Re: setting access restrictions on external drive

["J. Yoon" <supercool9000 () hotmail com>]

Hi,
thanks for your advice but unfortunately if it was that simple I would not 
have posted here...
The drive is already formated NTFS (not fat32) and I've tried setting the 
security tab to restrict others from access but it's completely grayed out.

When I searched the Microsoft website about this problem, it says that only 
folders and files in Documents/Settings dir can have access restrictions...
Still I'm wondering if there's a way...


> From: jamesworld () intelligencia com
> To: "J. Yoon" <supercool9000 () hotmail com>
> CC: security-basics () securityfocus com
> Subject: Re: setting access restrictions on external drive
> Date: Mon, 22 Dec 2003 20:07:01 -0600
> MIME-Version: 1.0
> X-Sender: jjww1 () worldnet att net@ipostoffice.worldnet.att.net
> Received: from mtiwmhc12.worldnet.att.net ([204.127.131.116]) by 
> mc3-f40.hotmail.com with Microsoft SMTPSVC(5.0.2195.6713); Mon, 22 Dec 2003 
> 18:07:52 -0800
> Received: from l10-xp1.intelligencia.com 
> (adsl-68-72-137-6.dsl.chcgil.ameritech.net[68.72.137.6])          by 
> worldnet.att.net (mtiwmhc12) with SMTP          id 
> <2003122302075011200asb85e>          (Authid: jjww1 () worldnet att net);      
>     Tue, 23 Dec 2003 02:07:50 +0000
> X-Message-Info: JGTYoYF78jGsaSMxLchmCnuVzCmweH1+
> Message-Id: 
> <5.2.1.1.0.20031222200336.01ffa8b8 () ipostoffice worldnet att net>
> X-Mailer: QUALCOMM Windows Eudora Version 5.2.1
> In-Reply-To: <LAW12-F28hA4iJ3hYpa0005c518 () hotmail com>
> Return-Path: jamesworld () intelligencia com
> X-OriginalArrivalTime: 23 Dec 2003 02:07:52.0187 (UTC) 
> FILETIME=[923514B0:01C3C8F9]
>
> Format the drive using NTFS  (it's prolly FAT32 be default)
>
> Then with NTFS, you can set ACL's via the security tab.
>
> Give your self access and everyone else DENY access.  This plus your 
> encryption should do the trick.
>
> You must of course have physical security of the device.  Someone could 
> pick the unit up,  and plug it into their laptop,  take administrative 
> ownership of everything and still be able to delete your stuff.  Maybe even 
> decrypt it if they can get the recovery key from your system or break the 
> crypto......or of corse thing the things is broken and format it to do you 
> a 'favor' :-)
>
> At 15:13 12/22/2003, J. Yoon wrote:
> > I have an external USB drive using Windows XP file system,
> > I have turned on encryption so that other users can't access the files
> > but they can still view and browse the folders
> > or even "delete" the encrypted files it if they wanted to.
> >
> > I've read on microsoft website that you can only
> > restrict files/folders if you put them inside your Documents & Settings 
> > folder,
> > but since this is an external drive it's not possible.
> >
> > How then, do I set this so that other users can't see or access anything 
> > inside folders that i restrict?
> > I would like to know if this is possible without using 3rd party 
> > software...
> >
> > _________________________________________________________________
> > Grab our best dial-up Internet access offer: 6 months @$9.95/month.
> > http://join.msn.com/?page=dept/dialup
> >
> >
> > ---------------------------------------------------------------------------
> > ----------------------------------------------------------------------------

_________________________________________________________________
Check your PC for viruses with the FREE McAfee online computer scan.  
http://clinic.mcafee.com/clinic/ibuy/campaign.asp?cid=3963


---------------------------------------------------------------------------
----------------------------------------------------------------------------