Page 2 of 3 FirstFirst 123 LastLast
Results 11 to 20 of 22

Thread: General Security and Encryption Questions

  1. #11
    Senior Member nihil's Avatar
    Join Date
    Jul 2003
    Location
    United Kingdom: Bridlington
    Posts
    17,188
    One of my main concerns, is weather or not the CMD / Run does anything.
    Probably not as much as you might at first think. What you have done is removed the immediate acess to a utility for a particular user or user group. The utility is still there, and they could probably (?) still run it using a different route.

    I may well be wrong, but I would normally associate what you have done with limiting users at the physical access level................ at least with NT 4.0 and Windows 2000 Pro. I am not so sure about XP, and haven't even tried with Vista, W7 or W8.

    A few more random thoughts:

    1. Rename the administrator account.............. it's hard to find something you don't know the name of?

    2. Disable "autorun" .............. it's Microsoft's very own malware installation utility

    3. Create a backup image and keep it up to date. It's a lot easier to wipe and re-image if the worst happens

    4. Possibly total overkill, but you might look at "Deep Freeze" or similar utility? I know there is a free one out there, but I cannot remember its name.

    It holds an image of the "clean" system, and re-installs it on reboot. It is used a lot in schools, public libraries and the like, as it automatically kills keyloggers, sniffers and other malware. This works particularly well if you have stroked your hard drive.

  2. #12
    Member
    Join Date
    Dec 2011
    Posts
    35
    Quote Originally Posted by nihil View Post
    2. Disable "autorun" .............. it's Microsoft's very own malware installation utility

    3. Create a backup image and keep it up to date. It's a lot easier to wipe and re-image if the worst happens

    4. Possibly total overkill, but you might look at "Deep Freeze" or similar utility? I know there is a free one out there, but I cannot remember its name.
    #2 I always do.

    #3 I really can't do ATM, because I'm on a RAID-0 machine (not enough spare HDDs... nor is it a big issue to "redo" my installs, because my XP cd is already hot-fixed with the most recently updates. Don't have too many games/programs installed either.

    #4 Is that basically the same thing as running a hidden OS and keeping the main running OS in a virtual protected environment?
    If that's the case, isn't it still prone to very sophisticated rootkits?

  3. #13
    Senior Member nihil's Avatar
    Join Date
    Jul 2003
    Location
    United Kingdom: Bridlington
    Posts
    17,188
    #4 Is that basically the same thing as running a hidden OS and keeping the main running OS in a virtual protected environment?
    No, it is a different approach, which is why I suggested "overkill"

    What happens here is that the user goes and starts the machine and the OS boots up.

    They use the machine for whatever, then logoff.

    The next user restarts and the application re-images the drive. This is very fast because it is imaging rather than installation.

    Your response to #3 is somewhat related, as my imaging solution is one hell of a lot faster than a wipe and reinstall.

  4. #14
    Senior Member gore's Avatar
    Join Date
    Oct 2002
    Location
    Michigan
    Posts
    7,177
    I don't know if this is possible in Windows XP, but one thing you may find of interest, is from the FreeBSD world called "Jails" which is pretty easy to work with. PC-BSD has them too since PC-BSD really is just FreeBSD with a paint job, and some customized apps that make it really easy to use, and of course, you don't have to configure a thing from the shell, which people who don't know Unix of course like, and, also, it's got one click installs of software; You don't have to compile anything if you don't want to, and you also don't have to use a Shell to download and install apps at all.

    Look into FreeBSD Jails, and Sandboxes... Those are two things I haven't seen mentioned, and I think no one mentioned either because, I don't even know if they exist on Windows XP. You could look though. I mean just because they weren't made for Windows doesn't mean you can't use them; The Source Code for all of it IS available after all. I just don't know if anyone has done this.

    Do you have an upgrade path thought out at all yet? Nihil was incredibly right about how you really should try to upgrade to 7. Windows 7 doesn't have the same retarded Admin Account auto log in by default with no password, and it also finally stole the idea of running an application with admin rights as opposed to logging in as admin, and then running it directly from the account, which, Honestly, it's about damn time.

    EDIT:

    I just saw Nihil's Reply, and I just wanted to point out that, again, he's right, you don't have to worry about it taking forever, since it isn't doing a true Installation, which, really, that would be a total pain in the ass; You'd have to sit there while it installed, and once it did, you'd have one hell of a time trying to get all those updates installed which, all of them need a reboot lol, which is sort of funny because you'd create an infinite loop in a way; You'd reboot to install an update, and that in turn, would start a fresh install. So I guess that's one way of you knowing it isn't doing a fresh install
    Last edited by gore; December 31st, 2011 at 10:09 PM.

  5. #15
    Senior Member
    Join Date
    Mar 2008
    Posts
    262
    For simple browsing where speed is not very important I use a virtual machine.
    When I'm done I shut it down without saving any changes to the virtual disk.

