Showing posts with label data security. Show all posts
Showing posts with label data security. Show all posts

Jan 30, 2013

Symantec PGP decrypt a WDE drive using boot.iso

What we can do if a bootable PGP WDE drive fail to boot the OS correctly? Initially we can try to do a recovery operation using the OS bootable CD/DVD or restore to a previous known best configurations point. But think if those operations also fail to recover the OS boot process. Then the option is to reinstall the  OS. But as the drive is encrypted, we can't simply reinstall the OS on the same drive. If we do it, it will cause a data lost. Therefore, we need to decrypt the drive and install the OS. Then again encrypt the drive.

We can do two things in such a scenario.
1. Remove the drive and connect it to another PGP installed machine as a slave drive and decrypt it via the PGP desktop.
2. Use the boot.iso to boot the machine and decrypt the drive using bootable cd.

In this post I will describe how to do it using the boot.iso or bootable PGP CD.

First you need to get the correct version of the boot image (boot.iso). It is important to have the same version of the Symantec PGP software to avoid any data lost.

Best way to find the boot.iso is to burn a CD image after initial PGP desktop installation. You can get the image file from these location according to the OS.


32-bit :- C:\Program Files\PGP Corporation\PGP Desktop\bootg.iso
64-bit :- C:\Program Files (x86)\PGP Corporation\PGP Desktop\bootg.iso

Or you can download it from the Symantec website.

Then boot from the CD drive. It will prompt the initial PGP login screen. Do not enter the user name and passphrase. If you can go to the "Advance panel" go to it and try to decrypt the drive. (But in my case I haven't got a advance panel.). But if not, press F4. It will direct you to the WDRT window. Get the WDRT from the server and type it. After submitting the WDRT boot disk (CD) will try to decrypt the encrypted drive. This process will take some time (very high). Don't stop it and make sure power supply is OK.

Keep in mind if something goes wrong, it will cause a data lost and you wan't be able to reverse the operation.

Jan 17, 2013

Encrypt a portable drive using TrueCrypt

TrueCrypt is a good free and open source disk encryption software which support all major operating systems. There are two ways to encrypt data in a portable disk. One way is to encrypt the whole disk. But if you encrypt the whole disk you need to have TrueCrypt in your host machine to view data on it. But if you chose the other way, you can keep a portable TrueCrypt in the same disk with the encrypted data.

I will describe how to do this in the second way. I think it is more user friendly to have a portable TrueCrypt with encrypted data file. First we need to download and create a portable version of TrueCrypt.

You can download it from : http://www.truecrypt.org/downloads (> 4 MB)

Double click on the downloaded executable;

1. Accept the license regalement.  
2. Select the second option - "Extract" and click next.
3. Accept both warnings and proceed.
4. Browse the portable disk and set a folder name to store TrueCrypt. ( I:\TrueCrypt\ )

Now you have a portable version of TrueCrypt. Now you need to create an encrypted disk. But in this scenario we are not going to encrypt the whole disk. We can create an encrypted container and put our valuable data into that. Then the container and the TrueCrypt portable can be stored in the portable device.

To create the encrypted container;

1. Run the "TrueCrypt Format.exe".
2. Select the first option - "Create a encrypted file container"
3. Select the first option - "Standard TrueCrypt volume"
4. Set the file with in the portable device ( I:\TrueCrypt\encrypted_datafile ) and save.
5. Set the encryption algorithm.
6. Give the volume size you need.
7. Give a strong password. This will be your to access the encrypted data in the container.
8. Format the volume and continue the wizard.

Now we need to mount the encrypted container to the system. To do that;

1. Run the "TrueCrypt.exe".
2. Select a available driver letter to mount the container to the system.
3. Press on "Select File ..." button and browse the created container in the portable device.
4 Click on "Mount" button.
5. Give the relevant password.
6. Brows the mounted drive and store valuable information in that.
7. Click on "Dismount" to dismount the container.


Note: You need  to have Administrator rights or (rights to mount a disk to the OS) to run TrueCrypt in portable mode.