I caught this one recently on an episode of CyberSpeak (10/15 show)…..

There are a lot of “secure” file deletion applications out there, but these two look quick and simple and can be used on-the-fly from a thumb drive or automated in a script.

SDelete from Sysinternals/Microsoft

Cipher (included with Windows 2000 and above)

Assuming you do the right thing and migrate all of your confidential data to an encrypted TrueCrypt volume, what do you do with the old copies of the data? You can securely erase the data using these tools so that the only recoverable copy is in your encrypted volume.

Some systems use a data interchange folder to integrate two disparate systems. One system will drop an export file in the directory and the other system will import the file from the directory. I’ve seen POS systems integrate to credit card processing systems in this manner. With this tool, you can script a cron job to regularly securely delete the interchange files in the directory.

Just another layer of security to consider.

Recorded: August 14, 2007
Your Hosts: Keith Albright and Rich Niemeier

Show Length: 1:33:58

Sorry it took so long to edit and post. I took a couple vacation days and didn’t get to do the final steps.

Just Rich and I this episode…..unless you count ‘Virtual Ted’. Rich and I cover the usual gamut of news topics; Novell/SCO Unix lawsuit, Google’s 700Mhz Spectrum bid, and a NJ beach town’s plans to be the next technological marvel. Rich uncovers follow-up information about the health-risks of laser printers. We discuss what Apple can do to help with lost/stolen iPods and how to audit USB device usage on your network. We end with our website picks and as usual, we hope you enjoy.
Links mentioned in this show:

• Laser Printer Health Risks
• Ocean City NJ Beach Of The Future
• Guy Gets a BSOD Tattoo
• Google Bids On 700Mhz Spectrum
• Novell Wins SCO Lawsuit
• Stolen iPods
• OLPC Update
• Kixtart Quick Reference Guide
• Audit USB Device Usage
• Wi-Spy Spectrum Analyzer

Other podcasts mentioned in this show:

None

See the full show notes here.

Website Picks:

Keith’s Pick: NPA Lookup Tool

Rich’s Pick: New video site - VBS.TV

Download Here

A quick note on a couple of recent Microsoft patches that you might find relevant.

If you have installed the Microsoft MS07-017 (KB925902) patch and had a problem with your systems receiving the following errors:

application_executable_name - Illegal System DLL Relocation

The system DLL user32.dll was relocated in memory. The application will not run properly. The relocation occurred because the DLL C:\Windows\System32\Hhctrl.ocx occupied an address range reserved for Windows system DLLs. The vendor supplying the DLL should be contacted for a new DLL.

Check out the following MS Knowledgebase article and related patch.  I’ve downloaded the patch and applied it successfully to my systems with the Realtek Audio software.

MS Knowledgebase Article 935448

Update for WindowsXP (KB935448)

I use the Kixtart scripting language for my login scripts, so it was easy to deploy the original patch as well as the follow-up Realtek patch using the following script:

AT ( 1,1) “A critical security patch is needed on your computer.”
AT ( 2,1) “Please wait while your system is updated……..”

IF EXIST (”C:\WINNT\$NtUninstallKB925902$”) OR EXIST (”C:\WINDOWS\$NtUninstallKB925902$”)
             AT (4,1) “Microsoft Exploit Patch already applied”
             IF EXIST (”C:\WINNT\$NtUninstallKB935448$”) OR EXIST (”C:\WINDOWS\$NtUninstallKB935448$”)
                          AT (6,1) “Realtek Patch Already Applied”
             ELSE
                          IF @producttype = “Windows XP Professional”
                              AT (6,1) “Installing Realtek Patch…..”
                              SHELL “\\DOMAINCONTROLLER\NETLOGON\PATCHES\KB935448.exe /QUIET /NORESTART”
                          ENDIF
             ENDIF

ELSE
             if @producttype = “Windows 2000 Professional”
                AT (4,1) “Patching Windows 2000 Professional…….”
                SHELL “\\DOMAINCONTROLLER\NETLOGON\PATCHES\2000.EXE /QUIET /NORESTART”
             endif

             if @producttype = “Windows XP Professional”
                AT (4,1) “Patching WindowsXP Professional……..”
                SHELL “\\DOMAINCONTROLLER\NETLOGON\PATCHES\XP.EXE /QUIET /NORESTART”
             endif

ENDIF
AT (8,1) “Your system has been patched.”

Hopefully you find this useful. 

Oh, and if you are not using a robust scripting language, you should check out KiXstart.  It’s released as CareWare, so please do your part and make a donation to one of the listed organizations.

KiXtart website

Keith