  6. #16
    Member
    Join Date
    Dec 2011
    Posts
    35
    Okay, I have two more final questions for this thread (might be slightly redundant)...

    Is there any point in encrypting a desktop computer (home) when I know no one will have physical access to it?

    If my HDD data is encrypted, will a hacker be able to view my data if my system becomes compromised?
    (Assume he doesn't use memory dump command to get my key... I'm screwed no matter what if I'm compromised that badly.)

    I know encryption is important for laptops in the event they become stolen (physical access)... but I'm not sure about remote access.
    Last edited by dredogol; January 3rd, 2012 at 03:43 AM.

  7. #17
    Senior Member nihil's Avatar
    Join Date
    Jul 2003
    Location
    United Kingdom: Bridlington
    Posts
    17,188
    Is there any point in encrypting a desktop computer (home) when I know no one will have physical access to it?
    I would say not, as it is more of a precaution to protect data in transit. At most I would encrypt files that contain sensitive information.

    If my HDD data is encrypted, will a hacker be able to view my data if my system becomes compromised?
    Yes. Particularly with encryption that just encrypts the whole drive, then decrypts it when you log on. Obviously, if your machine is stolen, you don't logon and the encryption is still in place.

    Assume he doesn't use memory dump command to get my key
    I don't know about you, but if that happened on any of my XP boxes I would know about it

    Anyway, If an attacker can do that you must have already decrypted the drive?

  8. #18
    Member
    Join Date
    Dec 2011
    Posts
    35
    Thanks nihil.
    Those answers basically determined how I will be redoing my computer here in a few days.

    Oh... you're saying it would be better (in my case) to just encrypt a certain (non os partition/folder) of my HDD, and only mount it when in use, or use an external hdd/usb drive.
    (though I don't thing Truecrypt supported thumb drives...)

    Only problem is, any time I were to access my "secure" data with this method, I would have data leaks on my OS... unless I ran from a Live CD and never write anything to the OS partition or swap file partition.
    Last edited by dredogol; January 3rd, 2012 at 06:42 AM.

  9. #19
    Senior Member nihil's Avatar
    Join Date
    Jul 2003
    Location
    United Kingdom: Bridlington
    Posts
    17,188
    Oh... you're saying it would be better (in my case) to just encrypt a certain (non os partition/folder) of my HDD, and only mount it when in use, or use an external hdd/usb drive.
    (though I don't thing Truecrypt supported thumb drives...)
    Yes, that's it, far less overhead if you don't have much confidential data, and you can be selective on a file/folder basis.

    I don't know about truecrypt, but I would have thought that it supported USB external drives?

    Anyways, your thumb srive should come with security software pre-installed, if not there are loads of free ones available.

    Obviously, as soon as you open stuff it becomes available, only less so if you are not connected to the internet.

    There is a Registry setting to wipe the pagefile on shutdown. I believe it is only a single pass, but that should be adequate to deter remote attackers.

    You might change your dump settings to only allow the minidumps. I don't think that they contain anything confidential?

  10. #20
    Member
    Join Date
    Dec 2011
    Posts
    35
    Quote Originally Posted by nihil View Post
    There is a Registry setting to wipe the pagefile on shutdown. I believe it is only a single pass, but that should be adequate to deter remote attackers.
    I do that now, and shutdown takes forever since I have 8GB of page...

    Oh, did you know during the XP install process, it only does a quick LBA wipe + DiskCheck when you choose 'regular' format right before the OS installs... and not a 1-pass wipe, which is dumb. I think Vista & Win7 both do a proper 1-pass wipe.

    Quote Originally Posted by nihil View Post
    You might change your dump settings to only allow the minidumps. I don't think that they contain anything confidential?
    Oh... was there an option under XP GroupPolicies to restrict that!
    Last edited by dredogol; January 3rd, 2012 at 10:14 AM.

Similar Threads

  1. Windows Error Messages
    By cheyenne1212 in forum Miscellaneous Security Discussions
    Replies: 7
    Last Post: February 1st, 2012, 02:51 PM
  2. An Introduction to Cryptography, and Common Electronic Cryptosystems – Part I
    By 576869746568617 in forum Cryptography, Steganography, etc.
    Replies: 1
    Last Post: July 10th, 2006, 10:38 PM
  3. Tips
    By XTC46 in forum Site Feedback/Questions/Suggestions
    Replies: 15
    Last Post: August 24th, 2005, 07:52 PM
  4. Tcp/ip
    By gore in forum Newbie Security Questions
    Replies: 11
    Last Post: December 29th, 2003, 08:01 AM
  5. NEWS: This weeks security news.
    By xmaddness in forum Miscellaneous Security Discussions
    Replies: 7
    Last Post: September 12th, 2002, 10:33 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •