Re: ways of defeating these security measures?
From: Richard Pitt (richard@belcarra.com)
Date: 12/02/02
- Next message: Tiger Hillside: "Re: Fortune 50 secure e-mail"
- Previous message: RS: "WinXP Pro and security against viruses"
- In reply to: UNIX Dude: "Re: ways of defeating these security measures?"
- Next in thread: Alex Delarge: "Re: ways of defeating these security measures?"
- Reply: Alex Delarge: "Re: ways of defeating these security measures?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: Richard Pitt <richard@belcarra.com> Date: Mon, 02 Dec 2002 17:38:58 GMT
On Sun, 01 Dec 2002 14:38:28 -0800, UNIX Dude wrote:
> Well, personally, if I were to steal your machine the first thing I
> would do is format your hard drive and re-install a base OS. It would
> be alot easier to seel that way.
> Your security measures will prevent casual abuses, but will not even
> slow down a determined "bad guy". I personally have a "jump bag" with
> enough stuff in it to image pretty much any system. A determined or
> creative "bad guy" could simply trojan your machine while you were out.
> There are plenty of tools to defeat boot up passwords and while you may
> notice that you machine was rebooted, would you be able to tell exactly
> what was done to it??
>
> On Sun, 01 Dec 2002 16:55:39 -0500, PCportinc wrote:
>
>
>> I have implemented the following log-in/security measures to prevent
>> the use of my PC&files: 1)during boot-up, a password is required to
>> boot into Windows. 2)my name is written on top-left hand corner of the
>> pic in logo.sys.
>> I figure if my PC is stolen, it's the best way to get it back.
>> 3)a password is required to access specific folders and files. the
>> files are not encrypted, but they cant be accessed from within windows.
>> 4)the screensaver is set to 1min, a password is required.
>>
>> I'd like to know of other security measures and of possible ways of
>> defeating the above.
>> Booting into DOS might bypass all windows security apps, so encryption
>> would be the way to go I suppose.
>> How can the screensaver password be defeated short of re-booting the
>> PC?
Take out the CD and floppy drives.
Get a good metal "over-case" - bolt it to the floor/wall with blind bolts
(no hexagon head, just round/smooth) with the nuts on the inside of the
case. Put the PC inside it and lock with the best lock you can find. Add
a screaming alarm if the case is opened with its own backup battery. Put
a video camera overhead with the feed via wireless (so the thieves can't
trace where the signal goes) to a 24x7 monitored security station. Back
this up with an armed guard and a dog. Don't connect your machine to the
Internet and make sure your room is "tempest" hardened.
Then make backups, encrypt the file system and insure it; 'cause sure as
shootin' if it has anything on it worth while the guard will be
subverted, bring in a wireless jammer and ear plugs, drug the dog, saw
off the lock and steal the PC.
have fun
richard
-- Richard C. Pitt C.E.O. Belcarra Technologies richard@belcarra.com direct: 604-644-9265 www.belcarra.com Software Systems - design and implementation: Internet, Linux, Communications USB, RNDIS, ATM, E-mail, SQL, Encryption, Security, Web, Embedded Systems
- Next message: Tiger Hillside: "Re: Fortune 50 secure e-mail"
- Previous message: RS: "WinXP Pro and security against viruses"
- In reply to: UNIX Dude: "Re: ways of defeating these security measures?"
- Next in thread: Alex Delarge: "Re: ways of defeating these security measures?"
- Reply: Alex Delarge: "Re: ways of defeating these security measures?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
