HardDrive Protection
Page 1 of 2 12 LastLast
Results 1 to 10 of 14

Thread: HardDrive Protection

  1. #1
    Member
    Join Date
    Mar 2002
    Posts
    42

    Question HardDrive Protection

    Hi every one,

    my question is that , i have a hard disk, which i want no body to have access on. I have both xp and linux installed in it , but the problem is that i dont want that the NTFS patitions and ext3 should be accessible if my hard disk was configured as slave and windows loaded from an other hard drive. is there any possible solution , so that only the one with window and linux password should have access to the data. Thanks alot.
    Always From Better to Best

  2. #2
    Senior Member nihil's Avatar
    Join Date
    Jul 2003
    Location
    United Kingdom: Bridlington
    Posts
    17,190
    Hi,

    I am not sure that I understand you correctly or fully, but I would advise you that if I have physical access to your hard drive then I can get the data off it.

    Password protection will not provide physical security. Even encryption can be broken, all you are doing is buying time.

    A simple solution is to have removable hard drives and dismount them when not in use and lock them in a secure environment. Basically all you need is a chassis that fits into your 5.25" drive bay and takes a regular 3.5" hard drive. I guess that these cost between $15 and $25.


  3. #3
    Member
    Join Date
    Jun 2004
    Posts
    77

    Re: HardDrive Protection

    Originally posted here by Hazarawood
    Hi every one,

    my question is that , i have a hard disk, which i want no body to have access on. I have both xp and linux installed in it , but the problem is that i dont want that the NTFS patitions and ext3 should be accessible if my hard disk was configured as slave and windows loaded from an other hard drive. is there any possible solution , so that only the one with window and linux password should have access to the data. Thanks alot.
    one way is to use encryption
    Linux: http://www.linux.com/howtos/Disk-Enc...oduction.shtml
    Windows: google for disk encryption?

  4. #4
    Member
    Join Date
    Mar 2002
    Posts
    42
    does windows xp have support for drive encryption , what i was able to found about was encryption on file or folder
    Always From Better to Best

  5. #5
    Senior Member nihil's Avatar
    Join Date
    Jul 2003
    Location
    United Kingdom: Bridlington
    Posts
    17,190
    Hazarawood be careful old chap.

    If you encrypt a DRIVE how are you going to open it in Windows, as you will have encrypted that as well?

    I still say that it boils down to physical access.



    EDIT: A few questions:

    1. Is this the only hard drive on the machine?
    2. Do other people use the machine?
    3. Do other people have unsupervised physical access to the machine?
    4. How important/valuable is the information on this drive? Not so much to you, but to other people?
    5. How "current" are the data. By that I mean do the data become valuless after a period of time?

    I am trying to do a little risk analysis so that we can suggest a sensible solution.

  6. #6
    Senior Member
    Join Date
    May 2003
    Posts
    1,199
    I agree with nihil...If I can get to the box, If I want whats on it, it will be mine. a removeable hard drive would be the way to go.
    Everyone is going to die, I am just as good of a reason as any.

    http://think-smarter.blogspot.com

  7. #7
    Member
    Join Date
    Jun 2004
    Posts
    77
    Originally posted here by nihil
    Hazarawood be careful old chap.

    If you encrypt a DRIVE how are you going to open it in Windows, as you will have encrypted that as well?

    I still say that it boils down to physical access.



    EDIT: A few questions:

    1. Is this the only hard drive on the machine?
    2. Do other people use the machine?
    3. Do other people have unsupervised physical access to the machine?
    4. How important/valuable is the information on this drive? Not so much to you, but to other people?
    5. How "current" are the data. By that I mean do the data become valuless after a period of time?

    I am trying to do a little risk analysis so that we can suggest a sensible solution.
    http://www.ce-infosys.com.sg/CeiProd..._compusec.asp?
    It depends on the tools that one use to encrypt. he/she have to use back that tool to be able to see what's encrypted.

  8. #8
    Senior Member nihil's Avatar
    Join Date
    Jul 2003
    Location
    United Kingdom: Bridlington
    Posts
    17,190
    ghostmachine

    I think that you are slightly missing the point? The original question was:

    i have a hard disk, which i want no body to have access on. I have both xp and linux installed in it , but the problem is that i dont want that the NTFS patitions and ext3 should be accessible if my hard disk was configured as slave and windows loaded from an other hard drive
    The part in bold is the important bit. This is where the drive, or a copy of it has been put on another machine.

    We need to know more details of the environment and the security requirement? For example, Hazarawood has not said if his concern is data theft or data loss?

    It is a fundamental rule that nothing that is accessible is absolutely safe. What you try to do is create a situation where the attacker will not be prepared to give the time and resouces required to break it, or will delay them long enough for the data to be useless

  9. #9
    Member
    Join Date
    Jun 2004
    Posts
    77
    Originally posted here by nihil
    ghostmachine

    I think that you are slightly missing the point? The original question was:



    The part in bold is the important bit. This is where the drive, or a copy of it has been put on another machine.

    We need to know more details of the environment and the security requirement? For example, Hazarawood has not said if his concern is data theft or data loss?

    It is a fundamental rule that nothing that is accessible is absolutely safe. What you try to do is create a situation where the attacker will not be prepared to give the time and resouces required to break it, or will delay them long enough for the data to be useless
    thanks, i understand that

    i was referring to "If you encrypt a DRIVE how are you going to open it in Windows, as you will have encrypted that as well?"
    So i said it depends on the tools used.
    Sorry for that.

  10. #10
    Senior Member nihil's Avatar
    Join Date
    Jul 2003
    Location
    United Kingdom: Bridlington
    Posts
    17,190
    ghostmachine

    I was actually referring to this post:

    does windows xp have support for drive encryption , what i was able to found about was encryption on file or folder
    The tool you gave a link to gets round this problem by starting from the BIOS/CMOS?

    1. You power up and it asks for a password.....................that technology is very old, and easily circumvented.

    2. On the next boot, it will get me to the drive decryption password..........which I would already have extracted and cracked...........so I type it in and it loads the operating system and all his files, nicely decrypted for me.

    My points were that you cannot decrypt from within an operating system, if you have encryped it as well. And if you allow physical access you have very little security at all.

    Supposing in step #2 I booted from a floppy or CD and reformatted his hard drive then overwrote the blank space 7 times?

    This is why I have asked for more information on the security requirement and the environment.

    If it is just to stop the office cleaners or security guard playing on your machine whilst you are out, then your tool would probably do just fine.............they will just wander off and find one that isn't protected.


Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •