Announcement

Collapse
No announcement yet.

precautions for college?

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • precautions for college?

    I will be heading to college in August, and I plan on taking my desktop and my laptop along with me. I have concerns as to the precautions I shoulds take to secure my machines both physical and software. I'm still fairly new to the world of cracking into computers, and the such, so I'm a bit in the dark of all the vunerabilities I truely have. Both my computers are running Win XP Pro. I've taken the precaution to set a password for my user account, change the name of the administration, and set a different password for the administration account, plus I've disabled the guest account in Windows. My desktop has a bios password set, but I can't seem to find a way to set up a boot password on it. My laptop has a bios password, boot password, and a hard drive password set on it. Security for the laptop will probably only needed while I sleep because it will probably be with me at all other times, but the desktop I know is in serious need of protection. As for virus protection I'm using "Spybot Search and Destroy", Ad-aware SE Professional, and on my laptop I have a free subscription to McAfee for 6 months I think. I haven't had any problems with viruses or hackers, but I'm working on upgrading my security measures in that area, so that's not a problem for me right now. My main concern is that I still don't know who my dorm roomates will be, I'm going for a degree in Computer Science, and I have no idea of what is in store for me once I get to college. Let me know if you need any more info, or point me in the direction of where I can find my answers if I somehow overlooked them.

  • #2
    when it comes to virus scanning I use House Call it seems to get the jorb done. for security you'll have to ask these other geeks
    If I had a nickle for every time someone offered me ten cents to keep my two cents to myself... I would be a rich man.

    Comment


    • #3
      Here are a few more ideas.

      I'd asset tag the laptop, engrave my name on it in bold letters, make it say STOLEN FROM SUPERTECHKID, get a cable lock, use EFS on the My Documents folder, then keep everything filed under there. Maybe get an Authenex so that you need it to even say hello to the PC.

      Disable auto-save password, clear history and cookies at shutdown (use tweakui for all that).

      Anti-theft ideas like this and also this should be reviewed as well.

      Comment


      • #4
        Originally posted by supertechkid
        My main concern is that I still don't know who my dorm roomates will be, I'm going for a degree in Computer Science, and I have no idea of what is in store for me once I get to college.
        Bummer. Physical access is a big deal. If you can't trust people with physical access to your computer you are in a tough place. At the very least, a DoS is trivial...
        "I wonder if his/her computer likes the taste of beer?" and then "*BZZT!* WHOAH! We just let out the magic smoke! That was cool!"

        If a hacker has physical access, and has a desire to do something with it (pranks, or whatever) then there is not much you can do to stop them.

        Password the system? They open the case, yank the drive and modify contents.
        Lock the case? Pick the lock.
        Crypto is used to encrypt the drive and/or require Keyphrase/passphrase/password on boot? Inline keyboard tap for USB or PS/2, camera, shoulder surfing, etc.
        Hire an employee to watch your system 24/7? social engineering, breaks, etc.

        What is your advantage? Chances you will be housed with a hacker are unlikely. Chances a hacker would be motivated to go after you (unless they were given a reason) are pretty small.

        What is a disavantage? At any sufficiently large college is usually at least one hacker-type, but can they be convinced to work against you?

        Other suggestions:
        Screensaver that requires re-authentication after periods of inactivity.
        Lock on your case.
        BIOS Enable support for notification of your case being opened.
        Be upfront with yout dorm mate: "I'll respect your stuff so long as you respect mine."
        Be polite and considerate with your peers.
        Don't make claims your system is secure or unbeatable (these sound like you are throwing down the gauntlet.)
        Keep up to date on system updates.


        Tinfoil hat suggestions:
        Always inspect your keyboard before use, and keep it disconnected and locked away when not in use.
        Use encryption on your system's boot drive and system drives and change the passphrase often.
        Don't put it on the network, only use floppy disks and scan any files with 3 different scanners before putting the floppy disk in your drive.

        Seriously, you probably have bigger risk in a dorm of seeing your food disappear than someone you know stealing your data, or breaking into yout machine.

        Comment


        • #5
          And get a SOHO firewall. Believe it or not, viruses aren't just written by college kids, they are brought to school by teachers who don't know the first thing about anti-viruses.

          Comment


          • #6
            Originally posted by TheCotMan
            Chances you will be housed with a hacker are unlikely.
            Methinks you did not stay in the dorms.

            Schools often assign your roommate based on the major, so expect to at least find someone who has above-average computer skills (or knows a friend that does) with a penchant for solving problems. Perhaps not a full-blown hacker, but give a geek a challenge...

            So my answer to the question "What is your advantage?": your roommate isn't likely to be malicious in his attempts. The goal is usually a simple prank meant for a quick laugh. My guess is that the first time you lose data will be when are repartitioning for installing your next OS.

            Comment


            • #7
              Well, up til now I used my school's computers to learn what I could. This past year I came into a position that allowed me to do more experimentation, without having to worry about crashing the OS because I had access to reloading it. I also found two other kids that knew more than me (and still do) that also got into the position. With my explorations (under my two new friends guidance, and on my own) I learned a little bit about the registry, and some other system internals of Windows, and was exposed to Knoppix. I've crashed many OS's, and screwed many programs up, so I'm not to worried about me screwing up my computer unless I do something risky (which I'll probably only do on the OS I have installed on my secondary hard drive I have in my desktop.

              My concerns about the security of my computers come from those two friends of mine. We shared one main computer to do any real work on, and many times I would go to do something to find that I couldn't. I would then have figure out what they had done, so that I could undo it and go on with what I needed to do. Some of what they did was intentinal, and some was not. As frustrating as that was, it was near as frustration as when they decided to set me up for when I completed certain tasks that the computer would run a file that deleted what I had just done, or creating files that would run endlessly once the computer booted. They even went through the network and screwed me up, but I quickly learned how to protect myself from those attacks. I know that what they did to me was only simple stuff and that much worse can be done, and I just want to learn how to protect myself. I did buy a portable hard drive that I keep all of my really important doc's on, and I even keep a backup of any important software that I have in case I lose the disks, or if they no longer work.

              I know that in Win XP Home that when you boot into safe mode you don't need a password for the administration account. I know that specific vunerability doesn't work on XP Pro, but was wondering if there were any strange vunerabilities like that for XP Pro.

              Comment


              • #8
                if you have your laptop or desktop set to boot from CD, Floppy, HDD then if I booted from a knoppix disk I could view everything on your hard drive no matter what security you have on it. Security in terms of Windows.

                FYI...

                Comment


                • #9
                  Originally posted by slamb
                  if you have your laptop or desktop set to boot from CD, Floppy, HDD then if I booted from a knoppix disk I could view everything on your hard drive no matter what security you have on it. Security in terms of Windows.

                  FYI...
                  Originally posted by astcell
                  use EFS on the My Documents folder,
                  Actually doing what Astell mentioned will negate the "boot from CD" trick, at least for access to sensitive files. There are lots of ways to secure a machine against different attacks, but when it comes down to physical access, you need to look at protecting the data itself, rather than spending all your time on protections that can be circumvented by a boot disk.

                  I would recommend either using EFS or some other type of disk/drive/folder encryption to protect any files you wouldn't want your roommate to see. PGP has also been working on a disk encryption method that uses a modified driver for NTFS to protect the entire partition. Might want to check that out.
                  Aut disce aut discede

                  Comment


                  • #10
                    In the BIOS you can set your PC to boot to HDD only. Don't even have it check for a floppy or CD. You can easily change this should you need to boot to another device. Password protect bios access then your biggest worry is physical access to the machine to bypass or reset the password/chip, physically. Also there are programs out there that will sniff out your bios and logon password once the machine is running. Technically speaking if you loan your machine to someone they can use this freeware to get your bios password, then your security is nil.

                    Comment


                    • #11
                      If there's a will... theres a way...

                      Everyone has provided you (and others) with all the right information, and yes.. physical security is very importiant, and in schools/labs/etc its often overlooked.
                      BIOS password stops most people from doing just about anything, including booting knoppix even if they got past the bios password somehow (becuase you have a BIOS setup password and your set to boot to HDD only)...
                      Figure out a way to lock your case from being opened... and hope for the best they don't have a friend in metal shop.
                      You could just use and work off of a USB thumbdrive or portable HD of some kind... that way its prettymuch always with you, and you can work anywhere on campus.

                      If you can't trust these guys not to delete your work, I don't know if i would call them 'friends'. Its one thing to play a harmless joke now and then.. but to do it over and over, and delete importiant files/etc... thats just not cool..
                      Maybe you can just ask them nicely...
                      The only constant in the universe is change itself

                      Comment


                      • #12
                        Originally posted by dYn4mic
                        You could just use and work off of a USB thumbdrive or portable HD of some kind... that way its prettymuch always with you, and you can work anywhere on campus.
                        Speaking of which, my friend just showed me something a few days ago. It's a cable that allows you to use an internal drive as an external drive. On one end it plugs into USB and on the other end is a two sided set of pins. One side is for a desktop HD and the other is for a laptop HD. So if you bought a 200 gig HD for cheap you could just have that in a little case and carry it with your laptop. It's pretty neat and not big or cumbesome at all. I forgot the price/name/company because he got it out of a magazine but when I talk to him today I'll get the info and update it here. You might want to look into that.
                        Answering easy questions since 1987
                        Si Dieu est pour moi, qui peut ĂȘtre contre moi?

                        Comment


                        • #13
                          Google for "Hard disk caddy"...

                          These are basically what you are describing. You can get a usb2 cable and a PATA connector on the other end, and make an internal harddrive external. They are pretty good. Especially if you get a self powered one that doesnt need to be plugged in, so you can run it of your laptop (obviosly using laptop battery quicker).
                          Twigman

                          Comment

                          Working...
                          X