Reasons for Full Disk Encryption

To those who are unfamiliar with the concept of full disk encryption it is very simple, normal your computer or mobile devices will store data on a HDD (Hard Disk Drive) without the requirement for a password or any verification to access it bar maybe a password to log into the machine. And this is all fine and well in a lot of cases, your average user might simply use there laptop for basic web browsing or to use services such as Netflix or Gmail.

But for some users personal or sensitive information might be stored on the computer, meaning that if the devise was to be stolen then all of this information could be accessed and could potently have massive consequences. But by using full disk encryption it makes it almost impossible to gain access to the drive and therefore the information stored on it. The best part is you don’t need to be “tech-savy” or a “computer genius” to achieve this level of protection. And it is also a huge amount easier to achieve than it might sound.

Firstly there are a number off different methods to protect your computer with full disk encryption, this could be in the form of a downloaded application but most operating systems these days also allow the user the ability to use full disk encryptions.

Listed below are a few of the easiest options to secure your PC with full disk encryption

Bit Locker

Bit Locker is Microsoft Windows answer to full disk encryption, and was introduce with Windows Vista, but only on the higher tier packages such as professional and business. This could be a slight restriction to some users who have the home version of Windows.

But much it is a very effective and smooth process to encrypt your disk using Bit Locker, and with it being built it it is also very easy to set up and use. Unlike TrueCrypt this is ran through Microsoft, meaning constant updates and improvements to security and as a result making your data as safe as it can be.

TrueCrypt

Before Bit Locker was around full disk encryption was hard to come by, but there was an open source tool that gave users this ability. And this was TrueCrypt a very easy to use and secure full disk encryption software. That has unfortunately been unsupported since 2014. However your are still able to downloaded it, and even though it states on the website that you should migrate to Bit Locker I personally feel that for your average user that wants a little extra security it will still do an effective job. Largely due to the fact that if your devise was to get stolen, unless the thief was very technically able it would be incredibly challenging for anyone bar an expert to utilize the security vulnerabilities said to be within TrueCrypt.

TrueCrypt Disclaimer
Source – http://truecrypt.sourceforge.net/

 

Ubuntu Home Folder

If you are a Linux user then Ubuntu has you covered on the encrypted folder front, during the install process for Ubuntu you are given the option to password protect your home folder. If you opt to set up a password your home folder will then be encrypted requiring a password to access once logged into the system. It is really nice to see it in the installation stage as it means once your system has been installed everything is set up for you and you will not have to go and set it up after. Although if you use Ubuntu and didn’t do it during the start up, don’t worry about it because you can do it after while usng the system. There are guides to this on the official Ubuntu website.

 

In some cases there are different methods to unlock an encrypted drive, this could be done in a few different ways. One of the more popular is using a UBS drive as a decryption key. Meaning to access the encrypted drive the user will need to have access to the specific USB drive. This is very similar to using a key card to access the encrypted drive. In my opinion it is also a little bit more user friendly as you will not have to keep typing out what should hopefully be a lengthy and complicated password.

And one of my personal favourites is the use of biometrics such as a finger print scanner. These can be purchased online and with a little but of work in some cases, allows the user to have a scanner on the desk, and once a finger print is detected open the encrypted drive.

There are also other methods to be able to add secure sections to your files system, one I have a lot of experience with is use BitDefender. The BitDefender has an option to protect certain folders, Essentially setting up an encrypted location that requires a password to access, although it is not quite full disk encryption its a very easy and manageable way to secure some of your files. It also requires the user to select how much space is going to be need meaning that the area that you secure could be a large as you need.

 

How to Setup an Ethical Hacking Lab

I have recently been setting up a Virtual Lab to use with Kali Linux, to safely practice some pen-testing. And just messing around with some stuff, but the first thing I needed to do before I started was to create a safe environment for myself to practice in. I did this by using VMware

VMware is a virtual machine package allowing you to run virtual machines on your main devices, this can be used for a number of different things. Such as setting up a forensics test environment to discover how some application change the machines as they are used. Or to practice ethical hacking in a safe and secure environment. This can be important because unless you had permission to practice on a real network you would be in breach of a number off different laws depending on the country your in.

This means without having access to a functional lab you’d struggle to either practice away from your studies or to even get started without the worry of getting yourself into trouble. Due to these reasons I went about setting my self up a little lab using VMware. This was very straight forward and simple to-do. And now means I can practice to my hearts content without the risk of breaking any laws.And here is how I did it.

VMWare Downlaod Page
First thing you will need to do is go to the VMware website, and download the VMware Workstation Player (And don’t worry its free for personal use)
VMware Welcome Screen
Once you have downloaded and installed VMware, you will be greeted by this window. From here we are going to select “Create a New Virtual Machine”
Create VM 1
Once you have selected to create a new virtual machine, you will have to select the ISO you wish to install (I will leave a list of Linux ISO below)
Create VM 3
Once you have selected your operating system you will be asked to enter information about the user
Create VM 4
The next step is to decided where you want to save your VM files and to name the VM if you have multiple VM’s of the same operating system this is usefulto manage and keep track of them.
Create VM 5
You will then be asked to select how much storage you want the virtual machine to have, I usually leave it around the 20GB mark but you can do what ever best suites your needs. As I only use mine for testing purpose and never store any data on them.
Create VM 6
This is the final stage before powering on your VM, and is also the stage you are give the option to assign how much hardware the VM will receive.
Create VM 7
Once you have decided how many cores and how much ram your VM is going to require you need to go down to the networking option and select Host-Only. This means that you will only be able to communicate with machines on the same virtual network as yourself.
Create VM 8
And finally you should be able to power on your virtual machine and install the operating system. Once this machine boots up you will be in your own virtual network and can practice your hacking in a safe and secure environment.

 

So if you follow all of the steps above you will be able to repeat this step to install OS such as Kali Linux, this is my go to operating system for practicing ethical hacking as it has all the tools you could need and is used within industry meaning you will have access to tools that are used by professionals.

I found it useful to play around with some older operating systems to practice on first, this tended to be Windows XP or an older version of Ubuntu. This is due to the security features on Windows 10 for example and more advance making it more of a struggle to practice. I also found the easiest way to get a Windows XP key was to have a look around the house and try and find an old laptop that ran windows XP and use the serial off that. But if you don’t have any laying round the house you can buy them on eBay for about £30.

 

Linux ISO Downloads

Paid vs Free: Anti-Virus Software

Recently I have encountered a few viruses on my PC in the form of constant pop ups to malicious websites every time I try to access any web page. This lead to to me running a number of deep Scans using my Paid and trusted Bitdefender. And I thought after ruining a couple of scans everything would be grand. But as it turns out the scans found no issues with my PC.

But it was apparent there was an infection, and with the recent WannaCry attack being so prominent I felt further action had to be taken to avoid any more issues causing further harm to my Computer and potentially my personal file. So the next step was to turn Bitdefender on to Paranoia mode, this essentially locks down your PC requesting permission before websites and application can connect to the web. But again the pop ups to malicious websites continued. This was rather annoying as in my opinion Bitdefender was on of the better paid Anti-Virus software on the market with a nice UI (User Interface). But it just was not finding these malicious files causing trouble on my computer.

Bitdefender UI

So after a while I decided it would be a good idea to have a second set of eyes look over it so to speak and that’s when I decide to download Malwarebytes because I had used it in the past, in its free and portable form. The download is simple and it installed right along side Bitdefender, so I decided to do my first scan, and it turned out there were a whole lot of potentially unwanted files that Bitdefender had seemingly ignored.

