Howdy, Stranger!
It looks like you're new here. If you want to get involved, click one of these buttons!
This forum is in permanent archive mode. Our new active community can be found here.
Need to make sure a computer is secure.
Okay, So I'll say what I can, but I can't give all the details.
A company that I'm hired by occasionally for computer support has recently had their computers seized by a federal government agency. There is word that they will be getting their computers back soon, but lets just say they aren't out of the woods yet. Upon their return, I will be tasked with...returning them to a more trustworthy state.
Obviously I'll be wiping the hard drives, inspecting the hardware for key loggers or suspicious components, installing the OS from scratch, and encrypting the hard drives with truecrypt.
Do you guys have any suggestions in locking down these machines? They have to use Windows XP, unfortunately, due to proprietary software which is necessary to the operations of their business.
A company that I'm hired by occasionally for computer support has recently had their computers seized by a federal government agency. There is word that they will be getting their computers back soon, but lets just say they aren't out of the woods yet. Upon their return, I will be tasked with...returning them to a more trustworthy state.
Obviously I'll be wiping the hard drives, inspecting the hardware for key loggers or suspicious components, installing the OS from scratch, and encrypting the hard drives with truecrypt.
Do you guys have any suggestions in locking down these machines? They have to use Windows XP, unfortunately, due to proprietary software which is necessary to the operations of their business.
Comments
If the latter, I have no idea what kind of stuff the government can get their hands on in terms of surveillance. I'm not sure but I think there are ways of corrupting parts of the hard drive so that they can't be overwritten and leaving something there.
I'd begin by physically inspecting the computers then, if feasible, replacing the hard drives (BIOS would probably be too much.) then Truecrypting the whole system drive, (Though, making sure the employees don't give their password out is going to be a challenge.) and, again, if feasible, installing Ubuntu to at least cut down on the chance of employees brining anything bad in by themselves.
Oh, and run Wireshark off a live CD for a while to keep an eye out for anything strange.
But why the hell did the government seize the computers, and why the hell are you still working for that company?
Be extra safe.
Thermite is stable and safe with unignited, because in it's most common form, it's Iron Oxide and Aluminium, powdered, and mixed together. You can't ignite it with regular flames and such, you need something like a magnesium strip to ignite it, or if you have the right mix, you can light it with a sparkler, if you do it right.
Making thermite is no more dangerous than, say, mixing Flour and Baking soda, or sand and dirt. The dangerous part comes when you set it off, and even that isn't terribly dangerous, if you do it right.
Basically (if you're paranoid):
1. Dump your suspect commodity peripherals (keyboards mostly)
2. Visually inspect the motherboard (probably not necessary), compare to a picture of it online. Don't worry about anything etched or resistors or things like that: focus only on the IO ports
3. Flash the motherboard BIOS to the newest version from the manufacturer (good opportunity to do so anyway)
4. DBAN the drives and re-install the OSs
5. Egress monitor your network
Step 2 is probably unnecessary, but it wouldn't take long, and the due diligence would look good to your employer.
If the government actually wants to spy on you, and the above doesn't remove it, you're in over your head anyway, and there's nothing within reason you could do to avoid it. Just go through the motions with the above procedure and leave it at that.
Now, important question time: did they seize any network equipment?
Were I a government agency who needed to keep an eye on you, I'd simply leave a back door in your router when I seized it. Anything else is kind of silly. Furthermore, if they did bug your equipment, they likely have a warrant and legal backing to do so, in which case, you'd better be damn sure you're working for the "good guys."
As I said, go through the motions, get paid, and call it a day. Nothing you do will really affect the outcome of this whole thing whatever it is.
- Obstructing a possible Federal investigation.
- Destruction of government property.
- Acquisition and manufacturing of high-grade incendiaries.
- Use of said incendiaries to attack U.S. infrastructure and ultilities.
- Proper application of various electronic warfare components, including keyloggers and hacker operating systems (Linux)
/not srsbsns, duhYou need to fill out paperwork to buy pseudoephedrine, which can be used to make meth, but not to buy a smoke detector.
I guess my overall advice for this thread would be do what Scott said: pretend to do your job, get paid for pretending. It sounds like these guys aren't the greatest, and OoJ is, unlike this thread, srsfknbsns.Wood shop explosions...You always hear those stories. Wired ran an article on how to do the same thing with a soup can of dairy creamer, a wax paper cap, and nichrome+a 9v for the Fourth.Or to build a crazy-dangerous breeder out of aluminum foil like that one kid.
Dayum.
That is all.