Security tools

Updating the Anti Virus Bootable Thumb Drive

My recent post, Convert Any Live CD to a Bootable Thumb Drive in Minutes, referred to the Kaspersky rescue CD as one possible way to make an anti virus bootable USB thumb drive. A lot of people over at my Ask the Geek site have done that and had success with it. However, I have been getting a lot of questions about the updating function, most of them along the line of how to force a static IP address. This should clear it all up.

The Question: Hey Geek, As with the other commenters, thank you so much for this guide and utility. It could potentially be a life saver.

I do however have a few questions:

1) I am guessing the networking side of things works via dhcp, i have looked through the files, but am no linux expert so wondered if there is a way of setting a static ip?

2) Where are the virus deffinition updates saved to? I ran the update on my laptop (dhcp) then plugged the usb drive to a machine with no dhcp and it said the deffinitions were out of date, I would have hope it updated them on the usb key?

My answer: 1. Yes, it works via DHCP. Normally, you would be able to set a static ip address by using the procedure below. You’ll want to get into the linux command console. I believe the rescue disk UI has a link for that. You can then assign a static ip address:

ifconfig eth0 <ip address> up netmask 255.255.255.0
route add default gw <gateway router address>
ifconfig eth0 down
ifconfig eth0 up
route add default gw <gateway router address>

You can verify the ip address by typing ifconfig with no parameters. It
should show the address you set for eth0.

2. The updates are saved to memory, so they go bye-bye when you reboot.
It’s better to update every time you use it anyway, so you always have
the current definitions. I’ll investigate the ../etc/conf file and see
if I can resolve this.

Hope this helps anyone here who has had similar questions.

Free Encryption Tool for the Absentminded

Security software firm SOPHOS (I’ve tested their products in the past) sent me an email yesterday offering a free encryption tool. I tested it this evening and I’m impressed. It’s very simple to use and is definitely a cure for the absentminded:

Whether you lose your laptop, misplace a CD
or leave your USB drive in the coffee shop,
if it’s encrypted you don’t have to worry about
becoming tomorrow’s headline!

Get the FREE Sophos encryption tool now
and you can lose your data without
losing your mind.

Sophos FREE Encryption:
an easy to use tool that encrypts your files, folders and emails.

I suggest you download this immediately and pass it on to everyone you know. Combine this with the LAlarm software and you have an unbeatable combination.

Here’s the download link: http://www.sophos.com/mk/get?_EC=2LMC0U-…

Let me know what you think.

How to Make a USB Thumb Drive Laptop Theft Alarm

Picture this: Someone tries to steal your laptop off your desk and as soon as they pull the plug from the wall, your latpop emits a screaming siren that won’t quit until your password is entered to unlock the laptop and disable the alarm.

There’s another scenario: You take one of your old USB thumb drives (maybe the one you used to make an anti virus bootable scanner) attach a chain to it and secure it to your desk; if someone tries to move your laptop, unplugging the USB thumb drive in the process, the alarm goes off.

This is possible because of an interesting piece of software called “LAlarm.” It’s free for personal use and there’s a nominal fee for commercial use. Download LAlarm from this link: http://www.lalarm.com/en/index.htm.

I tested this software by installing it on my Dell laptop. It works. You simply install the software, configure the options you want and restart your laptop. To set the alarm, you just press Windows key + L to lock the workstation. If anyone pulls the plug or removes the thumb drive, the alarm sounds.

There’s much more to the software than just an alarm. You can set the software to destroy your data in selected folders in the event of a theft. You can also set zones based on IP addresses and cause an alarm to sound if the IP address changes.

The theft alarm is not affected by the system volume control setting–it’s screaming loud no matter how you have your volume set.

It’s a very cool tool.

Google Safe Browsing Diagnostic Page

Thanks to Google, there’s a tool you can use to check any site and see if Google lists it as hosting any suspicious files or acting as a malware intermediary. Yes, I know there’s a Firefox extension and that the Google Toolbar for Firefox incorporates the tool, but what if you’re out in the field on a machine that doesn’t have the tool installed and you want to check a site? Simple. Use this URL:

“http://google.com/safebrowsing/diagnostic?site=[URL of site you want to check]” (Leave off the http://).

For example, this URL produced the report shown in the screen shot (click on the image to view it full size):

http://google.com/safebrowsing/diagnostic?site=itknowledgeexchange.techtarget.com

Try it out for yourself on your favorite sites. You might be surprised at what you find out.

(Thanks to Steve Gibson and Leo Laporte of Security Now! for presenting a reader comment that brought this to my attention.)

What do you think? Leave a comment!

14 Golden Rules of Computer Security

In celebration of (almost) being close to releasing my first eBook to the general public, I’m releasing the list of the 14 Golden Rules of Computer Security in hopes that any last minute errors will be spotted by my peers here at IT Knowledge Exchange. Here’s the list:

#1: The best security measures are completely useless if you invite attackers into your PCs or networks.
#2: A first, important step in securing your PC is to install  and configure a NAT router.
#3: Always change the default username and password of any configurable device you put on your home network.
#4: Use an un-guessable, or difficult-to-guess password always.
#5: A vital part of PC security is keeping up with software patches for ALL of the software on your system, not just the operating system. Where it is available, use the software’s automatic updates feature.
#6: Always disable any message preview or auto-open features in your e-mail client. View messages as text-only until you know they are safe.
#7: If you store sensitive information on a PC or laptop, even if it’s only personal information, encrypt the
folders or drives where the information is stored and use an un-guessable passphrase as  the encryption key.
#8: Physical security is  almost as important as data security. Make it as difficult as possible through any
physical means for a thief to steal your hardware. Rules of thumb: Lock it up and lock it down; out of sight, out of mind.
#9: When surfing the web, testing unknown programs, or engaging in other activities with the potential to harm your computer, use a sandbox or virtual machine to protect your base system from harm.
#10: When using external removable media for backups, either encrypt the backup files or make sure the media is taken offline after the backup has been completed.
#11 Never enter sensitive information into any web page unless you have verified that the information is being sent over a secure connection signified by https:// in the address bar and a lock icon in the browser’s status bar.
#12: Once a PC is infected with malware, you can’t trust it. The only way to restore trust is to wipe the hard drive clean and reload the operating system.
#13: When it comes to securing a WiFi network, the only way is WPA.
#14: If your email address will be visible to the public, obfuscate it.

In the book, each one of these rules is explained in detail with links to tools and other information.

I value your comments, so if I’ve left anything out, or you have issues with what I’ve posted here, let me know. I want this to be the best first edition it can be.

Convert Any Live CD to a Bootable Thumb Drive in Minutes

A visitor to my Ask the Geek site told me about a great little utility, UNetbootin for Windows and Linux that allows you to create bootable Live USB drives for a variety of Linux distributions without requiring you to burn a CD. Not only that, but UNetbootin can be used to load system utilities, including:

• Parted Magic, a partition manager that can resize, repair, backup, and restore partitions.
• SystemRescueCD, a system repair, backup and recovery tool.
• Super Grub Disk, a boot utility that can restore and repair overwritten and mis-configured GRUB installs or directly boot various operating systems
• Dr.Web Antivirus, F-Secure Rescue CD, and Kaspersky Rescue Disk, which remove malware from Windows installs.
• Backtrack, a utility used for network analysis and penetration testing.
• Ophcrack, a utility which can recover Windows passwords.
• NTPasswd, a utility which can reset Windows passwords and edit the registry.
• Gujin, a graphical bootloader that can also be used to boot various operating systems and media.
• Smart Boot Manager (SBM), which can boot off CD-ROM and floppy drives on computers with a faulty BIOS.
• FreeDOS, which can run BIOS flash and other legacy DOS utilities.

The tool works like a charm. I’ve made bootable USB drives with ClamAV Live CD, the Kaspersky Rescue Disk, Dr. Web Antivirus, and a couple of others, just to see how it works. These are invaluable tools for we security wonks and I thought I’d pass it on.

Be sure to check out the UNetbootin site for complete information and tutorials on how to make it work.

Peter Piper Picked a Perfect Password Pattern

A little Alliteration is good for writing effect every now and then; why not apply this to passwords? I don’t mean to write out an alliterative phrase and turn it into a password or passphrase (though you could, I guess); what I mean is to use a pattern that makes it easy for you to remember the password, but still results in a very strong, un-guessable one. Here’s an example of a very strong password: 19[-[Phrase]-]60.

This one is very weak: %6*Some*Phrase*6%. Can you see why? Too many repetitions of characters. Change it slightly, %6!Some*Phrase!6%, and it becomes very strong.

The trick is to come up with a pattern that means something to you. By no means should you use the patterns I suggest—use something that will be easy for you to remember.

I’ll leave it to you to analyze the two examples and let you come up with your own. Remember, the bad guys read these blogs, too.

You can mosey over to the Password Meter page at Ask the Geek to check the patterns/passwords you come up with. That’s the best password meter I’ve ever seen, bar none.