2009). Continuous computing technologies for enhancing business continuity. Hershey: Information Science Reference.
  • Liu, H. H. (2011). Software Performance and Scalability: A Quantitative Approach. New York, NY: John Wiley & Sons.