Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Security-Basics
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

RE: File encryption

from [Jonathan Loh] Network Security [Permanent Link]
Subject: RE: File encryption
Date: Tue, 29 Nov 2005 14:37:40 -0800 (PST) 
pgpdisk?  However, If the laptop is on and the key has been entered, then you
will still be at risk.  You may want to use pgpdisk and pgp encrypt certain
confidential documents.  

But this presents an additional burden for the user.  They must remember the hd
pw and the individual file pws.  One way to limit the pws is to have a hdpw and
a specific file pw and various other file pws.  This way all the user would
have to memorize is two pws.  Let me explain.  There will be a hd pw and there
will be a file called clown.txt (secret.txt and password.txt are poor choices
as the bad guys will know this is the file to break) which contains the
passwords for all other confidential files.  This file will be encrypted in
addition to the other confidential files.  So once clown.txt is decrypted then
the other files can also be decrypted.  But this means clown.txt must be
updated everytime a password is changed or a new confidential file is created.

--- Marty <mortfromork@videotron.ca> wrote:


Hi,

We want to make sure that if the laptop is stolen and the
encryption is broken that we have an extra layer of
protection. The password can be guessed or acquired from
social engineering (from my point of view), thus the risk.



Marty!

-----Original Message-----
From: Aditya Deshmukh
[mailto:aditya.deshmukh@online.gateway.strangled.net] 
Sent: Wednesday, November 23, 2005 10:08 PM
To: 'Mork'; security-basics@securityfocus.com
Subject: RE: File encryption


Question on file encryption. We want to add a layer to our

file 

security.Our hard disks are encrypted and we would like to

add single 

file encryption.


I want to know why you want to add one more layer of file
security. If your Hard disk are already encrypted then with
a strong encryption then you don't need the extra
Encryption.



What is the best product that would silently encrypt and

decrypt 

on-the-fly so it's transparent to the users?


I recommend you use PGP disk ecnryption.
It has whole disk enceyption as well as it can create files
that Can act as drives and are assissable using a drive
letters.

Type one password and you can access the files just like on
hard disk Not exactly transpertnt but almost there and very
good product with Exceptional support. 



____________________________________________________________
____________
Delivered using the Free Personal Edition of Mailtraq
(www.mailtraq.com)






                
__________________________________ 
Yahoo! Music Unlimited 
Access over 1 million songs. Try it free. 
http://music.yahoo.com/unlimited/
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: ZoneAlarm, Jonathan Loh
Next by Date:  Re: IM & P2P packets, Mark Ryan del Moral Talabis
Previous by Thread:  RE: File encryption, Marty
Next by Thread:  Re: Remote Control to a remote computer with no listen port, John Maher
Indexes:  [Date] [Thread] [Top] [All Lists]