SecureMac.com
About SecureMac Advertise Security Consulting Mac Security Store Send Feedback

Site Information
Site Background
Who runs the site
Advertising
Security Consulting
Employment/Jobs
Feedback Form

SecureMac Software
PrivacyScan

 

Mac OS X Security
sudo buffer overflow exploit + fix
Disable Single User Boot Mode
Malevolence - Dumping Passwords
nidump security
Startup Security - Open Firmware Password Protection

Mac OS X Network Security
SAINT
Secure FTP Wrapper
Ettercap - sniffer interceptor logger
Snort - Network Intrusion Detection System
SSH Admin
SSH Helper
xnu - enable MAC Address spoofing


Mac OS X Virus

Mac OS X Firewalls
Firewalk Firewall Utility
NetBarrier X

Mac OS X App Sec.

Mac OS X Encryption
LittleSecrets
GPGMail - PGP Functionality

Mac OS X DoS

SecureMac Library
Mac Cable Modem Security
Mac Security Auditing
Mac OS X Security Understanding
Mac OS X Security Second Lessons
Mac OS X Security Third Lesson
Mac OS X Single User Mode Root Access
Mac OS X Shareware Firewalls
Mac OS X Secure Installation
Cable & DSL Connections - Security Measures
Better Safe than Sorry
Apple.com Security Resources
Marketing Macintosh Security Programs

FileGuard - Intego
Desktop Security

FileGuard 4.0


FileGuard by Intego Software
FileGuard Security Advisory - Disengage 1.0

OS 9.1 Ready, Now fully being developed and supported by Intego

Information:
FileGuard has been a trusted program amongst Mac users who have searched for a way to keep their computers and data secure, in most recent news Intego purchased the software and will continue to make improvements and develop the software for both Macintosh and PC platform. FileGuard now fully works with Mac OS 9.1 and has many bug fixes as well as feature advancements.

Brief rundown on the functionality of FileGuard 4.0. Allow multiple users to have restrained access this can be done by file privledges and login periods. To keep you computers secure from the people you do not trust, or you want to restrict to certain days and times it can be setup in only a few seconds. First selecting the user then using the classic graphical user interface to select what days and time periods to allow and deny access. (Ideal for schools - classes - home - homework)

Configuration of the program is simple. As shown below you will see that turning on and off functionality is very easy. From allowing/restricting guest login to configuring the screenlock

FileGuard Options Menu


One of SecureMac's favorite features of this program besides the security of locking your computer down is the file shredding ability. That is a features that makes it hard to recover data. You have confidential data that you want destroyed, just deleting that file wont truely remove it. The shredding erases and writes over the blocks of data however many times you select to ensure a more secure deletion. Once you trash, giveaway, or trade computers with someone if you don't securely delete those files - even after initialization you data may still be recovered.

fileguard file shredding utility


About the Security:
FileGuard isn't just a extension that requires password on startup. The program installs the extra security even if you startup by holding down the shift key to disable extensions of hold down the spacebar to load Extension control panel FileGuard first requires you to log in.

fileguard locked


Each user you create can have specific privledges you supply. And you may restrain the user from accessing control panels, programs and desk accessories.

fileguard unauthorized access


Administrator
As the administrator you have full control over the users and the log files. FileGuard 4.0 gives you full control over what to log and what not to log. The more option the better understanding of how to recover after a user has modified or destroyed data.

FileGuard Logging options


If you are still stuck or need full help setting up or configuring the program FileGuard comes with excellent documentation where you can find all your questions and answers from 'What Do I do if I forgot my password' (which we will cover shortly) to 'How do I add a user with access only on Thursdays from 2-3PM'
fileguard help files


Removing FileGuard
Removing FileGuard can be a little harder without the administrative password.
fileguard emergency password remove

You will need to boot from the startup disk and access the program entitled 'Remove FileGuard' this will remove the disk protection so after you restart you will be able to access you drive. If you have any FileGuard protected files make sure you unprotect them before you remove the protection because the files will still be FileGuarded.

