x

Archive for the 'Security & Encryption' Category

File encryption on-the-fly with TrueCrypt

Published by
Ken
at 22 April, 2007 in Security & Encryption. Comments

TrueCrypt

In the last post I described how to securely and permanently remove a file from the disk drive using Eraser.

Now what happen if you need to securely store, not delete, any files? In this post, we will introduce another open source tools that will help you do just that - TrueCrypt.

With TrueCrypt you can protect your sensitive data, create a virtual encrypted disk within a file and mount it as a disk. You can also encrypt an a hard disk partition or a device, such as USB flash drive. The encryption is done automatically and transparently in real time. The author calls it an on-the-fly-encrypted volume .

TrueCrypt

Continue reading ‘File encryption on-the-fly with TrueCrypt’

Popularity: 40%

Wipe all trace with Eraser

Published by
Ken
at 1 March, 2007 in Security & Encryption. Comment

Eraser

Regular readers will know that I keep a keen eye on security and protection on private data. Previously I covered using KeePass to store password (of course the best would be to keep everything in the head), using Tor and Privoxy for anonymous browsing and setting up a VPN to share data using Hamachi.

In this post (and the next), I want to share some tools that will secure your data on your harddisk.

Eraser is an open source security tool which allows you to completely remove sensitive data from your hard drive by overwriting it several times with carefully selected patterns.

Why do you want to do this?

Eraser

Continue reading ‘Wipe all trace with Eraser’

Popularity: 42%

Share your LAN with Hamachi

Published by
Ken
at 22 November, 2006 in Networking and Security & Encryption. Comment

So you have a LAN in office where you share documents between a few computers. Now suppose you are at home and one of the files is on another PC at work. What do you do?

HamachiOne solution is to get Hamachi installed on both PCs.

Hamachi is not open source but the free version is very usable and I have used it on occassions between office, home and client’s location. (Hamachi had just been acquired by LogMeIn Inc in August 2006, it seems like the free version will continue to be available.)

Hamachi setup Quick Guide

There are a number of solutions available to achieve remote connection, even Windows XP comes with Remote Desktop. But what makes Hamachi stands out is the ease of use. Once installed, you just have to follow the few guided steps to get it up and running.

Continue reading ‘Share your LAN with Hamachi’

Popularity: 46%

Are you still using FTP? Beware

Published by
Ken
at 12 September, 2006 in Security & Encryption and Editorial. Comments

Recently I acquired a software that required FTP access to my server, without which it cannot work.

I was shocked!

You see, in the last 7-8 years I have not use FTP on my servers. Even on the local office server I refuse to allow FTP to be installed. For file transfer I just use SFTP (Filezilla supports this).

Are you still using FTP, you might want to read the following and discover why it is time to take note

The traditional FTP protocol is highly insecure: it sends passwords in the clear. For this reason FTP has been recognized as one of the largest remaining security liabilities in most UNIX systems. As of 2006 FTP still remains one of the Internet’s most popular file upload mechanisms.

Another security risk lies not with FTP itself but with the widespread use of wireless internet connection.

With wireless, your FTP password travelling in clear over the air can be easily captured. You may be surprised that wireless attack is actually very easy. The kid next door may just be looking at your wireless traffic now.

So, if you are using FTP on your hosting server and at work, ask why. Security file transfer like SFTP, SCP, FTP over SSL are widely available. Perhaps it is time to ask if the hosting provider support them or move on to a more knowledgable hosting provider.

At this point I am still talking to the vendor to see how the FTP requirement can be relaxed or best removed.

Reference:

Popularity: 21%