Now if Bitdefender was only a free package I could have understood somewhat that it was not finding everything but after 3 full system scans (bearing in mind i have about 6TB for it to scan so it took a while) But considering this application cost per year I was bitterly disappointed. And for Bitdefender to scan my system in about 5 minuets and to find a number of unwanted applications and file it was a bit of a blow to moral.

But I was genuinely impress with Malwarebytes, not only is the free application very effective and quick. But it also removed or placed into quarantine the files that where reeking havoc on my PC. It has also  lead me to think about dropping Bitdefender as my Anti-Virus software of choices and pay for the premium Malwarebytes.malwarebytes

One thing that might deter you from taking Malwarebytes as your go to Anti-Virus however could be the cost, for 1 machine for a year it will set you back about £29.99 and for a second machine the cost is £44.99. For me this is a large sum of money when it will only cover 1 machine for £29.99.

In comparison Bitdefender is only £34.99 for 5 machines for a year, it also throws in some other features that I found to be quite a nice little addition. Such as the devices tracking ability, this is accessed by a very sleek and well built web application letting you log in and not only track all of your devices but also add new devices or remove them from the account. It also offers features such as file shredding meaning that once a file is “Shredded” there should be next to no trace of it left on your machine, Bitdefender will also allow you to encrypt parts of your hard drive to securely and easily store files. And the built in password manager is just a bit of a bonus as well.

So all in all I was genuinely impress with how effectively and smoothly Malwarebytes was able to remove the harmful files that Bitdefender was missing. But will I be moving from Bitdefender? There is a strong possibility but money is one of the things keeping me drawn to it, as I currently have my Bitdefender deployed over 3 different devices, this would mean spending £74.98 to protect all of my devices and that not a little bit of money to just throw around. If anything I will get Malwarebytes for my main machine and have it run along side Bitdefender to try and maximize the protection my system has.

 

McAfee 2017 Threat Predictions: Are they right?

At the beginning of the year McAfee release a document laying out there predictions for cyber security. And with it being almost half way through the year I feel it would be appropriate to write a review on how there predictions are coming on and if they are coming true.

The initial part of the document I am going to cover is the prediction that “Ransomware subsides in the second half of 2017” For those that don’t know ransomware is a type of malware essentially take control of the users data until the demands or ransom are met. and it is becoming a much greater issues, there have even been cases of not just PC’s but also mobile devices being effected by ransomware. And although the measures to stop these types of attacks are improving the methods for delivering these attacks is also becoming an issue. This could be in the form of using multiple vulnerability to achieve the final goal.  These current point of Internets to the Ransomware attacks are:

  • Adobe Flash
  • Microsoft Internet Explorer and Edge browser
  • Java, PDS and Microsoft office
  • Windows Kernel
  • Infrastructure software
  • Virtualization software
  • Security Products

But McAfee’s prediction of ransomware reducing by the second half of the year could look to be incorrect, this is because of a recent attack that has effected the NHS (British National Health Services) There where a number of services effected including a number of Hospitals, Pharmacy’s and GP Surgery’s. The attack was encrypting data and then demanding £230 to decrypt the files. This could have had a massive effect on the health and live of real people. Usually when you see a large scale cyber attack it is on large organization and companies that do not literally have peoples lives in there hands. This attack could have lead people dying.

The attack is called WannaCry worm and how was it so effective. Well it is rumored to have used some exploits that where found when a large number of NSA documents where leaked earlier this year. These leaks where called Vault 7 that detailed a number of exploits that the NSA had been finding and collecting .

How the WanaCry worm works, is when it finds a vulnerability machine on a network  it will infect that machine and sit and wait until it can find more vulnerable machines on the network and then it will keep the processes going until as many machines as it can infect are infected. From there there could be a trigger for the attack to start or it could open up the infected machines to more complicated attacks, this could be in the form of allowing malicious files to be download to the machine or it could simply be that the worm will in fact deploy the ransomware attack.

There have been reports all over the world in the past few days about large scale attack of this nature, so is this the end or is it only going to get worse?