Views:
Excellent program to keep all your Macs secure and files intact and safe. The multiple users, file protection and file shredding ability is the perfect suite to desktop security. Well worth the purchase.

Contact Information for Intego US
Intego - North America
6301 Collins Avenue, #1806
Miami, FL 33141
tel: 305-868-7920
fax: 305-868-7938

Information - info@intego.com
Sales - US and Canada - sales@intego.com
Technical support - support@intego.com

Rating:
rate rate rate rate rate



Features:
OS 9.1 Ready
Macintosh access control

FileGuard limits computer access to the users registered by the administrator who can prevent them, for example, from inserting disks, copying applications, accessing the log files, protecting files or folders, ... FileGuard also keeps a user log with information of the users' activity on the Macintosh. Folder protection

FileGuard allows you to set access privileges to all your folders (including the System Folder). You can limit the access per User or/and per Group, create "write-protected" folders or set up a folder as a "drop folder", etc. File protection
The file protection procedure is similar to saving and opening a normal document and does not in any way alter your work habits. Upon saving a new document, FileGuard gives you the option to password-protect it. The user can choose from a variety of industry-standard encryption formats such as D.E.S., Triple D.E.S., IDEA(TM), ...

Encryption is performed automatically when you quit your application. You can also encrypt a document manually using the Protect File command.

Opening protected documents is just as easy and automatic. When you double-click an encrypted document, FileGuard asks for your password, decrypts the file and automatically launches the appropriate application. The document is automatically reencrypted when you quit the application. For each protected file, FileGuard keeps a complete log of all operations performed, including creator & owner name, date/time of creation, total use time, attempts at unauthorized access, etc.

Hard disk protection The hard disk protection of FileGuard prevents unauthorized access and/or intentional copying or erasure of a hard disk. No-one will be able to start your Mac from another System disk or with extensions disabled, without supplying the proper volume password.

fileguard emergency password remove


Application protection
FileGuard offers both password and copy protection of all applications on your hard drive. If you choose password protection, the protected application can run on another disk with the right password even if FileGuard is not installed. If you choose copy protection, the protected application will run only on your hard drive.

File shredding
The file shredding option of FileGuard allows you to shred your files upon emptying the Trash. In this way, no one will be able to recover your confidential files, even when using utilities especially designed to recover deleted items.

Insecurity:
08.13.2001 - The program Disengage 1.0 used to decrypt the user information stored in FileGuard 4.0 has been released by the group mSec to demonstrate that just because there are passwords set it is not impossible to obtain the 'unobtainable information' Intego corporation was just notified of this security concern and we are sure they will be releasing patches to ensure that your user data is secured.

Keeping the userdate secure to ensure that the logins and passwords of the users are still unknown is a must. Once you are logged into the computer Disengage 1.0 can will show you what the user information for the users are including the passwords.

FileGuard Hack
The user 'God' has the password of 'Apple'


System Administrators, you can keep this program off your network by not allowing programs to be downloaded and disabling the media devises. In many cases this rule can not be put into play so it leaves your network vulnerable. You may add this program to the list of blocked programs, yet if the user changes the name of the application to something other than 'Disengage 1.0' the program will still be allowed access. You may set up the computer so it ONLY runs specific applications, which is reasonable if you are wanting your network secured and not allow it to execute unknown applications.

Disengage 1.0 cannot decrypt a password when the file SYSTEM VITAL is greater than 2 MB. This is due to the fact that Disengage 1.0 reads the whole file into memory, and sometimes the SYSTEM VITAL file can be very large. The same holds true for the resource where the user information is stored in the FileGuard Extension. Disengage 1.0 searches for a specific hexadecimal string in the SYSTEM VITAL file to locate the administrator's password. This method has worked at all times during the testing phase of the program, however, there might be situations when it does not work. All measures have been taken to make sure that no memory leaks occur while using the program. Disengage 1.0 has a 255 character limitation when displaying the user information. That means that only the first 255 characters in the userfile can be displayed. This is due to the size limitation of the DialogManager of the OS.

You can try to allocate more memory to Disengage in the Finder if you get memory errors.

