Tilted Forum Project Discussion Community - View Single Post

Hain · 12-10-2007, 02:16 PM

[anchor]SECURITY[/anchor]
[anchorlink=RECENT UPDATES]Augi's list[/ANCHORLINK] | [ANCHORLINK= The Open Source/Freeware/Gratis Software Thread]Biznatch's List[/anchorlink]
These tools provide full time security. For further security applications please see [anchorlink=DIAGNOSTIC TOOLS]Diagnostic Tools[/ANCHORLINK].

[ANCHOR](Avira) AntiVir Personal[/ANCHOR] (Homepage)(Filehippo)(?)(W,L) - "Protects your computer against dangerous viruses, worms, Trojans and costly dialers." - Every German and his mother run Avira software. Seems to be on par with AVG Free Edition.
Antivirus Alternatives click to show
- [ANCHOR]AVG Anti-Virus Free Edition[/ANCHOR] (Homepage)(Filehippo)(5/5)(W,L) - "Rapid virus database updates are available for the lifetime of the product, thereby providing the high-level of detection capability that millions of users around the world trust to protect their computers." - Frequent updates and minimal system requirements make it a must.
- [ANCHOR](Kaspersky) Anti-Virus[/ANCHOR] (Homepage)(Filehippo)(TRIALWARE)(W) - "the backbone of your PC’s security system, offering protection from a range of IT threats.Kaspersky Anti-Virus 2009 provides the basic tools needed to protect your PC." - Never personally used this software, however, a hacker friend of mine, whom has made it his personal goal in life to demonstrate that no one is safe on the internet, BOUGHT this software after trying it.
[ANCHOR]AxCrypt[/ANCHOR] (Homepage)(Filehippo)(1/5)(W) - "AxCrypt is free and easy to use open source strong file encryption for Windows 95/98/ME/NT/2K/XP, integrated with Windows Explorer. Encrypt, compress, decrypt, wipe, view and edit with a few mouse clicks" - A simple solution for file encryption. If security is a concern, please see TrueCrypt. ([ANCHORLINK=AxCrypt]link here[/ANCHORLINK])
[ANCHOR]KeePass Password Safe[/ANCHOR] (Homepage)(Filehippo)(5/5)(W,L) - "manage your passwords in a secure way. You can put all your passwords in one database, which is locked with one master key or a key file. So you only have to remember one single master password or select the key file to unl" - Simply excellent. Don't leave yourself unsecure using a single password. Never forget a password again. I recommend using the portable version. ([ANCHORLINK=KeePass Password Safe]link here[/ANCHORLINK])
[ANCHOR]KeePass Password Safe Portable[/ANCHOR] (Homepage)(5/5)(W) - "the popular KeePass Password Safe packaged as a portable app, so you can securely carry your email, internet and other passwords with you. You can place it on your USB flash drive, iPod, portable hard drive or a CD and use it on any computer, without leaving any personal information behind." - Even better than the original! Portable Keepass is the sweetest since I never need worry about Keepass leaving anything behind on a system. ([ANCHORLINK=KeePass Password Safe Portable]link here[/ANCHORLINK])
[ANCHOR]PeerGuardian[/ANCHOR] (Homepage)(Filehippo)(4/5)(W) - "Phoenix Labs’ premier IP blocker for Windows. PeerGuardian 2 integrates support for multiple lists, list editing, automatic updates, and blocking all of IPv4 (TCP, UDP, ICMP, etc), making it the safest and easiest way to protect your privacy on P2P." - A must for anyone wishing to suppliment a firewall to help stop unwanted peers, and even unwanted ads. ([ANCHORLINK=PeerGuardian]link here[/ANCHORLINK])
IP Blocker Alternatives click to show
- [ANCHOR]MoBlock[/ANCHOR] (Homepage)(?)(L) - "a linux console application that blocks connections from/to hosts listed in a file in peerguardian format (guarding.p2p)." - Recommended by PhoenixLabs, the creators of PeerGuardian, as a linux solution replacement while there is no PG2 for linux. Untested by me.
[ANCHOR]Spybot Search & Destroy[/ANCHOR] (Homepage)(Filehippo)(5/5)(W) - "Spybot - Search & Destroy detects and removes spyware, a relatively new kind of threat not yet covered by common anti-virus applications." - This coupled with the registry watcher known as "Tea Timer" make it an effective solution against spyware. ([ANCHORLINK=Spybot Search & Destroy]link here[/ANCHORLINK])
[ANCHOR]Sandboxie[/ANCHOR] (Homepage)(Filehippo)(5/5)(W) - "Sandboxie runs your programs in an isolated space which prevents them from making permanent changes to other programs and data in your computer." - Think of it as a condom for your computer. You get to do all that dirty stuff while still able to tie of that sandbox and throw it away--squeeky clean. I always run my browsers sandboxed. ([ANCHORLINK=Sandboxie]link here[/ANCHORLINK])
[ANCHOR]Tor[/ANCHOR] (Homepage)(4/5)(W,M,L) - "Tor is a software project that helps you defend against traffic analysis, a form of network surveillance that threatens personal freedom and privacy, confidential business activities and relationships, and state security. Tor protects you by bouncing your communications around a distributed network of relays run by volunteers all around the world" - I am pleased with this application. My email and messengers are routed through it, giving me some sense of security. ([ANCHORLINK=Tor]link here[/ANCHORLINK])

[ANCHOR]TrueCrypt[/ANCHOR] (Homepage)(Filehippo)(5/5)(W,M,L) - "TrueCrypt is a software system for establishing and maintaining an on-the-fly-encrypted volume (data storage device). On-the-fly encryption means that data are automatically encrypted or decrypted right before they are loaded or saved, without any user intervention. No data stored on an encrypted volume can be read (decrypted) without using the correct password/keyfile(s) or correct encryption keys. Entire file system is encrypted (e.g., file names, folder names, contents of every file, free space, meta data, etc)." - Absolutely a must. Capable of creating completely encrypted system devices (in Windows), this should be installed on everyone's computer. ([ANCHORLINK=TrueCrypt]link here[/ANCHORLINK])

Abstract: "Last month a US court ruled that border agents can search your laptop, or any other electronic device, when you're entering the country. They can take your computer and download its entire contents, or keep it for several days." click to show

View: Taking your laptop into the US? Be sure to hide all your data first
Source: Guardian

Quote:

Taking your laptop into the US? Be sure to hide all your data first
hursday May 15 2008
by Bruce Schneier

Last month a US court ruled that border agents can search your laptop, or any other electronic device, when you're entering the country. They can take your computer and download its entire contents, or keep it for several days. Customs and Border Patrol has not published any rules regarding this practice, and I and others have written a letter to Congress urging it to investigate and regulate this practice.

But the US is not alone. British customs agents search laptops for pornography. And there are reports on the internet of this sort of thing happening at other borders, too. You might not like it, but it's a fact. So how do you protect yourself?

Encrypting your entire hard drive, something you should certainly do for security in case your computer is lost or stolen, won't work here. The border agent is likely to start this whole process with a "please type in your password". Of course you can refuse, but the agent can search you further, detain you longer, refuse you entry into the country and otherwise ruin your day.

You're going to have to hide your data. Set a portion of your hard drive to be encrypted with a different key - even if you also encrypt your entire hard drive - and keep your sensitive data there. Lots of programs allow you to do this. I use PGP Disk (from pgp.com). TrueCrypt (truecrypt.org) is also good, and free.

While customs agents might poke around on your laptop, they're unlikely to find the encrypted partition. (You can make the icon invisible, for some added protection.) And if they download the contents of your hard drive to examine later, you won't care.

Be sure to choose a strong encryption password. Details are too complicated for a quick tip, but basically anything easy to remember is easy to guess. (My advice is at tinyurl.com/4f8z4n.) Unfortunately, this isn't a perfect solution. Your computer might have left a copy of the password on the disk somewhere, and (as I also describe at the above link) smart forensic software will find it.

So your best defence is to clean up your laptop. A customs agent can't read what you don't have. You don't need five years' worth of email and client data. You don't need your old love letters and those photos (you know the ones I'm talking about). Delete everything you don't absolutely need. And use a secure file erasure program to do it. While you're at it, delete your browser's cookies, cache and browsing history. It's nobody's business what websites you've visited. And turn your computer off - don't just put it to sleep - before you go through customs; that deletes other things. Think of all this as the last thing to do before you stow your electronic devices for landing. Some companies now give their employees forensically clean laptops for travel, and have them download any sensitive data over a virtual private network once they've entered the country. They send any work back the same way, and delete everything again before crossing the border to go home. This is a good idea if you can do it.

If you can't, consider putting your sensitive data on a USB drive or even a camera memory card: even 16GB cards are reasonably priced these days. Encrypt it, of course, because it's easy to lose something that small. Slip it in your pocket, and it's likely to remain unnoticed even if the customs agent pokes through your laptop. If someone does discover it, you can try saying: "I don't know what's on there. My boss told me to give it to the head of the New York office." If you've chosen a strong encryption password, you won't care if he confiscates it.

Lastly, don't forget your phone and PDA. Customs agents can search those too: emails, your phone book, your calendar. Unfortunately, there's nothing you can do here except delete things.

I know this all sounds like work, and that it's easier to just ignore everything here and hope you don't get searched. Today, the odds are in your favour. But new forensic tools are making automatic searches easier and easier, and the recent US court ruling is likely to embolden other countries. It's better to be safe than sorry.

· Bruce Schneier is a security technologist and author: schneier.com/blog

This post created with FASS

Abstract: "TrueCrypt can on-the-fly encrypt a system partition or entire system drive, i.e. a partition or drive where Windows is installed and from which it boots." click to show

View: System Encryption
Source: Truecrypt

Quote:

System Encryption

TrueCrypt can on-the-fly encrypt a system partition or entire system drive, i.e. a partition or drive where Windows is installed and from which it boots.

System encryption provides the highest level of security and privacy, because all files, including any temporary files that Windows and applications create on the system partition (typically, without your knowledge or consent), hibernation files, swap files, etc., are always permanently encrypted (even when power supply is suddenly interrupted). Windows also records large amounts of potentially sensitive data, such as the names and locations of files you open, applications you run, etc. All such log files and registry entries are always permanently encrypted as well.

System encryption involves pre-boot authentication, which means that anyone who wants to gain access and use the encrypted system, read and write files stored on the system drive, etc., will need to enter the correct password each time before Windows boots (starts). Pre-boot authentication is handled by the TrueCrypt Boot Loader, which resides in the first cylinder of the boot drive and on the TrueCrypt Rescue Disk.

Note that TrueCrypt can encrypt an existing unencrypted system partition/drive in-place while the operating system is running (while the system is being encrypted, you can use your computer as usual without any restrictions). Likewise, a TrueCrypt-encrypted system partition/drive can be decrypted in-place while the operating system is running. You can interrupt the process of encryption or decryption anytime, leave the partition/drive partially unencrypted, restart or shut down the computer, and then resume the process, which will continue from the point it was stopped.

To encrypt a system partition or entire system drive, select System > Encrypt System Partition/Drive and then follow the instructions of the wizard. To decrypt a system partition/drive, select System > Permanently Decrypt System Partition/Drive.

The mode of operation used for system encryption is XTS (see the section Modes of Operation). For further technical details of system encryption, see the section Encryption Scheme in the chapter Technical Details.

Quote:

Operating Systems Supported for System Encryption

TrueCrypt can currently encrypt the following operating systems:

* Windows Vista

* Windows Vista x64 (64-bit) Edition

* Windows XP

* Windows XP x64 (64-bit) Edition

* Windows Server 2008

* Windows Server 2008 x64 (64-bit)

* Windows Server 2003

* Windows Server 2003 x64 (64-bit)

Quote:

TrueCrypt Rescue Disk

During the process of preparing the encryption of a system partition/drive, TrueCrypt requires that you create a so-called TrueCrypt Rescue Disk (CD/DVD), which serves the following purposes:

* If the TrueCrypt Boot Loader screen does not appear after you start your computer (or if your Windows does not boot), the TrueCrypt Boot Loader may be damaged. The TrueCrypt Rescue Disk allows you restore it and thus to regain access to your encrypted system and data (however, note that you will still have to enter the correct password then). In the Rescue Disk screen, select Repair Options > Restore TrueCrypt Boot Loader. Then press 'Y' to confirm the action, remove the Rescue Disk from your CD/DVD drive and restart your computer.

* If you repeatedly enter the correct password but TrueCrypt says that the password is incorrect, it is possible that the master key or other critical data are damaged. The TrueCrypt Rescue Disk allows you to restore them and thus to regain access to your encrypted system and data (however, note that you will still have to enter the correct password then). In the Rescue Disk screen, select Repair Options > Restore key data. Then enter your password, press 'Y' to confirm the action, remove the Rescue Disk from your CD/DVD drive, and restart your computer.

WARNING: By restoring key data using a TrueCrypt Rescue Disk, you also restore the password that was valid when the TrueCrypt Rescue Disk was created. Therefore, whenever you change the password, you should destroy your TrueCrypt Rescue Disk and create a new one (select System -> Create Rescue Disk). Otherwise, if an attacker knows your old password (for example, captured by a keystroke logger) and if he then finds your old TrueCrypt Rescue Disk, he could use it to restore the key data (the master key encrypted with the old password) and thus decrypt your system partition/drive.

* If the TrueCrypt Boot Loader is damaged or infected with malware, you can avoid running it by booting directly from the TrueCrypt Rescue Disk. Insert your Rescue Disk into your CD/DVD drive and then enter your password in the Rescue Disk screen.

* If Windows is damaged and cannot start, the TrueCrypt Rescue Disk allows you to permanently decrypt the partition/drive before Windows starts. In the Rescue Disk screen, select Repair Options > Permanently decrypt system partition/drive. Enter the correct password and wait until decryption is complete. Then you can e.g. boot your MS Windows setup CD/DVD to repair your Windows.

Note: Alternatively, if Windows is damaged (cannot start) and you need to repair it (or access files on it), you can avoid decrypting the system partition/drive by following these steps: Boot another operating system, run TrueCrypt, click Select Device, select the affected system partition, select System > Mount Without Pre-Boot Authentication, enter your pre-boot-authentication password and click OK. The partition will be mounted as a regular TrueCrypt volume (data will be on-the-fly decrypted/encrypted in RAM on access, as usual).

* Your TrueCrypt Rescue Disk contains a backup of the original content of the first drive cylinder (made before the TrueCrypt Boot Loader was written to it) and allows you to restore it if necessary. The first cylinder of a boot drive typically contains a system loader or boot manager. In the Rescue Disk screen, select Repair Options > Restore original system loader.

Note that even if you lose your TrueCrypt Rescue Disk and an attacker finds it, he or she will not be able to decrypt the system partition or drive without the correct password.

To use a TrueCrypt Rescue Disk, insert it into your CD/DVD drive and restart your computer. Note that TrueCrypt Rescue Disks contain the same TrueCrypt Boot Loader that normally resides in the first cylinder of a system drive. Therefore, when you boot from a TrueCrypt Rescue Disk, the standard TrueCrypt Boot Loader screen appears. The only difference between the regular TrueCrypt Boot Loader and the TrueCrypt Rescue Disk is that there are many more options available in the Repair Options menu (the regular TrueCrypt Boot Loader offers only the option 'Permanently decrypt system partition/drive'). If the TrueCrypt Boot Loader screen does not appear or if there are not all options available in the Repair Menu (see below), it is possible that your BIOS is configured to attempt to boot from hard drives before CD/DVD drives. If that is the case, restart your computer, press F2 or Delete (as soon as you see a BIOS start-up screen), and wait until a BIOS configuration screen appears. If no BIOS configuration screen appears, restart (reset) the computer again and start pressing F2 or Delete repeatedly as soon as you restart (reset) the computer. When a BIOS configuration screen appears, configure your BIOS to boot from the CD/DVD drive first (for information on how to do so, please refer to the documentation for your BIOS or motherboard). Then restart your computer. The TrueCrypt Boot Loader should be launched from the Rescue Disk now. To select Repair Options, press F8 on your keyboard.

If your TrueCrypt Rescue Disk is damaged, you can create a new one by selecting System > Create Rescue Disk. To find out whether your TrueCrypt Rescue Disk is damaged, insert it into your CD/DVD drive and select System > Verify Rescue Disk.

This post created with FASS

[ANCHOR]ZoneAlarm Free[/ANCHOR] (Homepage)(Filehippo)(5/5)(W) - "ZoneAlarm is an easy-to-use firewall that blocks hackers and other unknown threats." - Self explanatory. I use it without problem. ([ANCHORLINK=ZoneAlarm Free]link here[/ANCHORLINK])

[anchorlink=RECENT UPDATES]Augi's list[/ANCHORLINK] | [ANCHORLINK= The Open Source/Freeware/Gratis Software Thread]Biznatch's List[/anchorlink]

[anchor]DIAGNOSTIC TOOLS[/anchor]
[anchorlink=RECENT UPDATES]Augi's list[/ANCHORLINK] | [ANCHORLINK= The Open Source/Freeware/Gratis Software Thread]Biznatch's List[/anchorlink]
These programs do not provide full time security [in their freeware version]. For full time security applications, please see [ANCHORLINK=SECURITY]System Security[/ANCHORLINK].

[ANCHOR]AutoRuns[/ANCHOR] (Homepage)(Filehippo)(1/5)(W) - "This utility, which has the most comprehensive knowledge of auto-starting locations of any startup monitor, shows you what programs are configured to run during system bootup or login, and shows you the entries in the order Windows processes them." - A clever utility, similar to Hijack this, designed specifically for startup applications.
[ANCHOR]Darik's Boot and Nuke[/ANCHOR] (Homepage)(1/5)(-) - "DBAN is a self-contained boot disk that securely wipes the hard disks of most computers. DBAN will automatically and completely delete the contents of any hard disk that it can detect, which makes it an appropriate utility for bulk or emergency data destruction." - Often refered to as a "Nuke disc", and I have always kept one handy for the day the paranoid fantasies take hold. Also recommended if one plans to recycle or sell hard drives- wipe it clean before sending it out.
[ANCHOR]Trend Micro™ CWShredder™[/ANCHOR] (Homepage)(Filehippo)(2/5)(W) - "the premier tool to find and remove traces of CoolWebSearch – the name for a wide range of insidious browser hijackers– from your PC." - Has saved me once when I was in a pinch. This is often what I use on other people's computers to find their problems.
[ANCHOR]EVEREST[/ANCHOR] (Homepage)(Filehippo)(1/5)(W) - "freeware hardware diagnostics and memory benchmarking solution for home PC users, based on the award-winning EVEREST Technology. It offers the world's most accurate hardware information and diagnostics capabilities, including online features, memory benchmarks, hardware monitoring, and low-level hardware information." - Everest corporation no longer maintains the (free) home edition of this program. You can only download the free version from FileHippo. Handy to have when determining hardware configuration, often to diagnose hardware/driver conflicts.
Hardware Determining Application Alternatives click to show
- [ANCHOR]CPU-Z[/ANCHOR] (Homepage)(Filehippo)(1/5)(W) - "a freeware that gathers information on some of the main devices of your system." - A simple version of Everest, less output, but often just as useful.
- [ANCHOR]Sandra[/ANCHOR] (Homepage)(Filehippo)(1/5)(W) - "Sandra (the System ANalyser, Diagnostic and Reporting Assistant) is an information & diagnostic utility. It should provide most of the information (including undocumented) you need to know about your hardware, software and other devices whether hardware or software." - Again, an alternative to Everest. It seems much much slower than Everest.
[ANCHOR]TrendMicro™ HijackThis™[/ANCHOR] (Homepage)(Filehippo)(5/5)(W) - "a free utility which quickly scans your Windows computer to find settings that may have been changed by spyware, malware or other unwanted programs... IMPORTANT: HijackThis does not determine what is good or bad. Do not make any changes to your computer settings unless you are an expert computer user." - Advanced diagnostic utility for finding malware. I use it often after I instal programs to determine what is being set.
[ANCHOR]Trend Micro™ HouseCall[/ANCHOR] (Homepage)(1/5)(W,L,S) - "an application for checking whether your computer has been infected by viruses, spyware, or other malware. HouseCall performs additional security checks to identify and fix vulnerabilities to prevent reinfection." - An online scanner, based on TrendMicro's antivirus... it is good, and once upon a time took care of a problem.
[ANCHOR]Process Explorer[/ANCHOR] (Homepage)(Filehippo)(5/5)(W) - "Ever wondered which program has a particular file or directory open? Now you can find out. Process Explorer shows you information about which handles and DLLs processes have opened or loaded." - Like your task manager, only far more advanced. It shows which processes were started by other processes, and which files are being used.

[anchorlink=RECENT UPDATES]Augi's list[/ANCHORLINK] | [ANCHORLINK= The Open Source/Freeware/Gratis Software Thread]Biznatch's List[/anchorlink]