Forensics on the Windows Platform, Part 1

Wednesday, 29 January 2003, 5:32 PM EST

Forensic examination of computer systems is commonly carried out by trained investigators using specialist hardware and software. The popularity of the Windows operating systems on both desktops and servers has made it a common source of evidence for such investigators. As a result, the range of tools available that can be used to analyze the Windows platform continues to grow. However, true forensic examination of a computer (i.e. where there may be a requirement to produce evidence in a court of law) does not take place only within the confines of a high-tech laboratory but also within the framework of current, relevant legislation and sometimes under the watchful eye of the media.

The experienced investigator knows that the success of a computer forensics investigation depends not only on the ability to uncover evidence from a computer system but also on the ability to follow proper methodology during the process of evidence collection and handling so that the evidence itself can be used in court. Such considerations may be of little interest to those whose goal is purely data recovery or intelligence gathering, but to forensic investigators engaged in the detection of crime or misconduct they remain of vital importance.

[ Read more ]




Spotlight

Cloned, booby-trapped Dark Web sites steal bitcoins, login credentials

Apart from being a way for dissidents and journalists to do their business without being spotted and identified by "the powers that be", the Dark Web is also a place where criminals sell and buy illegal wares and services and, apparently, where they also get robbed by scammers.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  
DON'T
MISS

Fri, Jul 3rd
    COPYRIGHT 1998-2015 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //