Do you have a question? Post it now! No Registration Necessary. Now with pictures!
- Posted on
- hide and encrypt
- Teeny & Allen
August 23, 2005, 9:12 pm
rate this thread
Re: hide and encrypt
Teeny & Allen wrote:
You could always just use XP. Depends on the level of security desired.
If you have admin control using just use XP to hide the files and
directories. If you are a user you can reasonably hide files and
folders from an administrator if you have directories that you are the
owner of. Bear in mind if you use this method you should examine file
backup and recovery issues and test backup methodologies. Most admins
allow users full control of certain directory paths.
NOTE: Below is warning if you are not box owner (company owned/managed).
As an admin or security manager: If a client PC were to all of a sudden
to have a disk shortage, for example: hiding 578 music MP3 files in a
directory (long story) because company policy prohibited the on the
files on PC clients and I noticed your system had a strange disk free
space shortage, you might get a system administrator interested enough
to look, and they could get in. If the SA couldn't get in they would
call the securitymanager. I have seen few tools that I couldn't figure
out how to get into, if one wanted to bad enough, from a security
perspective. I work very closely with admins, even had some incidents
where administrators themselves were relived of their duties. It might
require a new "service" or other method, but for security managers
patience is a virtue.
Typically a security manager will have already collected what was needed
long before a user is aware was aware someone was looking. If the
manager finds nothing, the user would never know they were looked at. A
network manager "might" visually observe activity remotely and record it
for posterity. This could be on a x-station or winX box.
I have reports (for example) that are generated once a client PC has
used more HDD space than a certain percentage, as well as another report
where drive free space is reduced a certain percentage in between report
times. These reports are useful in identifying not only of potential
security issues but may also indicate pending hardware failure. We do
this not only for users but servers as well albeit different things
"may" be reported. Additionally some directories may be tripwired for
special handling depending on event, this is often good for
automatically recording activity or paging security manager etc. Most
properly managed networks have a number of computer activities that
might raise flags. You would be amazed what one can monitor with just
SMS not to mention "other" auditing possibilities.
I share the above, to ensure you understand that it is "your" machine we
are referring to and not one "owned" by the company or someone else. I
have had several users and admins through the years, use several very
fine encryption products who thought they were totally safe, who are now
gainfully unemployed. Cracking was not required.
- » CFP: IEEE in cooperated International Conference on Computational Intelligence for Modelli...
- — Previous thread in » Computer Software Security