Hosting for just $3.88/month! Find out MORE!

Archive for the 'Security & Spyware' Category

File encryption on-the-fly with TrueCrypt

Published on 22 April, 2007 in Security & Encryption. 2 Comments Tags: , .

TrueCrypt

In the last post I described how to securely and permanently remove a file from the disk drive using Eraser.

Now what happen if you need to securely store, not delete, any files? In this post, we will introduce another open source tools that will help you do just that – TrueCrypt.

With TrueCrypt you can protect your sensitive data, create a virtual encrypted disk within a file and mount it as a disk. You can also encrypt an a hard disk partition or a device, such as USB flash drive. The encryption is done automatically and transparently in real time. The author calls it an on-the-fly-encrypted volume .

TrueCrypt

Continue reading ‘File encryption on-the-fly with TrueCrypt’

Wipe all trace with Eraser

Published on 1 March, 2007 in Security & Encryption. 0 Comments Tags: , .

Eraser

Regular readers will know that I keep a keen eye on security and protection on private data. Previously I covered using KeePass to store password (of course the best would be to keep everything in the head), using Tor and Privoxy for anonymous browsing and setting up a VPN to share data using Hamachi.

In this post (and the next), I want to share some tools that will secure your data on your harddisk.

Eraser is an open source security tool which allows you to completely remove sensitive data from your hard drive by overwriting it several times with carefully selected patterns.

Why do you want to do this?

Eraser

Continue reading ‘Wipe all trace with Eraser’

Share your LAN with Hamachi

Published on 22 November, 2006 in Networking and Security & Encryption. 1 Comment Tags: , .

So you have a LAN in office where you share documents between a few computers. Now suppose you are at home and one of the files is on another PC at work. What do you do?

HamachiOne solution is to get Hamachi installed on both PCs.

Hamachi is not open source but the free version is very usable and I have used it on occassions between office, home and client’s location. (Hamachi had just been acquired by LogMeIn Inc in August 2006, it seems like the free version will continue to be available.)

Hamachi setup Quick Guide

There are a number of solutions available to achieve remote connection, even Windows XP comes with Remote Desktop. But what makes Hamachi stands out is the ease of use. Once installed, you just have to follow the few guided steps to get it up and running.

Continue reading ‘Share your LAN with Hamachi’

KeePass 1.06 release

Published on 16 October, 2006 in Security & Spyware. 0 Comments Tags: , , .

KeePass (review) is an opensource password manager which helps you to manage your passwords .

All your passwords are kept in one database, which is locked with one master key or a key-disk. You only have to remember one single master password or insert the key-disk to unlock the whole database.

Databases are encrypted using very secure encryption algorithms (AES and Twofish).

A new version, 1.06, is available. (Thanks to the update alert built into the program.)

Are you still using FTP? Beware

Published on 12 September, 2006 in Editorial and Security & Encryption. 2 Comments Tags: , , .

Recently I acquired a software that required FTP access to my server, without which it cannot work.

I was shocked!

You see, in the last 7-8 years I have not use FTP on my servers. Even on the local office server I refuse to allow FTP to be installed. For file transfer I just use SFTP (Filezilla supports this).

Are you still using FTP, you might want to read the following and discover why it is time to take note

The traditional FTP protocol is highly insecure: it sends passwords in the clear. For this reason FTP has been recognized as one of the largest remaining security liabilities in most UNIX systems. As of 2006 FTP still remains one of the Internet’s most popular file upload mechanisms.

Another security risk lies not with FTP itself but with the widespread use of wireless internet connection.

With wireless, your FTP password travelling in clear over the air can be easily captured. You may be surprised that wireless attack is actually very easy. The kid next door may just be looking at your wireless traffic now.

So, if you are using FTP on your hosting server and at work, ask why. Security file transfer like SFTP, SCP, FTP over SSL are widely available. Perhaps it is time to ask if the hosting provider support them or move on to a more knowledgable hosting provider.

At this point I am still talking to the vendor to see how the FTP requirement can be relaxed or best removed.

Reference:

Punch through web filter with Tor

Published on 6 September, 2006 in Browsers, Security & Spyware and Utilities & Drivers. 0 Comments Tags: , , .

TorTor is one of those application that you most likely don’t need but useful to know that it exist when you need it.

Tor’s website describe it as “an anonymous Internet communication system“. Which doesn’t really helps to understand what it is.

The normal business user would not need to know how Tor works (read this overview if you want to know), only what it does.

One of Tor usage is to get pass blocked website. Which is what I am going to describe in this article.

If you work in some countries (no name here to protect this site) that filters web traffic you may want to read on.

Continue reading ‘Punch through web filter with Tor’

Importing from Password Safe to KeePass database

Published on 8 August, 2006 in Security & Spyware and Tips & Tutorials. 0 Comments Tags: .

So I moved from Password Safe to KeePass. After some false start (remember to backup) the data was imported from Password Safe database into KeePass.

If you want to migrate the Password Safe database to KeePass, here’s how you do it.

  1. Use the Password Safe function to export to CSV file
    File > Export To > Plain Text
  2. Import the text file into KeePass
    File > Import From> PWSafe v2 TXT file

The mistake I made was to import the encrypted datafile which produces garbage. You need to export to plain text and import the text file.

Remember all your passwords with KeePass

Published on 7 August, 2006 in Security & Spyware. 0 Comments Tags: , , .

KeePassI consider myself a security paranoid. When I sign up with a site, I use a different password, sometimes even different username. Over the years I must have hundreds of account accumulated on the internet.

To help with remembering, I started with standard menonics, then use associations. Then I became more lazy started using standard passwords for sites that I don’t really care about.

Still, the problem is how to manage passwords overload ?

Let me introduce KeePass .

Continue reading ‘Remember all your passwords with KeePass’

Open Source Anti-Virus for Windows – ClamWin

Published on 2 August, 2006 in Security & Spyware. 1 Comment Tags: , .

Anti-Virus is a class of software that remains a firmly held by commercial companies.

ClamWin

ClamWin Antivirus is one of the better open source anti-virus program that is invading that stronghold in the MS Windows domain. (Is there others?)

ClamWin is based on the ClamAV antivirus engine. Harnessing the power of the community, the concept of an opensource virus directory look set to take on the commercial counterpart.

I decided to check it out a year ago when reinstalling my Win XP. The last anti-virus from Trend Micro never make a return.

My first impression after seeing the main screen of the program is that it still have some way to go in catching up with commercial equivalents.

Continue reading ‘Open Source Anti-Virus for Windows – ClamWin’