This will make Disengage look for the FileGuard Extension in the Extensions folder, and for the SYSTEM VITAL file in the root folder of the startup harddrive. If these files are found Disengage will retrieve the existing usernames and passwords.

The program 'Disengage 1.0' is avialable for download so the system administrators may know what the program looks like and they can see the importance of keeping it off their computers. Follow the link below to download the program that decrypts and displays the FileGuard 4.0 user information.

Disengage.sit

SecureMac.Com Advisory
Brian Dittmer - brian@securemac.com
02.17.00
---

Operating System Affected: MacOS 8.6 and below
Software: ALL versions of FileGuard
Threat: medium

The computer protection software "FileGuard" is renowned for its excellent ability of keeping people off your box. While playing around with the latest version, I started playing with the logs. I got to fooling around with file names and realized that you can change the name of a file without it being logged.

Take this scenario. Someone gets onto your computer and they are restricted from all of your Internet applications. They bring a copy of "ferret" (http://jindel.cjb.net), a notorious hacker tool used to gather passwords. Not taking the (highly unlikely) chance that you aren't logging anything, they rename ferret "AppleWorks". They run ferret and get all your passwords. Print them out. Rename ferret like "AppleWorks Art" and trash it. Now they have all your passwords and stuff - to about 15 odd apps.

You're probably saying - “what can I do?” Well, nothing. Heh. Sorry. The best solution is to keep everyone off your computer.
FileGuard Rename Hack

VPC - FileGuard Security Vulnerability
Peter Puggaard informs about a FileGuard and VPC security vulnerbility. Issue: Using VPC (Virtual PC - Emulation program) to set up the protected folder as a shared folder, then he would be able to view its content on the MacOS. Fix: In the FileGuard application setup VPC as a Unauthorized Software.

oLdskuLe writes: here is a file. some of it came from your site. (the new fileguard patches) and a file with information on the previous versions that came from the hackintosh bible. thats all i have ever seen about it anywhere. some good information though.
FileguardInfo.sit
If you know any security issues related to FileGuard please send them to this email so we can suggest updates and changes in Intego Software future releases. We are more than happy to research and post it here!


Enter Email Address:

Enter your message:


Select Either of These Two Buttons




Security + OS
DiskLock
PowerBook Security Control Panel
Empower Pro
FileGuard
FreeGuard
FoolProof
Deus Lock Master
OnGuard
Keys Off
LockOut
MacOS Algorithm
Modem Security
Password Key
PGPuam
PPF
Shift Key Suite
Stealth Signal
SuperLock Lite
SuperLock Pro
Web-Confidential


Macintosh Viruses
Disinfectant
Sophos Anti-Virus
Norton AntiVirus
Nav 7 Nav 6 Nav X
Virex - Oct
VirusBarrier - Netupdate
vScan - Discontinued.

Mac Physical Security


Macintosh Firewalls
DoorStop Firewall
Firewall Q & A
IPNetSentry
NetBarrier
Norton Personal Firewall

Mac Spyware & Privacy
Monitorer
NetShred - Delete Files Safely

Network Security
MacAnalysis
Oyabun Tools
WDTech RAE
ToolDaemon

Application Security Issues
AIM - AOL Instant Messenger
Back Orifice
Eudora E-Mail Client
Internet Configure
IE 5.1, OE 5.1, Powerpoint, Excel Vulnerability
MS Personal webServer
NetBus
Outlook Express 4.5 Password Flaw
SubSeven
Sub7ME Server

Resource Info
AppleShare Server Info

Mac OS Encryption
EnScript
FGP
FileTwister
ForgotIt?
GenPass
MacLockSmith
My-Privacy
My Secret
PGPi
PGPhone
PGP Personal
PGP Freeware
PowerCrypt-dev
Private File
Quick Encrypt
SubRosa Utilities
Tresor

Deleting Files
Eraser Pro
ShredIt

Backups

Apple Hardware

MacOS DoS
Mac Attack


All material (c) 2014 SecureMac.com and respected owners