I caught this one recently on an episode of CyberSpeak (10/15 show)…..

There are a lot of “secure” file deletion applications out there, but these two look quick and simple and can be used on-the-fly from a thumb drive or automated in a script.

SDelete from Sysinternals/Microsoft

Cipher (included with Windows 2000 and above)

Assuming you do the right thing and migrate all of your confidential data to an encrypted TrueCrypt volume, what do you do with the old copies of the data? You can securely erase the data using these tools so that the only recoverable copy is in your encrypted volume.

Some systems use a data interchange folder to integrate two disparate systems. One system will drop an export file in the directory and the other system will import the file from the directory. I’ve seen POS systems integrate to credit card processing systems in this manner. With this tool, you can script a cron job to regularly securely delete the interchange files in the directory.

Just another layer of security to consider.

Recorded: August 14, 2007
Your Hosts: Keith Albright and Rich Niemeier

Show Length: 1:33:58

Sorry it took so long to edit and post. I took a couple vacation days and didn’t get to do the final steps.

Just Rich and I this episode…..unless you count ‘Virtual Ted’. Rich and I cover the usual gamut of news topics; Novell/SCO Unix lawsuit, Google’s 700Mhz Spectrum bid, and a NJ beach town’s plans to be the next technological marvel. Rich uncovers follow-up information about the health-risks of laser printers. We discuss what Apple can do to help with lost/stolen iPods and how to audit USB device usage on your network. We end with our website picks and as usual, we hope you enjoy.
Links mentioned in this show:

• Laser Printer Health Risks
• Ocean City NJ Beach Of The Future
• Guy Gets a BSOD Tattoo
• Google Bids On 700Mhz Spectrum
• Novell Wins SCO Lawsuit
• Stolen iPods
• OLPC Update
• Kixtart Quick Reference Guide
• Audit USB Device Usage
• Wi-Spy Spectrum Analyzer

Other podcasts mentioned in this show:

None

See the full show notes here.

Website Picks:

Keith’s Pick: NPA Lookup Tool

Rich’s Pick: New video site - VBS.TV

Download Here

Recorded: May 8, 2007
Your Hosts: Keith Albright and Rich Niemeier
Show Length: 1:54:28

Rich and I discuss development of IT policies and procedures; how to start and why they are important. In addition, I throw in a couple of my thoughts on how to audit yourself and how to handle an audit. Rich talks about his move from the Treo to the Blackberry and his battles with a SCO Unix box that died. Rich uncovers some new Virtual Machine appliances available from Microsoft. We discuss Microsofts proposed $3 educational software bundle for developing countries. I attended a seminar on wireless network troubleshooting by Fluke Networks and we discuss their products as well as our own personal experiences troubleshooting wireless systems. This episode marks the debut of our show promos that we’ve asked other podcasts to play. Take a listen and we hope you enjoy.

Thanks everyone.

Links mentioned in this podcast:

• Fluke Network AnalyzeAir Spectrum Analyzer
• Microsofts VHD Test Drive Program
• Microsofts $3 Educational Software Bundle
• Google’s Website Translator
• Airtroductions.com
• SANS Security Policy Project

Download Here

A quick note on a couple of recent Microsoft patches that you might find relevant.

If you have installed the Microsoft MS07-017 (KB925902) patch and had a problem with your systems receiving the following errors:

application_executable_name - Illegal System DLL Relocation

The system DLL user32.dll was relocated in memory. The application will not run properly. The relocation occurred because the DLL C:\Windows\System32\Hhctrl.ocx occupied an address range reserved for Windows system DLLs. The vendor supplying the DLL should be contacted for a new DLL.

Check out the following MS Knowledgebase article and related patch.  I’ve downloaded the patch and applied it successfully to my systems with the Realtek Audio software.

MS Knowledgebase Article 935448

Update for WindowsXP (KB935448)

I use the Kixtart scripting language for my login scripts, so it was easy to deploy the original patch as well as the follow-up Realtek patch using the following script:

AT ( 1,1) “A critical security patch is needed on your computer.”
AT ( 2,1) “Please wait while your system is updated……..”

IF EXIST (”C:\WINNT\$NtUninstallKB925902$”) OR EXIST (”C:\WINDOWS\$NtUninstallKB925902$”)
             AT (4,1) “Microsoft Exploit Patch already applied”
             IF EXIST (”C:\WINNT\$NtUninstallKB935448$”) OR EXIST (”C:\WINDOWS\$NtUninstallKB935448$”)
                          AT (6,1) “Realtek Patch Already Applied”
             ELSE
                          IF @producttype = “Windows XP Professional”
                              AT (6,1) “Installing Realtek Patch…..”
                              SHELL “\\DOMAINCONTROLLER\NETLOGON\PATCHES\KB935448.exe /QUIET /NORESTART”
                          ENDIF
             ENDIF

ELSE
             if @producttype = “Windows 2000 Professional”
                AT (4,1) “Patching Windows 2000 Professional…….”
                SHELL “\\DOMAINCONTROLLER\NETLOGON\PATCHES\2000.EXE /QUIET /NORESTART”
             endif

             if @producttype = “Windows XP Professional”
                AT (4,1) “Patching WindowsXP Professional……..”
                SHELL “\\DOMAINCONTROLLER\NETLOGON\PATCHES\XP.EXE /QUIET /NORESTART”
             endif

ENDIF
AT (8,1) “Your system has been patched.”

Hopefully you find this useful. 

Oh, and if you are not using a robust scripting language, you should check out KiXstart.  It’s released as CareWare, so please do your part and make a donation to one of the listed organizations.

KiXtart website

Keith

First, let me tell you that this comment is out of character for me (just ask my wife).  I tend to be very cynical and do not toss out compliments like this very readily.  I recently purchased a quantity of desktop computers at work and I have to give Gateway credit on their initial software load.  I had been expecting to find a ton of preload junk on the systems that I would have to uninstall or force me to start from scratch to build an image.  Given my experience with other vendors, I expected I would need to de-crapify the system before it’s usable or to prevent dealing with a dozen ‘courtesy’ subscriptions expiring and consuming resources to remind you to hand over your credit card.  However, I only found three items that needed removal; a browser error re-director, Google toolbar and Symantec AntiVirus.  (Only to load our own licensed copy and prevent problems with the free subscription expiring).  Yes, some de-crapifying had to be done, but nowhere near what I expected.

I guess I was so surprised at my good fortune given the way the PC industry is these days.  I don’t know if any other vendors are planning to follow suit, but I certainly hope so.