Security Basics mailing list archives
Re: In light of what has happened with the theft of the VA laptop, what are the "best practices" for securing laptops?
From: zipk0der <zipk0der () pandora-security com>
Date: Thu, 15 Jun 2006 19:36:02 -0700
One thing I do for added security, is enable an extra password to access syskey (required before msgina.dll is loaded). Go to start > run > syskey.exe [enter] Make sure encryption is enabled, then press "update". You can choose to use a system generated password, or set your own. If you use a system generated startup key, you can choose to place it on a floppy disk or usb key; the system wont boot to Windows without it inserted it/plugged in. Also of course I set up a bios password that is required at boot, and enable the password on resume from screensaver. I've been using truecrypt for a while now, and I have to say I love it. More important than truecrypt itself, are the extensions tcgina and tctemp which can be found here: http://www.truecrypt.org/third-party-projects/ tcgina puts the entire user profile (My documents etc) into a encrypted virtual drive that is mounted at login, this process is almost transparent to the user. tctemp encrypts the entire page file, which, is clearly a good idea. Thats all I can think of for now... In my case, I use different passwords for each step of the boot up process, but in a real life business enviroment, getting a vp or ceo to follow by this is near impossible. Daniel Hückmann
Current thread:
- In light of what has happened with the theft of the VA laptop, what are the "best practices" for securing laptops? Mike Foster (Jun 13)
- Re: In light of what has happened with the theft of the VA laptop, what are the "best practices" for securing laptops? Saqib Ali (Jun 13)
- RE: In light of what has happened with the theft of the VA laptop, what are the "best practices" for securing laptops? Depp, Dennis M. (Jun 13)
- Re: In light of what has happened with the theft of the VA laptop, what are the "best practices" for securing laptops? Dana (Jun 13)
- Re: In light of what has happened with the theft of the VA laptop, what are the "best practices" for securing laptops? Harrison Holland (Jun 13)
- Re: In light of what has happened with the theft of the VA laptop, what are the "best practices" for securing laptops? Gethin Jones (Jun 14)
- Re: In light of what has happened with the theft of the VA laptop, what are the "best practices" for securing laptops? Greg Merideth (Jun 15)
- Re: In light of what has happened with the theft of the VA laptop, what are the "best practices" for securing laptops? zipk0der (Jun 16)
- Re: In light of what has happened with the theft of the VA laptop, what are the "best practices" for securing laptops? Gethin Jones (Jun 14)
- RE: In light of what has happened with the theft of the VA laptop, what are the "best practices" for securing laptops? Sadler, Connie (Jun 13)
- Re: In light of what has happened with the theft of the VA laptop, what are the "best practices" for securing laptops? Bryan S. Sampsel (Jun 13)
- Re: In light of what has happened with the theft of the VA laptop, what are the "best practices" for securing laptops? Dave Patterson (Jun 13)
- Re: In light of what has happened with the theft of the VA laptop, what are the "best practices" for securing laptops? Brian Daniel Beck (Jun 13)
- <Possible follow-ups>
- RE: In light of what has happened with the theft of the VA laptop, what are the "best practices" for securing laptops? Robertson, Seth (JSC-IM) (Jun 14)