Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Security-Basics
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: Simple Effective Secure Email

from [Steve] Network Security [Permanent Link]
Subject: Re: Simple Effective Secure Email
Date: Wed, 8 Sep 2004 16:44:11 -0400 
Well, this works but isn't simple from a user perspective, maybe simple from
our IT perspective.


----- Original Message ----- 
From: <LordInfidel@directionweb.com>
To: "'Steve'" <securityfocus@delahunty.com>;
<security-basics@securityfocus.com>
Sent: Wednesday, September 08, 2004 4:35 PM
Subject: RE: Simple Effective Secure Email


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

What you want is PGP  (www.pgp.com), there are several versions.
You want the freeware version unless you are using exchange, then
you need the workgroup version.  I'm not sure if it works with
outlook express, but I can't see why it wouldn't.

Here's how it works:

For verification; you want to create a pgp key for each person and
then send that persons key (.asc file) to the people who will be
verifying the e-mail.

for example, if you have pgp installed
if you go to
http://www.directionweb.com/downloads/certs/Lordinfidel.txt
and copy and paste my public key into a txt file and rename it .asc
which you then would import into your key ring.  Then you can verify
that my signature on this email is good, since you would know my public
key, hence you would know that I sent this e-mail.

For encryption; you would do the same thing as above, but instead of
signing it, you would encrypt it.  The recipient would not be able to
read the e-mail (it would like what you saw in the lordinfidel.txt
file, unless they A) had the public key and B) new the password used to
encrypt the file.

LordInfidel

To verify the digital signature on this bulletin, please download my
PGP key at http://www.directionweb.com/downloads/certs/lordinfidel.txt

- - -----Original Message-----
From: Steve [mailto:securityfocus@delahunty.com]
Sent: Wednesday, September 08, 2004 3:19 PM
To: Michael B. Morell; security-basics@securityfocus.com
Subject: Re: Simple Effective Secure Email


Several things.

Primarily so that when these people send email the recipient can
verify it
actually came from them.  Secondarily, less critical, so that if they
send
out an email they can ensure it can only be read by the intended
recipient.

STEVE

- - ----- Original Message ----- 
From: "Michael B. Morell" <MMorell@vdat.com>
To: "'Steve'" <securityfocus@delahunty.com>;
<security-basics@securityfocus.com>
Sent: Wednesday, September 08, 2004 3:14 PM
Subject: RE: Simple Effective Secure Email


steve.... can you elaborate a little on what you mean?

Are you trying to make it so that when those handful of people send
out
e-mail that the recipient of the e-mail can only read it?

Or are you trying to protect those handful of people from themselves?

LordInfidel

- - -----Original Message-----
From: Steve [mailto:securityfocus@delahunty.com]
Sent: Wednesday, September 08, 2004 9:43 AM
To: security-basics@securityfocus.com
Subject: Simple Effective Secure Email


If you needed to secure a handfull of people to use their email
securely
what would you recommend?  Consider the email client to be Outlook
Express.
I was thinking some form of a personal cert but wanted to see about
experience from the security list (you folks).







- -
- ----------------------------------------------------------------------
- - -----
Computer Forensics Training at the InfoSec Institute. All of our
class sizes
are guaranteed to be 12 students or less to facilitate one-on-one
interaction with one of our expert instructors. Gain the in-demand
skills of
a certified computer examiner, learn to recover trace data left
behind by
fraud, theft, and cybercrime perpetrators. Discover the source of
computer
crime and abuse so that it never happens again.

http://www.infosecinstitute.com/courses/computer_forensics_training.ht
ml

-----BEGIN PGP SIGNATURE-----
Version: PGP 8.1

iQA/AwUBQT9s6cMjh/jWwMgrEQKBvgCfcmQAT8n9cM2ONc2vcJbLl5I1XCIAnjgu
o62T/ws42HY7f5inRvh11jXG
=5XSF
-----END PGP SIGNATURE-----





---------------------------------------------------------------------------
Computer Forensics Training at the InfoSec Institute. All of our class sizes
are guaranteed to be 12 students or less to facilitate one-on-one
interaction with one of our expert instructors. Gain the in-demand skills of
a certified computer examiner, learn to recover trace data left behind by
fraud, theft, and cybercrime perpetrators. Discover the source of computer
crime and abuse so that it never happens again.

http://www.infosecinstitute.com/courses/computer_forensics_training.html
----------------------------------------------------------------------------
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: learning ethical hacking, D K
Next by Date:  Re: a tool like nestat, Morgan Reed
Previous by Thread:  RE: Simple Effective Secure Email, LordInfidel
Next by Thread:  RE: Simple Effective Secure Email, Barrie Dempster
Indexes:  [Date] [Thread] [Top] [All Lists]