Delete Pagefile on shutdown for security

Discussion in 'Windows Vista Security' started by intwtl, Apr 21, 2007.

  1. intwtl

    intwtl Guest

    I have used PGP on XP and to ensure there are no footprints I set XP to
    delete the Pagefile on shutdown.

    Now that PGP is available for Vista I want to install it and again delete
    the pagefile on shutdown.

    Does anyone know how to accomplish this in Vista ?

    Thanks,

    intwtl
     
    intwtl, Apr 21, 2007
    #1
    1. Advertisements

  2. intwtl

    Neil Harley Guest

    Try running gpedit.msc and turning on the setting:

    Shutdown: Clear Virtual Memory Pagefile

    located at

    Computer Configuration\Windows Settings\Security Settings\Local
    Policies\Security Options
     
    Neil Harley, Apr 21, 2007
    #2
    1. Advertisements

  3. You delete the paging file at shutdown in Vista in exactly the same way you
    could in XP. See the article on my website:
    http://vistasupport.mvps.org/clear_windows_paging_file_at_shutdown.htm

    --
    John Barnett MVP
    Associate Expert
    Windows - Shell/User

    Web: http://xphelpandsupport.mvps.org
    Web: http://vistasupport.mvps.org

    The information in this mail/post is supplied "as is". No warranty of any
    kind, either expressed or implied, is made in relation to the accuracy,
    reliability or content of this mail/post. The Author shall not be liable for
    any direct, indirect, incidental or consequential damages arising out of the
    use of, or inability to use, information or opinions expressed in this
    mail/post..
     
    John Barnett MVP, Apr 21, 2007
    #3
  4. intwtl

    Alun Harford Guest

    Of cause, once something is written to disk, it's very hard to get rid
    of it (think: hammer and big nails).
    Sensible software instructs the OS not to write sensitive data to disk.

    Alun Harford
     
    Alun Harford, Apr 21, 2007
    #4
  5. intwtl

    Paul Adare Guest

    Sorry, but rather than directly editing the registry, using Group Policy as
    Neil answered is a much better solution.

    --
    Paul Adare
    MVP - Windows - Virtual Machine
    http://www.identit.ca
    "The English language, complete with irony, satire, and sarcasm, has
    survived for centuries without smileys. Only the new crop of modern
    computer geeks finds it impossible to detect a joke that is not clearly
    labeled as such."
    Ray Shea
     
    Paul Adare, Apr 21, 2007
    #5
  6. intwtl

    Neil Harley Guest

    and what 'sensible' software would that be?
     
    Neil Harley, Apr 21, 2007
    #6
  7. intwtl

    Neil Harley Guest

    what 'sensible' software would that be and how do you create files without
    writing to disk?
     
    Neil Harley, Apr 21, 2007
    #7
  8. intwtl

    Neil Harley Guest

    darn Windows Mail still sends at the wrong time ... at least when I hit the
    wrong keys lol :)
     
    Neil Harley, Apr 21, 2007
    #8
  9. Paul, so far I haven't been able to find the option in Group Policy. Maybe
    I'm not looking in the right place? 'According to MS TechNet the procedure
    is 'Open Group Policy then expand Computer configuration followed by Windows
    Setting, Security settings, Public Key policies, Local policies and then
    click Security Options' When I click Public Key Policies all that I see is
    'encrypting file system' folder. This, incidentally is on Vista Ultimate.
    There is something missing somewhere.

    --
    John Barnett MVP
    Associate Expert
    Windows - Shell/User

    Web: http://xphelpandsupport.mvps.org
    Web: http://vistasupport.mvps.org

    The information in this mail/post is supplied "as is". No warranty of any
    kind, either expressed or implied, is made in relation to the accuracy,
    reliability or content of this mail/post. The Author shall not be liable for
    any direct, indirect, incidental or consequential damages arising out of the
    use of, or inability to use, information or opinions expressed in this
    mail/post..
     
    John Barnett MVP, Apr 21, 2007
    #9
  10. Neil click the start button and in the search dialogue box type: gpedit.msc
    and press OK. The user account control will pop up and you will need to give
    it access permission. From here you can make quite a number of system
    alteration. However, if you check my post to Paul, a little lower in this
    thread, I haven't been able to locate the option to change the clear the
    paging file at shutdown from within group policy.

    --
    John Barnett MVP
    Associate Expert
    Windows - Shell/User

    Web: http://xphelpandsupport.mvps.org
    Web: http://vistasupport.mvps.org

    The information in this mail/post is supplied "as is". No warranty of any
    kind, either expressed or implied, is made in relation to the accuracy,
    reliability or content of this mail/post. The Author shall not be liable for
    any direct, indirect, incidental or consequential damages arising out of the
    use of, or inability to use, information or opinions expressed in this
    mail/post..
     
    John Barnett MVP, Apr 21, 2007
    #10
  11. Finally located it Paul.

    --
    John Barnett MVP
    Associate Expert
    Windows - Shell/User

    Web: http://xphelpandsupport.mvps.org
    Web: http://vistasupport.mvps.org

    The information in this mail/post is supplied "as is". No warranty of any
    kind, either expressed or implied, is made in relation to the accuracy,
    reliability or content of this mail/post. The Author shall not be liable for
    any direct, indirect, incidental or consequential damages arising out of the
    use of, or inability to use, information or opinions expressed in this
    mail/post..
     
    John Barnett MVP, Apr 21, 2007
    #11
  12. OK Neil. Click Start button and in the Search dialogue box type: gpedit.msc.

    When in group policy window proceed as follows:

    1/ Click the > button next to Computer Configuration.
    2/ This will expand the menu
    3/ Click the > next to the Windows settings option. Again the menu will
    expand
    4/ Next click the > next to Security settings. The menu will expand again
    5/ Now click the > next to Local Policies. The menu will expand again
    6/ Now click on the Security Options
    7/ The right hand pane of group policies will fill with options
    8/ Scroll down to Shutdowns; Clear virtual memory page file
    9/ Now right click on this option and, from the menu that appears select
    Properties
    10/ In properties click on the radio button marked 'Enabled'
    11/ Now click OK
    12/ Finally close group policies

    --
    John Barnett MVP
    Associate Expert
    Windows - Shell/User

    Web: http://xphelpandsupport.mvps.org
    Web: http://vistasupport.mvps.org

    The information in this mail/post is supplied "as is". No warranty of any
    kind, either expressed or implied, is made in relation to the accuracy,
    reliability or content of this mail/post. The Author shall not be liable for
    any direct, indirect, incidental or consequential damages arising out of the
    use of, or inability to use, information or opinions expressed in this
    mail/post..
     
    John Barnett MVP, Apr 21, 2007
    #12
  13. intwtl

    Paul Adare Guest

    I think you're a little confused in this thread. Neil, in the second post
    to this thread, described exactly where this option is.

    --
    Paul Adare
    MVP - Windows - Virtual Machine
    http://www.identit.ca
    "The English language, complete with irony, satire, and sarcasm, has
    survived for centuries without smileys. Only the new crop of modern
    computer geeks finds it impossible to detect a joke that is not clearly
    labeled as such."
    Ray Shea
     
    Paul Adare, Apr 21, 2007
    #13
  14. intwtl

    Paul Adare Guest

    All you had to do was to read Neil's first response to this thread.

    --
    Paul Adare
    MVP - Windows - Virtual Machine
    http://www.identit.ca
    "The English language, complete with irony, satire, and sarcasm, has
    survived for centuries without smileys. Only the new crop of modern
    computer geeks finds it impossible to detect a joke that is not clearly
    labeled as such."
    Ray Shea
     
    Paul Adare, Apr 21, 2007
    #14
  15. intwtl

    Neil Harley Guest

    I think you're posting to the wrong person :)
     
    Neil Harley, Apr 21, 2007
    #15
  16. Try Thunderbird, it's sensible software :)
     
    Otto Normalverbraucher, Apr 22, 2007
    #16
  17. OK intwtl. Click Start button and in the Search dialogue box type:
    gpedit.msc.

    When in group policy window proceed as follows:

    1/ Click the > button next to Computer Configuration.
    2/ This will expand the menu
    3/ Click the > next to the Windows settings option. Again the menu will
    expand
    4/ Next click the > next to Security settings. The menu will expand again
    5/ Now click the > next to Local Policies. The menu will expand again
    6/ Now click on the Security Options
    7/ The right hand pane of group policies will fill with options
    8/ Scroll down to Shutdowns; Clear virtual memory page file
    9/ Now right click on this option and, from the menu that appears select
    Properties
    10/ In properties click on the radio button marked 'Enabled'
    11/ Now click OK
    12/ Finally close group policies

    --
    John Barnett MVP
    Associate Expert
    Windows - Shell/User

    Web: http://xphelpandsupport.mvps.org
    Web: http://vistasupport.mvps.org

    The information in this mail/post is supplied "as is". No warranty of any
    kind, either expressed or implied, is made in relation to the accuracy,
    reliability or content of this mail/post. The Author shall not be liable for
    any direct, indirect, incidental or consequential damages arising out of the
    use of, or inability to use, information or opinions expressed in this
    mail/post..
     
    John Barnett MVP, Apr 22, 2007
    #17
  18. Apologies, Neil

    --
    John Barnett MVP
    Associate Expert
    Windows - Shell/User

    Web: http://xphelpandsupport.mvps.org
    Web: http://vistasupport.mvps.org

    The information in this mail/post is supplied "as is". No warranty of any
    kind, either expressed or implied, is made in relation to the accuracy,
    reliability or content of this mail/post. The Author shall not be liable for
    any direct, indirect, incidental or consequential damages arising out of the
    use of, or inability to use, information or opinions expressed in this
    mail/post..
     
    John Barnett MVP, Apr 22, 2007
    #18
  19. intwtl

    Neil Harley Guest

    I used T-Bird for a while but didn't like its sorting of messages (has it
    changed recently) and besides I'm not too fussed about what app I use for
    n/g access. As long as I can read and reply that's good enough for me.

    The problem with WM sending was down to me having fat fingers in the morning
    :)
     
    Neil Harley, Apr 22, 2007
    #19
  20. intwtl

    Neil Harley Guest

    No problem. I just got lost in the replies and wondered if you meant to
    reply to another part of the thread.
     
    Neil Harley, Apr 22, 2007
    #20
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.