AW: Hard Drive Encrypting

[Meidinger Christopher <christopher.meidinger () badenIT de>]

You should also read up on EFS. Administrators *do* have a skeleton key, but
only if they set it up before the files are encrypted. I believe it runs
over the backup operators local group, but check it out yourself before
using EFS.

Cheers,

Chris

-----Ursprüngliche Nachricht-----
Von: Birl [mailto:sbirl () temple edu]
Gesendet: Friday, June 20, 2003 8:29 PM
An: security-basics () securityfocus com
Betreff: RE: Hard Drive Encrypting


edward:  Date: Fri, 20 Jun 2003 10:51:26 +1000
edward:  From: "Ng, Edward B" <edward.ng () eds com>
edward:  To: 'Allan Foster' <AllanF () lpa state ks us>, rogerg () cox net,
edward:       mart50 () hotmail com, security-basics () securityfocus com
edward:  Subject: RE: Hard Drive Encrypting
edward:
edward:  Just wondering, will EFS make data recovery a problem if the PC
crashes or
edward:  the partition/drive becomes corrupt? I had a to perform a recovery
on a XP
edward:  machine recently, using software tools like Winternals Admin Pak
and I don't
edward:  believe it had EFS enabled, but if it did ...??
edward:
edward:  Edward
edward:
edward:  EDS Australia Pty Ltd



You should read up on EFS.  Each user receives their own key when using
EFS.  Unless you have those keys, you're not recoving anything except
encrypted files.  Administrators do not have a skeleton key to decrypt all
files they do not own.

If the PC crashes, it depends on the crash.  If the hd is still readable,
then you should be fine.  You suffer the same risks with file corruption
regardless of encryption; you either repair it or it's unrepairable.



 Scott Birl                              http://concept.temple.edu/sysadmin/
 Senior Systems Administrator            Computer Services   Temple
University
====*====*====*====*====*====*====*====+====*====*====*====*====*====*====*=
===*



edward:  -----Original Message-----
edward:  From: Allan Foster [mailto:AllanF () lpa state ks us]
edward:  Sent: Friday, 20 June 2003 1:35 AM
edward:  To: rogerg () cox net; mart50 () hotmail com;
edward:  security-basics () securityfocus com
edward:  Subject: RE: Hard Drive Encrypting
edward:
edward:
edward:  I have found EFS to be effective only as long as the encrypted file
is on a
edward:  Windows 2000/XP machine.  As soon as you copy it to a computer with
a
edward:  different operating system, the file is decrypted.
edward:
edward:  Allan Foster, CISA, CISSP
edward:  Principal IS Auditor
edward:  Legislative Post Audit
edward:  800 S.W. Jackson St, Suite 1200
edward:  Topeka, Ks 66612
edward:  (785) 296-5668  phone
edward:  (785) 296-4482 fax
edward:  allanf () lpa state ks us
edward:
edward:  >>> "Roger A. Grimes" <rogerg () cox net> 06/18/03 04:17PM >>>
edward:  Any reason why you don't use Microsoft's built-in EFS?  It has all
those
edward:  features you mention.
edward:
edward:  Roger
edward:
edward:
***************************************************************************
edward:  *Roger A. Grimes, Computer Security Consultant
edward:  *CPA, MCSE (NT/2000), CNE (3/4), A+
edward:  *email: rogerg () cox net
edward:  *cell: 757-615-3355
edward:  *Author of Malicious Mobile Code:  Virus Protection for Windows by
O'Reilly
edward:  *http://www.oreilly.com/catalog/malmobcode/
edward:
***************************************************************************
edward:
edward:
edward:  -----Original Message-----
edward:  From: Martin Smith [mailto:mart50 () hotmail com]
edward:  Sent: Wednesday, June 18, 2003 3:01 PM
edward:  To: security-basics () securityfocus com
edward:  Subject: Hard Drive Encrypting
edward:
edward:
edward:
edward:
edward:        Good Day,
edward:
edward:              I have a need to encrypt the hard drive for our laptops
running
edward:  XP and 2000 pro. If it can, it needs to be as invisible to the
users as
edward:  possible. Plus, it has to be linked to the user's login and
password or the
edward:  users' cac.
edward:
edward:         What tools are out there?
edward:
edward:
edward:  Thanks for your help.

---------------------------------------------------------------------------
Evaluating SSL VPNs' Consider NEOTERIS, chosen as leader by top analysts!
The Gartner Group just put Neoteris in the top of its Magic Quadrant,
while InStat has confirmed Neoteris as the leader in marketshare.
     
Find out why, and see how you can get plug-n-play secure remote access in
about an hour, with no client, server changes, or ongoing maintenance.
          
Visit us at: http://www.neoteris.com/promos/sf-6-9.htm
----------------------------------------------------------------------------

---------------------------------------------------------------------------
Evaluating SSL VPNs' Consider NEOTERIS, chosen as leader by top analysts!
The Gartner Group just put Neoteris in the top of its Magic Quadrant,
while InStat has confirmed Neoteris as the leader in marketshare.

Find out why, and see how you can get plug-n-play secure remote access in
about an hour, with no client, server changes, or ongoing maintenance.

Visit us at: http://www.neoteris.com/promos/sf-6-9.htm
----------------------------------------------------------------------------