11 replies to this topic

[Genfin]

Hi,

Can someone recommend good tools or utilities to lock the ISO's from changes or corruption due to virus or malware attack. They should be able to lock the files/folders and indicate if the checksum, mdf or sha happens to change.

I do not want to undergo the pain of downloading these ISO's often.


GenFin

[Wonko the Sane]

Can someone recommend good tools or utilities to lock the ISO's from changes or corruption due to virus or malware attack. They should be able to lock the files/folders and indicate if the checksum, mdf or sha happens to change.

I don't get it.
"lock" under WHICH OS?

You can maybe lock the .iso "as a whole" and not file/folders inside it (unless the .iso is mounted).


Wonko

[Genfin]

I don't get it.
"lock" under WHICH OS?

You can maybe lock the .iso "as a whole" and not file/folders inside it (unless the .iso is mounted).


Wonko

[Genfin]

Yes I want to lock the downloaded .ISO file and not their contents .... no one should be able to make changes to the .ISO and virus/malware should not be able to change or corrupt it. Else I will have to redownload them again and again every time my PC gets infected.


Similarly for the folder where I plan to store all the downloaded .ISO's. I hope I'm clear now.

Thanks for your response.


Gen Fin

[MedEvil]

If there were an easy way to prevent files, any files from virus attack, don't you think it would have been all over the news?
If you want to protect your files from a virus attack, you have to put them on a read only media. CD, DVD or write protected USB-Stick.

[Genfin]

What about the utilities/tools that are advertised as folder locks, lock your files etc . Are they any good ? Any way to make a partition or drive 'Read Only' just like a DVD? Also would encryption help ?


Thanks in advance.

GenFin

[MedEvil]

All those tools are software and software will get attacked by a virus, so they are bound to fail when needed most.
Encryption may prevent the virus from reading your confidential data, but it does not stop it from corrupting your encrypted file.

[Wonko the Sane]

@Genfin

I personally use this rather unusual convention of putting a small hook shaped sign "?" at the end of things that I write to convey the idea that they are questions:

"lock" under WHICH OS?

The general idea is that when someone asks a question, the one to which that question is adrressed actually answers it.
I would particularly appreciate if you could comply with this convention, compare with the "common sense advice" attached to board Rules:
http://reboot.pro/in...tion=boardrules
and answer to questions, expecially if asked to you in order to try and help you.


Wonko

[Genfin]

Sorry about that I misseed it .... I was in hurry to post all the queries I had and then reading the replys. But this isn't an excuse.

O/S ...Windows 7 32 bit ultimate and Win XP SP3. I know nothing about Linux.


Thanks again for all your help.


GenFin

Edited by Genfin, 17 March 2011 - 05:39 PM.

[Genfin]

All those tools are software and software will get attacked by a virus, so they are bound to fail when needed most.
Encryption may prevent the virus from reading your confidential data, but it does not stop it from corrupting your encrypted file.

[Wonko the Sane]

If you are using NTFS you can add a "special" user which has EXCLUSIVE ownership/write permission to one single directory (where you store the .iso images), then you remove ALL access to that directory from ANY other "user", including SYSTEM and Administrator (WARNING: Your Mileage May Vary with such "extreme" settings).
This "special user" should also have "normal" permissions to the filesystem and particularly on another single directory (let's call it workspace) where you temporarily copy the .iso's and run Sardu (or whatever).
Basically you login to this "special user" whenever you need to store (or use the previously stored).iso's.
This decreases the possibilities that *anything* using OS calls/utilities can damage the .iso files, but of course can do nothing or next to nothing for things like bootsector viruses or anyay anything that uses the "physicaldrive" directly.

More or less *ANY* file/folder lock utility can be bypassed or forced to behave, with the same methods that "unlocking tools" use (example):
http://www.softpedia.../Unlocker.shtml

Storing the .iso in an encrypted volume (Truecrypt comes to mind) does add an additional layer of complexity, BUT still it is NOT immune to "physical level" damage and more than that "partial data" recovery if this happens is pretty much IMpossible.

The alternative to "read only media" (like CD/DVD) is as Medevil pointed out one of the "rare" nowadays USB stick with an actual "read only switch".
A possible alternative is *any* USB mass storage device with a CERTIFIED hardware write blocker (a few hundred bucks ) or - obviously with a far lesser "safety level" - a software USB blocking thingy, but that (examples):
http://www.m2cfg.com..._writeblock.htm
http://www.irongeek....b-write-blocker
have "side effects" anyway.

Another possibility is to store the .iso's in a hidden partition, ONLY mounted when needed (and possibly with the additional protection of ownership/permission seen above) with showdrive.exe or similar:
http://reboot.pro/10169/


Wonko

[Genfin]

Thank you very much for your reply. I'll try out the above.

GenFin