Secure Boot Manager

From: Meidinger Christopher (christopher.meidinger_at_badenIT.de)
Date: 06/30/03

  • Next message: compguruman_at_mail.comcast.net: "RE: Repeated Port Scan" 
    To: "Security-Basics@Securityfocus. Com (E-Mail)" <security-basics@securityfocus.com>
Date: Mon, 30 Jun 2003 12:44:35 +0100

    Hello List-Readers,

    i have a question for you all, hopefully someone will have a great answer
    for me.

    Our company needs to securely seperate two partitions on several laptops.
    This means we are looking to have two Windows Installations on one hard
    drive, and have them be *entirely* invisible to one another, even if the
    user has escalated privileges.

    This involves keeping two secure networks seperated. I am less worried about
    the actual data on the machines. If the user should do something to destroy
    one of the partitions, that's ok, there just has to be a 0% chance that the
    OS on the other partition can access it.

    The best solution i have been able to come up with is:

    1. encrypt the partitions - we will buy a commercial software so that the OS
    itself and its entire partition can be encrypted.
    2. use a boot manager to hide the partitions from one another so that the
    user would have to actively un-hide them to attempt to mount them

    Can anyone point out any obvious problems here, or does anyone have a
    suggestion on how to do this better? I have no real reason to encrypt the
    data except to make it inaccessible for the other OS, so i would prefer to
    avoid the performance loss associated with encrypted file systems if
    possible. I just haven't thought of another way to be 100% sure that neither
    OS can access the partition of the other one.

    Thanks in advance,

    badenIT GmbH
    System Support
     
    Chris Meidinger
    Tullastrasse 70
    79108 Freiburg

    ---------------------------------------------------------------------------
    Evaluating SSL VPNs' Consider NEOTERIS, chosen as leader by top analysts!
    The Gartner Group just put Neoteris in the top of its Magic Quadrant,
    while InStat has confirmed Neoteris as the leader in marketshare.
         
    Find out why, and see how you can get plug-n-play secure remote access in
    about an hour, with no client, server changes, or ongoing maintenance.
              
    Visit us at: http://www.neoteris.com/promos/sf-6-9.htm
    ----------------------------------------------------------------------------

  • Next message: compguruman_at_mail.comcast.net: "RE: Repeated Port Scan"

    Relevant Pages

    • Re: Secure Boot Manager
      ... vmware images were stored on an encrypted file ... Subject: Secure Boot Manager ... > Our company needs to securely seperate two partitions on several laptops. ... > Evaluating SSL VPNs' Consider NEOTERIS, chosen as leader by top analysts! ...
      (Security-Basics)
    • Secure laptop with SuSE 9.1?
      ... in order to have a secure notebook i want to to encrypt /home, /tmp, ... Supposing i use the same password for these partitions, ... that a can use encrypted swap by adding the options ...
      (alt.os.linux.suse)
    • Re: Partitioning for Performance
      ... > secure on the other partitions. ... > or more hard drives, but less expensive and adequate for ... > The people think the Constitution protects their rights; ...
      (microsoft.public.windowsxp.hardware)
    • Re: permissions on c:
      ... ability to write which is much more secure. ... > partitions(any partitions) where regular users have access to apps and ... > thier profiles. ... > Administrators: full control ...
      (microsoft.public.win2000.security)
    • USB pen drive : secure partition ?
      ... I have a USB pen drive and I formatted it as msdos (fat32) filesystem. ... Something that will work with Windows as wel (the secure part I mean). ... I could probably create more partitions, but then I am stuck with the same ...
      (comp.os.linux.hardware)