In this day and age, there are tons of paranoid people when it comes to their computers. Well this guide is for you, with this guide, it will tighten security up around your computer, so even if you have done something wrong, or maybe not, "they" won't be able to prove it. To the staff, this isn't a black hat guide, so don't come at me saying I'm teaching people how to hide their actions from the cops. .-.
Encryption is something everyone should do, it works wonders if someone is trying to access your computer, and they can't unless they know the password to access it.
Veracrypt:
Veracrypt is a wonderful piece of software that took over TrueCrypt, and in my opinion it offers a lot more flexibility than TrueCrypt did as it offers so many more encryption techniques.
Setup Guide:
1. Go ahead and grab Veracrypt from here : Veracryt Download , once there you should see a big purple download button, click it, then install the software.
2. Open veracrypt, and then decide between these two things.
Honestly I recommend the second option for placing sensitive files in, but if you're really paranoid, go with option one, but be careful as sometimes it works, sometimes it doesn't, but that's only if you're installing it on your boot drive.
Encryption:
For the sake of this tutorial, I'm going to show you how to make an encrypted file container.
https://www.youtube.com/watch?v=ULcSePcrKW4
Part II of Encryption: Encrypting Your Typing
Keyloggers are a nasty thing, and in case you may or may not have one, its always a good idea to have your keystrokes encrypted.
Keyscrambler:
This is a great program that will scramble your key strokes, there is a free version that works with browsers etc, however the paid one works really well as well, but it does cost $45. So I'd recommend just using the free one. You can download it here: Keyscrambler Download
Securing Tips:
Make sure you use a strong password that is 20+ characters at least, make sure not to use words that can be found in a dictionary, and its always a good idea to use symbols, spaces, and hell even put a website url in there somewhere.
When you step away from your pc its a good idea to lock it.
Get a good anti-virus, this is one is pretty obvious, but its a good thing to have. Recommendation wise, I'd grab Kaspersky, or ESET Nod32, they are both great anti-viruses.
Disable System Restore Points
This one is obvious..... Now to disable it right click Computer, click Properties, then click Advanced System Settings, then under System Protection, click Configure. Then Turn off System Protection, and click apply.
Disable Send Error Report to Microsoft
When ever programs crash, Microsoft gets a log of that, and obviously, thats not good. To disable this, go to start and type in "problem reporting settings", then click "Choose how to report problems". Click "Change Report Settings For All Users" and then set it to "Never Check for Solutions".
Wiping With Good Ole CCleaner
CCleaner is a very powerful tool if used correctly, studies showed that when you delete files you do not need to do multiple over-writes. With modern hard-drives one write is really enough to fuck up a file beyond repair, but just incase two or three is what I always use.
If you have CCleaner already run it as Admin, then go to Settings and make sure you have it set to overwrite deleted data with three passes (or what ever you think is best). However this will not work well for SSDs, I'll explain why further down.
Then go back to CCleaner and check everything, then run cleaner.
Disable Windows Event Logging
Windows keeps a log of everything that happens on a machine. To disable it search Event Viewer in your start menu, then open it. Click windows logs, then right click system, and click clear logs, make sure you don't save. Now to disable this from being logged further, go to start, type msconfig, open it, then go to services, and make sure Hide all microsoft services is unchecked. Then scroll through the list of services till you find "Windows Event Logging", and make sure you uncheck that. Then restart your computer for it to be saved.
Disable Hibernation
Hibernation pretty much is just taking a picture of your RAM that is saved to your hard drive, so thats not good to have. Search in start for "Power Options", Change your current power plan, then change advanced power settings, expand the sleep one, then expand Hibernate after: Enter the value "0".
Section One: Encrypting Your Computer
Encryption is something everyone should do, it works wonders if someone is trying to access your computer, and they can't unless they know the password to access it.
Veracrypt:
Veracrypt is a wonderful piece of software that took over TrueCrypt, and in my opinion it offers a lot more flexibility than TrueCrypt did as it offers so many more encryption techniques.
Setup Guide:
1. Go ahead and grab Veracrypt from here : Veracryt Download , once there you should see a big purple download button, click it, then install the software.
2. Open veracrypt, and then decide between these two things.
- Do I want to encrypt my WHOLE hard-drive.
- Do I want a folder encrypted.
Honestly I recommend the second option for placing sensitive files in, but if you're really paranoid, go with option one, but be careful as sometimes it works, sometimes it doesn't, but that's only if you're installing it on your boot drive.
Encryption:
For the sake of this tutorial, I'm going to show you how to make an encrypted file container.
https://www.youtube.com/watch?v=ULcSePcrKW4
Part II of Encryption: Encrypting Your Typing
Keyloggers are a nasty thing, and in case you may or may not have one, its always a good idea to have your keystrokes encrypted.
Keyscrambler:
This is a great program that will scramble your key strokes, there is a free version that works with browsers etc, however the paid one works really well as well, but it does cost $45. So I'd recommend just using the free one. You can download it here: Keyscrambler Download
Securing Tips:
Make sure you use a strong password that is 20+ characters at least, make sure not to use words that can be found in a dictionary, and its always a good idea to use symbols, spaces, and hell even put a website url in there somewhere.
When you step away from your pc its a good idea to lock it.
Get a good anti-virus, this is one is pretty obvious, but its a good thing to have. Recommendation wise, I'd grab Kaspersky, or ESET Nod32, they are both great anti-viruses.
Section Two: Windows Security
Disable System Restore Points
This one is obvious..... Now to disable it right click Computer, click Properties, then click Advanced System Settings, then under System Protection, click Configure. Then Turn off System Protection, and click apply.
Disable Send Error Report to Microsoft
When ever programs crash, Microsoft gets a log of that, and obviously, thats not good. To disable this, go to start and type in "problem reporting settings", then click "Choose how to report problems". Click "Change Report Settings For All Users" and then set it to "Never Check for Solutions".
Wiping With Good Ole CCleaner
CCleaner is a very powerful tool if used correctly, studies showed that when you delete files you do not need to do multiple over-writes. With modern hard-drives one write is really enough to fuck up a file beyond repair, but just incase two or three is what I always use.
If you have CCleaner already run it as Admin, then go to Settings and make sure you have it set to overwrite deleted data with three passes (or what ever you think is best). However this will not work well for SSDs, I'll explain why further down.
Then go back to CCleaner and check everything, then run cleaner.
Disable Windows Event Logging
Windows keeps a log of everything that happens on a machine. To disable it search Event Viewer in your start menu, then open it. Click windows logs, then right click system, and click clear logs, make sure you don't save. Now to disable this from being logged further, go to start, type msconfig, open it, then go to services, and make sure Hide all microsoft services is unchecked. Then scroll through the list of services till you find "Windows Event Logging", and make sure you uncheck that. Then restart your computer for it to be saved.
Disable Hibernation
Hibernation pretty much is just taking a picture of your RAM that is saved to your hard drive, so thats not good to have. Search in start for "Power Options", Change your current power plan, then change advanced power settings, expand the sleep one, then expand Hibernate after: Enter the value "0".
