Safe zip/unzip and file split on secure Windows machine?

Safe zip/unzip and file split on secure Windows machine?
Secure Home | Search | About
Login Password
Register Now! Lost Password?
 General Computer Security    Post an article   get this group's latest topics as an RSS feed add this group's latest topics to your My MSN content add this group's latest topics to your My Yahoo content add this group's latest topics to your Google content
Subject Author Date
Safe zip/unzip and file split on secure Windows machine? Drew Tronvig 01-10-2005
Posted by Drew Tronvig on January 10, 2005, 2:04 pm
If you were  Registered and logged in, you could reply and use other advanced thread options
I have to go to the library for high-speed internet and their computer
guys are understandably wary of any exectuable files being crated on or
copied to their computers. They have very effective controls that
prevent any executable file from being created or downloaded. The
library also does not allows users to use any diskettes except blank
ones purchased from them, so there would be no way to bring in a
suspect file that way. Also, perhaps because of these concerns, they
have no zip/unzip software and no file split software.

This all becomes a problem when a user wants to download a
self-extracting zip file or to take home a file that won't fit on a
diskette. Would there be a safe program or collection of programs that
would do the folowing:

Download exectutable files and convert them
to zip files before they go to the disk. In
the case of self-extracting zip files, this
might be as simple as stripping off the self-
extraction code and just leaving the zipped
file.

Zip and/or split files to diskettes.

It would probably make them feel better if
the programs would not allow unzipping or
unsplitting, though I think their safeguards
would prevent any exectutable file from being
created that way anyhow. There would be
situations where the user may need to unzip a
downloaded data file on the computer.

Thanks for any suggestions and for any reassurances I could pass along
to the library computer guys.

Thanks,
Drew

PS: I tried to post this to comp.security but Google Groups responded
'The following usenet groups are archived and cannot be posted to:
"comp.security".' If they are mistaken about this and if this subject
seems appropriate for the general comp.security usenet please repost
this message there and put a message in this thread that you have done
so.

Thanks again.



Posted by Walter Roberson on January 10, 2005, 10:59 pm
If you were  Registered and logged in, you could reply and use other advanced thread options
:I have to go to the library for high-speed internet and their computer

Sorry, I don't have an answer about that.


:PS: I tried to post this to comp.security but Google Groups responded
:'The following usenet groups are archived and cannot be posted to:
:"comp.security".' If they are mistaken about this and if this subject
:seems appropriate for the general comp.security usenet please repost
:this message there and put a message in this thread that you have done
:so.

If there ever was a 'comp.security' newsgroup, it no longer exists.
Either it never existed, or it was officially reorganized out of
existance.

It was not uncommon in the old days for people or systems to
believe that newsgroups *had to be* created hierarchically,
with newsgroup X *necessarily* having to exist if newsgroup X.Y
existed. This was largely a misunderstanding of newsgroup
functions, compounded with the fact that this misunderstanding
got written into some newsgroup management software.

Then there were the people who said that it didn't make any sense to
have subgroups when there hadn't be a higher group in the first place,
so they went ahead and created the higher-level groups on their systems
and those groups got used and tended to infect neighbouring systems,
especially in the days before it was thought necessary to
restrict newsgroup creation messages in the Big 7 hierarchies
(Big 8 now) to messages from Tale...
--
This signature intentionally left... Oh, darn!


Posted by on January 13, 2005, 12:20 pm
If you were  Registered and logged in, you could reply and use other advanced thread options

Drew Tronvig wrote:
> This all becomes a problem when a user wants to download a
> self-extracting zip file or to take home a file that won't fit on a
> diskette. Would there be a safe program or collection of programs
that
> would do the folowing:
>
> Download exectutable files and convert them
> to zip files before they go to the disk. In
> the case of self-extracting zip files, this
> might be as simple as stripping off the self-
> extraction code and just leaving the zipped
> file.
>
> Zip and/or split files to diskettes.
>

128 MB jump drives are fairly cheap these days. Do the library
computers have easily accessible USB ports? You might be able to
download straight to a jump drive?

Jerry



Posted by Nick Roberts on January 25, 2005, 10:46 pm
If you were  Registered and logged in, you could reply and use other advanced thread options

> I have to go to the library for high-speed internet and their computer
> guys are understandably wary of any exectuable files being crated on or
> copied to their computers. They have very effective controls that prevent
> any executable file from being created or downloaded.
> ...

I wonder if you could diplomatically convince the 'computer guys' at this
library that their security strategy is pointless and ineffective?

It is pointless preventing people from downloading executables, since it is
not necessary for the purposes of security. All that is required is to give
each (regular) user a separate user account, and to set access controls
appropriately (so that those users cannot access files or anything else
critical to the system).

It is also ineffective, since there are lots of ways viruses can infect a
machine without having to execute an EXE file (directly). A Java class file,
for example, will do just as well.

--
Nick Roberts


Similar ThreadsPosted
Secure file transfer December 16, 2007, 3:34 pm
Viewing/opening file sent by secure method February 27, 2007, 2:31 pm
unable to create a self signed CA file in Windows. February 12, 2008, 10:41 am
Windows Encryption Tool - Safe AES encrypted archives and on-fly image viewer February 28, 2005, 8:05 am
Machine Used by Spammers December 27, 2005, 5:36 am
Digital Machine Certificate - Win XP Pro SP1 May 12, 2004, 1:43 pm
NIS slowing machine to a crawl? February 27, 2005, 10:11 am
802.1x machine authentication without directory October 30, 2006, 4:15 pm
Help! An internet server has been installed on my machine! April 20, 2005, 8:31 am
Resurrecting a Win98SE machine; security questions. June 20, 2004, 2:18 am

The site map in XML format XML site map

Contact Us | Privacy Policy