Zoltan .
KINCZLI @
Synergon .
hu writes:
> My concern is confidental data stored on a PC hard-drive,
> but the PC is in a physically unprotected area. Software
> protection (like PGP) from security point of view would be
> acceptable: but it needs user co-operation and this is the
> problem here... we can't relay on users' co-operation
It sounds like you're worried about their stealing your
data. Years ago I was involved with such a situation,
in which a consultant was holding a friend's database
for ransom. We hooked kermit up into a session log
and a query loop and sucked the database dry, then
it was easy to parse the session log and recover the
database. If you don't trust your "friends" not to take
the data from the hard disk, they could easily enough
grab things from the video controller or any of a number
of other points in the system.
I don't know about protection at the disk controller, but
there are packages for DOS (which may be available
for W95) like Fischer Int'l "Watchdog" that encrypt the
hard disk, make it non-bootable (encrypted boot block)
without a password, and un-mountable (encrypted FAT)
from standalone. They also support a notion of an
"administrator mode" which can control the overall
settings of the system such as keying, file write permissions,
etc. I think newer versions let you use an external key,
giving dongle-like protection.
This isn't a product plug for "Watchdog" -- I last used it
4 years ago, and I know it does what you're asking about.
I'm sure there are other products on the market.
mjr.
-----
Marcus J. Ranum, CEO, Network Flight Recorder, Inc.
<A HREF=http://www.clark.net/pub/mjr>Personal</A>
<A HREF=http://www.nfr.net>Work</A>
<A HREF=http://www.clark.net/pub/mjr/websec>New Book!!</A>
|
|
