Hacklog Volume 1 Anonymity: it security & Ethical Hacking Handbook

Download 2,32 Mb.

Pdf ko'rish

bet	36/57
Sana	01.01.2022
Hajmi	2,32 Mb.
	#289651

1 ... 32 33 34 35 36 37 38 39 ... 57

Bog'liq
Hacklog Volume 1 Anonymity IT Security Ethical Hacking Handbook

7.3 Disk Encryption
Data encryption can be applied to an entire disk or part of it; this feature is
available on any operating system.
-
On Windows, it’s the BitLocker technology.
-
On macOS/OS X, you need to create an encrypted partition.
-

Usually, on GNU/Linux the feature is called Whole Disk Encryption or
Full Disk Encryption
Just like the client-level encryption, if you lose your key (passphrase) there
are no chances of retrieving it; you can only format the disk and install a new
OS. Since you may need to encrypt portions or entire partitions to be used across
multiple Operating System, we will focus on a cross-platform software, which is
System-agnostic and capable of managing different technologies.
7.3.1 TrueCrypt
TrueCrypt wrote part of the IT encryption history, being the first-born of a
software lineage which introduced the average users to the full disk encryption
without being IT engineers. This project has been abandoned in 2014, with the
end of Windows XP support, but it’s still available for who needs the related
program versions. Luckily, we can use an array of forks which resolved its
restrictions and issues, but I wished to dedicate a paragraph to the possibilities
offered by TrueCrypt and its new iterations:
• Allows to encrypt entire partitions
• Allows to create two partitions: if you are forced to unlock the disk, you
can access one partition using one password, while the second partition will
require another password.
• Supports the hardware acceleration offered by the next generation CPUs
features

• Supports three encryption algorithms: AES, Serpent and Twofish. You can
also mix them.
Before we proceed, some general caveats and recommendations; they won’t
apply for all cases, but you must consider every possibility:
-
Never defrag and index encrypted volumes, since they could leave traces in
the system logs
-

Never use journaled file systems, instead choose file systems without
journaling (ex., FAT32, exFAT or ext2)
-
Use the complete formatting, non use any fast option
-

When you open files, remember they’ll be stored in the RAM and in temp
folders: remove them once you’re done (especially when you are not using a
Live OS)
-

In any case, take all the necessary precautions to protect the device you’re
using (no Internet, updated system, protections in place, etc.)
7.3.2 Veracrypt
Available for all the major OSs and backwards compatible with Truecrypt,
Veracrypt
[94]
is without any doubt the go-to application. The program is quite
user-friendly and easy to use.

7.3.2.1 Installing Veracrypt
Just for the other topics, we will skip the installation stage on Windows and
macOS, since it’s quite a no-brainer; installing it on GNU/Linux, however, is not
very hard but we recommend you to strictly follow these steps. Firstly,
download
[95]
the tar.bz2 file for the GNU/Linux version (currently, v1.19). Open
the terminal and go to the Downloads folder:
$ cd $HOME/Downloads
extract the package using the command:
$ tar xjf veracrypt-1.19-setup.tar.bz2
Now, you will have 4 files: identify the ones containing the term “gui” in the
name. Then, install the program:
$ su
$ bash veracrypt-1.19-setup-gui-x86
Choose between the x86 and x64 version. If you don’t know your Operating
System architecture (remember, x86 means 32-bit processors, while x64 means
64-bit), you can use this command:
$ hostnamectl
If you still have doubts about which one to install, always prefer the x86 (it’s
compatible with x64 processors, but slower).
7.3.2.2 Using Veracrypt
Let’s how we can use Veracrypt, creating a partition or a container to store
all our most important files, hidden from everyone else.
1)

In order to create the first container, choose one of the available slots,
click the Create Volume button, then choose between creating a container and

Download 2,32 Mb.

Do'stlaringiz bilan baham:

1 ... 32 33 34 35 36 37 38 39 ... 57