Re: External disk security
From: Zen Andreas (zen8069_at_zen.co.uk)
Date: 06/08/04
- Next message: Jud: "Re: Ip Tracking (email Tracking)"
- Previous message: John O'Donnell: "Re: Microsoft Security Bulletins for June 2004"
- In reply to: Steven L Umbach: "Re: External disk security"
- Next in thread: Steven L Umbach: "Re: External disk security"
- Reply: Steven L Umbach: "Re: External disk security"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Tue, 8 Jun 2004 20:18:01 +0100
I have tried this, but noticed that if you give the disk to
someone who happens to use Win2000 too and is logged in as an
administrator, he or she can add himself to the list of users
granting himself access to the directories without any
trouble..... This would make encryption obsolete?
This worked without copying a certificate to the other machine...
Is there anyway of simply restricting it to 2 computers? On both
computers I have administrator access and I do not need it on any
other computer...
Many thanks for your help.
"Steven L Umbach" <n9rou@nospam-comcast.net> wrote in message
news:L3nxc.4940$0y.4172@attbi_s03...
> The only way would be to use encryption such as EFS. If the
drive has no operating
> system on it and no user profiles then a third party finding it
would not be able to
> decrypt the EFS files since they would not have access to the
EFS private key that is
> needed and stored in the users and recovery agents profile. In
W2K two parties can
> decrypt EFS files - the user who decrypted them and the
designated recovery agent[s]
> who would be the built in administrator account by default on a
stand a alone machine
> and possibly a domain administrator,etc on a domain machine.
Efs info can show what
> users can decrypt a file and their related thumbprint info for
the associated
> certificate/private key. If you use EFS if is a good idea to
run cipher /w on the
> drive before shutting down to try to remove any cleartext
remnants of encrypted
> files. EFS has it's hazards in that if you have to reinstall
the operating system and
> you do not back up your EFS private keys, you will lose
permanent access to your
> data. Be sure to read the link below on EFS best
ractices. --- Steve
>
> http://support.microsoft.com/default.aspx?scid=kb;EN-US;223316
>
> "Zen Andreas" <zen8069@zen.co.uk> wrote in message
> news:u9e6cVWTEHA.2236@TK2MSFTNGP09.phx.gbl...
> > I have an external disk (60GB) which I use daily between my
home-
> > and the office-computer.
> > Both computers run Win2000.
> >
> > I have tried to encrypt the data and add user rights, but
using
> > other computers this is easy to change once logged in as
> > administrator on a third party Win2k computer.
> > What is the best way of securing access to this (firewire)
disk
> > (or directories) such that if I loose it "no one" can have
(easy)
> > access to it?
> >
> > Many thanks
> >
> > --
> > Zen Andreas
> >
> >
>
>
- Next message: Jud: "Re: Ip Tracking (email Tracking)"
- Previous message: John O'Donnell: "Re: Microsoft Security Bulletins for June 2004"
- In reply to: Steven L Umbach: "Re: External disk security"
- Next in thread: Steven L Umbach: "Re: External disk security"
- Reply: Steven L Umbach: "Re: External disk security"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|
