IT Management Daily
Storage Daily
Security Daily

follow us on Twitter

Be a Commerce Partner

Internet News
Small Business
Personal Technology

Corporate Info
Tech Jobs
E-mail Offers

Related Articles
Not So SIMple
Intrusion Detection and Honeypots
AO Security Discussion Roundup

Security Products
 FB Limiter (AxiomCoders)
 Keylogger Free Download (Free keylogger download)
 Software Keylogger (Software keyloggers)
 Facebook Password Recovery (XaviWare Software Ltda.)
 BlockAllow (BlockAllow)
 AW GoOn (AtelierWeb Software)
» Enterprise IT Planet » Security » Security Features

Drive Encryption Rewards and Risks

May 11, 2007

Email Print Digg This Add to

AntiOnline Spotlight: Do you encrypt your drives? If you're considering this method of safeguarding your data, make sure you have a complete picture of the protections it offers. Also, lessons in concealing malware; thoughts PHP and MySQL injections; and tools for banishing spyware.

Drive Encryption
treanglin wants to know...

I've seen firsthand how easy it is to grab a password or SAM file from a Linux, OS X or Windows box. I've experienced the dreadful fright that occurs after loosing USB drives with sensitive data on them. It's a shame, I know, but I'm just now figuring that I should go ahead and start encrypting my data. I'm going to start fresh tomorrow (Fedora DVD ISO, downloading right now) and I'm just wondering what you guys use to encrypt your hard drives and USB drives.

Hexed Virus/Malware/Spyware
nihil's contribution:

By "hexed" I take it you are referring to an executable in hexadecimal notation? This does not "conceal" the file from the scanner, nor does it make it totally invisible. It would be the same if the file were encrypted.

The issue would be whether the scanner could recognize the malware for what it was.

For example, I have a collection of malware generation toolkits. AVG does not detect them. I know that it opens them in a temporary file because Avast! goes ballistic when it does so.

PHP and MySQL injections
Godsrock37's question:

So here's the question, how do I protect from MySQL injections. Right now, the only public access to the database is just the form to make an online reservation which links to a submit.php script that simply submits it. The client manages reservations with a Web interface that is not linked to by anything, so you have to know the address, later I’ll put a username and password on it in which case I know I’ll have to protect against SQL injections, but for now, is there any danger of SQL injections?

I'm assuming so. For some reason a few functions don’t work on the hosting company's server (mysql_real_escape_string and free_result so far) and I think it's because it’s an older version of PHP or MySQL. What can/should I do?

Spyware, Privacy...
westin's advice:

If you start searching around, you will find quite a few different security tools. Just make sure you research a tool before downloading it. Look at forums and what not. Some of the "removal tools" are not what they seem.

Stick with Nihil's suggestions, and throw in a couple of others for the sake of thoroughness. If you think you are infected, boot into safe mode [F5 while booting for safe mode, F8 for boot menu] before running the scans. You are more likely to come out with a clean system that way.

Newbie with a question about VoIP security

Active Directory Distribution List Problem

Also, be sure catch up on today's posts. Not a member? Join today!

Email Print Digg This Add to

Security Features Archives
The Network for Technology Professionals



Legal Notices, Licensing, Permissions, Privacy Policy.
Advertise | Newsletters | E-mail Offers