Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Security-Basics
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

RE: The VA Stolen Laptop - Lessons Learned

from [Scott Ramsdell] Network Security [Permanent Link]
Subject: RE: The VA Stolen Laptop - Lessons Learned
Date: Thu, 14 Sep 2006 17:35:27 -0400 
If the laptop is stolen, and off the network when you disable the
account, how the heck do you think the fact the account has been
disabled reaches the laptop?

"encrypt it as the roaming profile"?  The roaming profile is very
specific files.  If you're talking about using EFS, you have other
concerns as well.

If you encrypt a user's profile with EFS, the key would have to be on
the machine or the user couldn't get to their profile off the network.

If the key is left on the machine, then anyone with physical access to
the machine can reset the admin password, login as the admin, and grab
the user's key and get to the files.

The encryption used should be something other than EFS, and should be on
a directory outside the profile (so copies aren't flung onto the user's
network share).

Basically, the users should be trained, and the plan should be created
by someone who knows what they are doing, and people should stop
pointing fingers when something goes wrong, and instead address the
issues.

Good slam on the Prez, BTW, both pertinent and relevant, and about as
thoughtfully consistent as the rest of your rant.

-Scott Ramsdell

-----Original Message-----
From: listbounce@securityfocus.com [mailto:listbounce@securityfocus.com]
On Behalf Of Isaac Van Name
Sent: Thursday, September 14, 2006 8:18 AM
To: 'evb'; security-basics@securityfocus.com
Subject: RE: The VA Stolen Laptop - Lessons Learned

Bush hasn't defined "data"... he can't define anything because he's a
moron.

Does data include OS files, log files, cab files, drivers, etc.?
IMO, no.  None of it.  Screw the OS and its files; those things don't
count
as "sensitive data".  Okay, so there's the argument that "these things
can
be used for a compromise".  Really, I don't see why someone can't just
use a
roaming profile and a VPN connection on the laptop to connect to their
workplace and, anytime sensitive data like that is put on a laptop,
encrypt
it as the roaming profile and set the file rights to only allow that
roaming
profile to access it.  That way, when the laptop is stolen, just disable
the
roaming account... that should protect the encrypted files for long
enough
for the laptop to be recovered.  True, this is more work, but then,
isn't
proper security just making your everyday tasks take longer?

Of course, this is all said with a cup of coffee in one head and my
hungover
head in the other, so please feel free to correct me.  As it seems to
me,
though, I think you have to plan out system security before you
implement
file security... otherwise, you're just playing smoke and mirrors.


Isaac Van Name
Network Assistant / Programmer
Southerland, inc.
ivanname@southerlandsleep.com

-----Original Message-----
From: listbounce@securityfocus.com [mailto:listbounce@securityfocus.com]
On
Behalf Of evb
Sent: Wednesday, September 13, 2006 3:47 PM
To: security-basics@securityfocus.com
Subject: RE: The VA Stolen Laptop - Lessons Learned

 
:1. Encrypt all data on mobile computers/devices which carry 
:agency data unless the data is determined to be non-sensitive, 
:in writing, by your Deputy Secretary or an individual he/she 
:may designate in writing 
: 

And does "data" include operating system files, log files, cab files,
drivers, etc., or does it only include eg xls, doc, pdf and wpd files,
etc.?
How has Bush defined "data"?  

Thx,

Eric 


------------------------------------------------------------------------
---
This list is sponsored by: Norwich University

EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE
The NSA has designated Norwich University a center of Academic
Excellence 
in Information Security. Our program offers unparalleled Infosec
management 
education and the case study affords you unmatched consulting
experience. 
Using interactive e-Learning technology, you can earn this esteemed
degree, 
without disrupting your career or home life.

http://www.msia.norwich.edu/secfocus
------------------------------------------------------------------------
---




------------------------------------------------------------------------
---
This list is sponsored by: Norwich University

EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE
The NSA has designated Norwich University a center of Academic
Excellence 
in Information Security. Our program offers unparalleled Infosec
management 
education and the case study affords you unmatched consulting
experience. 
Using interactive e-Learning technology, you can earn this esteemed
degree, 
without disrupting your career or home life.

http://www.msia.norwich.edu/secfocus
------------------------------------------------------------------------
---


---------------------------------------------------------------------------
This list is sponsored by: Norwich University

EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE
The NSA has designated Norwich University a center of Academic Excellence 
in Information Security. Our program offers unparalleled Infosec management 
education and the case study affords you unmatched consulting experience. 
Using interactive e-Learning technology, you can earn this esteemed degree, 
without disrupting your career or home life.

http://www.msia.norwich.edu/secfocus
---------------------------------------------------------------------------
[More messages with this same subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: user default password checking tool, Allan Seyberth
Next by Date:  Recover passwords from firefox., Pablo A. Rolon
Previous by Thread:  Re: RE: The VA Stolen Laptop - Lessons Learned, krymson
Next by Thread:  RE: The VA Stolen Laptop - Lessons Learned, Isaac Van Name
Indexes:  [Date] [Thread] [Top] [All Lists]