|
Get Armed Against Forensic Infringement
If your hard disk or laptop gets stolen then one can use forensic tools to recover even your deleted data. Let's have a look at tools that prevent this from happening
Swapnil Arora
Thursday, September 06, 2007
Lately, a new genre called anti-forensic tools has started gaining
popularity. While forensic tools are meant to trace out data from a stolen
machine, anti-forensic tools do the reverse. They ensure that forensic tools are
not able to find anything. Till now, they were exclusively in the domain of
experts or even hackers to hide their traces,because of their complex nature.
But now they've become so simple that anybody can use them to safeguard their
critical data. So if your laptop or hard drive gets stolen, then it will become
very difficult for anybody to take out data from it using forensic tools. We
said 'almost' because nothing's foolproof.
Let's have a look at three of such tools, all of which are freeware or open
source.
| Direct Hit! |
Applies To: Advanced users
Price: Free
USP: Safeguard your critical data
Primary Link:
www.shortenurl.co
m/7srgx
Google Keyword: Anti-forensic
tools
|
|
TrueCrypt
This is an open source encryption program, which supports 11 encryption
algorithms and is meant for recent versions of Windows and Linux. It creates an
on-the-fly encryption volume in which data is encrypted automatically when it is
stored and is likewise decrypted when accessed. The created volume is also
password protected.
When data is loaded from the TrueCrypt volume, it decrypts it only on RAM
i.e. no decrypted data is stored on the HDD. A user can copy and access any file
on the encrypted volume, without bothering about the encryption process.
Moreover, this tool lets you create a hidden partition within an existing
TrueCrypt encrypted partition and both these partitions are protected with
different passwords. The benefit of the hidden
partition shows up when you are forced to reveal the password of your TrueCrypt
volume. You can get away by giving password of only the encrypted volume and
still protect the information inside the hidden volume as it won't be mounted.
Download this tool from www.truecrypt. org and install it. For creating the
encryption volume select 'Create Volume' option from the main menu. This will
open up the 'TrueCrypt Volume Creation' wizard. In the first step, choose
'Create a hidden TrueCrypt volume,' then select 'Create a TrueCrypt volume and
then a hidden volume within it' option. To save this volume click on the 'Select
File' tab and browse a location to save it. For the outer volume define its
size, encryption and hash algorithms to be used and the password. After this the
outer volume is formatted and you can create a hidden volume. For this you need
to specify the encryption and hash algorithms for the inner volume and also
define its size as well as password. Remember that size of the hidden volume has
to be less than the size of the outer volume, as it is going to reside inside
the outer volume. Lastly the wizard will ask you to select the file system (i.e.
NTFS or FAT) that you want to use for creating the hidden volumes. It will
format the volume and your hidden volume is ready.
To mount the created volume, go to the main menu and under the 'Volume'
submenu, click on the 'Select file' tab, browse to the file that you used to
create your TrueCrypt volume and then click on the 'Mount' tab. Now, provide the
password for the hidden volume in the window that pops up and your hidden volume
will be mounted. Once the volume is mounted, you can access it just like any
other partition from 'My Computer' and simply dismount it through the
TrueCrypt's main console.
 |
| A hidden and a normal prartition
being mounted inside Truecry using Twofish and Serpent-AES algorithms |
Page(s) 1 2
|
