In the past posts regarding laptop security, we’ve looked at some simple ways to lock down our laptop when we run off to a quick meeting and keep our information private. We’ve discussed some ways to remove or lock down sensitive information on our systems that could otherwise put us in a compromising situation.
What about those other more serious threats? How do we prevent a viral attack on our system? How do we identify and remove those Trojan Horses? How do we stop those key-loggers from sending off recorded and collected keystrokes to that individual who created it?
These high tech espionage assaults are very real threats. But there are ways to slow down or stop these methods as well.
- Get a Viral detection program
These protection programs will scan your hard drive, your memory and any incoming data for potentially malicious code and will either quarantine or remove it. These days, almost any system you pick up will have a one-month trial of either Mcafee or Symantec virus software. Be forewarned, however, that while these programs monitor your data, some can be quite heavy and will use considerable amount of your compute cycles. So you may see a slow down in system responsiveness while the software is actively protecting your system. Still, when you weigh the consequences against the benefits, it always pays to have some type of viral protection system installed on your system. I’ve had good luck with ESET NOD32 and AVG offers a usable free version that will perform virus scans (but if you want to detect other little nasties like rootkits, you’ll have pay to play)
- Get a software firewall
There are some small software bugs out there that don’t quite fall into the virus category (like keystroke loggers and rootkits) but they do manage to get loaded onto your system. Chances are that if you’ve got one or more of these on your system, it was either bundled with some type of interesting free software that you installed, it was picked it up through some type of file sharing, or it was picked up by visiting a poisoned website.
Regardless of how it got there, once it gets started, it can potentially send information off to a predetermined recipient. At one time, the Real player, a downloadable media player from real.com, was notorious for gathering information about the host system and sending it back to the home company. All under the guise of marketing, and all without the knowledge of the owner of the machine.
One way to prevent your system from sending off information without you knowing it, or having unwanted visitors trying to gain access to your system, is to use a software firewall. Software firewalls live on your system and monitor your Internet connection. They will alert you when some program on your system is trying to send out information and requires you to take some kind of action before the program is allowed to proceed. Windows XP now comes with a weak version of a firewall installed. But your best protection will come from a third party firewall. Again, while everyone is familiar with the often bundled and ubiquitous Symantec firewall, you may want to check out ZoneAlarm.com and their package, Zone Alarm Pro, for keeping your personal information from leaking out of your system.
- Get a file shredder.
Most of us know that when we delete a file, it really doesn’t get deleted. It just gets moved to the recycle bin. That makes it easy to recover from what I like to call “fat finger mistakes”. Those are the ones that make us say “oops” right after we perform the action. This is great for recovering from those moments where our fingers moved faster than our minds could make a judgement. The downside is that when we really do want to delete that file, it’s not really deleted. Even after we empty the recycle bin, the data from that file is still on your drive.
Think of it this way. The data in your file is stored in little packets on the drive. Sometimes those packets are clustered together; sometimes they are scattered about the hard drive surface. The name of the file, however, is located in one big table and has the locations of all of the packets where the data is stored on the drive; sort of like a road map for the data in your file. This not only tells the system where to find the data for your file, but also tells the system not to use these locations for storing other types of data. When you put that file into the recycle bin, you are only putting a mark on the file name targeting it for deletion.
When you actually get around to emptying your Recycle Bin, the system goes through and removes all of the file names in the table that are targeted for deletion. This also removes the roadmap of the data that was in your file, and lets the system know that those locations are now free to be used again. But depending on the size of your drive and how often you store new data, the system may not need to use those locations again for a long time. The net result is that deleted data may still live on your drive long after you’ve emptied the Recycle Bin, and can be accessed with certain low level disk utility programs. So any time you take your system in to be repaired or you donate that obsolete drive to the local hardware-recycling retailer, count on someone accessing your “deleted” information.
The government has known about this for a while. Federal Government policies require that any hard drive being “retired” first be “wiped” with a program that writes a pattern of “1”s and “0”s on the drive in all locations several times. These types of programs are now commercially available and are called file shredders. If you want to insure that deleted information of a sensitive nature is really deleted, then get yourself a file shredder. Heidi Computers makes a pretty easy to use tool that is free and obtainable here.
As an added bonus with this shredder, you can also empty the contents of your paging file at shutdown (like we outlined in the previous post, “Laptop Security Part 2”). When the utility is open, simply select Edit -> Preferences -> General and then click the box under the “Paging File” section entitled “Enable clearing of paging file (swap) at shutdown”.
As noted earlier, all of these steps help thwart those individuals who are looking for quick, easy hit on your system and make it a really inconvenient for the average hacker to get information from your machine. Again, recognize that if someone really wants to get into your system and they have the skills and know how, they will eventually get what they want.
Still, there is nothing that says you have to make it easy for them. Take these steps to lock down your system, protect your information, and you’ll rest a bit easier at the end of the day.