Security Basics mailing list archives
Re: Encryption
From: Archangel Amael <archangel.amael () gmail com>
Date: Tue, 13 Dec 2011 14:22:16 +0100
Hi, These commercial tools in which you are referring need access to the physical memory image file which can be accessed from a running machine. This also requires being able to start the actual OS (windows in the case of bitlocker) this same problem has plagued Truecrypt among others. If the memory image file does not contain the encryption keys then most of these programs are going to revert to a bruteforce style of attack. There should be other controls and policies in place the prevent an unauthorized user from being able to access a running machine. Those however are all apart of a different conversation, since we do not have the relevant information, nor do we need it in order to provide some advice based on the OP's question. Now as a caveat to the aforementioned products, no single product is going to be a 100% guarantee against every single attack scenario that may ever come about. Nothing is 100% secure for 100% of the time. But to jump in and state one should avoid a certain product due to a potential attack vector that also affects other similar products is absurd. Regards, On Tue, Dec 13, 2011 at 1:42 PM, Enode Florvilus <Enodeflorvilus () bayviewassetmanagement com> wrote:
Hi, I am currently doing a POC with Sophos, the product is easy to deploy and the encryption is fast and by the way Bitlocker is not safe. There are commercial tools at there you can buy to crack bitlocker, I suggest you avoid bitlocker. Thanks Enode Florvilus -----Original Message----- From: listbounce () securityfocus com [mailto:listbounce () securityfocus com] On Behalf Of Gouife Atseng,Landry,DOUALA,IS/IT Sent: Monday, December 12, 2011 10:02 AM To: Soumen Paul; drmarkabaiter () gmail com Cc: Kenneth Gonzalez; security-basics () securityfocus com Subject: RE: Encryption Hi paul, Please in the same way, can you help me to have open source to encrypt files in external drive. Thanks -----Message d'origine----- De : listbounce () securityfocus com [mailto:listbounce () securityfocus com] De la part de Soumen Paul Envoyé : mardi 19 avril 2011 16:53 À : drmarkabaiter () gmail com Cc : Kenneth Gonzalez; security-basics () securityfocus com Objet : Re: Encryption Can try sophos safeguard enterprise. That works well with AD integrated role based policy On 15 Apr 2011, at 04:55 PM, David Weise <dweise () rider edu> wrote:hi, Well there is always bitlocker. Or TrueCrypt but this does not integrate with AD. http://windows.microsoft.com/en-US/windows7/products/features/bitlocke r On 4/12/2011 12:49 PM, Kenneth Gonzalez wrote:Hi, i want to implement a simple system to encryp Office files, like Docx, XLSX adn PPTX, and i need to integrate this encryption system with Active Directory. i dont wanto to implement Active Directory RMS, hopefully a open Source or another third party solution. Do you know something like that... thanks---------------------------------------------------------------------- -- Securing Apache Web Server with thawte Digital Certificate In this guide we examine the importance of Apache-SSL and who needs an SSL certificate. We look at how SSL works, how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates. http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be4 42f727d1 ---------------------------------------------------------------------- -------------------------------------------------------------------------- Securing Apache Web Server with thawte Digital Certificate In this guide we examine the importance of Apache-SSL and who needs an SSL certificate. We look at how SSL works, how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates. http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1 ------------------------------------------------------------------------ ------------------------------------------------------------------------ Securing Apache Web Server with thawte Digital Certificate In this guide we examine the importance of Apache-SSL and who needs an SSL certificate. We look at how SSL works, how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates. http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1 ------------------------------------------------------------------------ The information contained in this transmission may contain privileged and confidential information. It is intended only for the use of the person(s) named above. If you are not the intended recipient, you are hereby notified that any review, dissemination, distribution or duplication of this communication is strictly prohibited. If you are not the intended recipient, please contact the sender by reply email and destroy all copies of the original message. ------------------------------------------------------------------------ Securing Apache Web Server with thawte Digital Certificate In this guide we examine the importance of Apache-SSL and who needs an SSL certificate. We look at how SSL works, how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates. http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1 ------------------------------------------------------------------------
------------------------------------------------------------------------ Securing Apache Web Server with thawte Digital Certificate In this guide we examine the importance of Apache-SSL and who needs an SSL certificate. We look at how SSL works, how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates. http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1 ------------------------------------------------------------------------
Current thread:
- RE: Encryption, (continued)
- RE: Encryption Adel Gaber Mohamed Higazy (Dec 13)
- Re: Encryption Thugzclub (Dec 13)
- RE: Encryption Steve Melcher (Dec 14)
- Re: Encryption Archangel Amael (Dec 13)
- RE: Encryption Gouife Atseng,Landry,DOUALA,IS/IT (Dec 13)
- Re: Encryption rcthampi (Dec 14)
- Re: Encryption Archangel Amael (Dec 14)
- Re: Encryption rcthampi (Dec 14)
- RE: Encryption Gouife Atseng,Landry,DOUALA,IS/IT (Dec 13)
- Re: Encryption Archangel Amael (Dec 13)
- Re: Encryption Imran (Dec 14)
- Re: Encryption Soumen Paul (Dec 14)
- Re: Encryption Vic Vandal (Dec 19)