Re: Security of the Windows XP SP2 Boot Process
From: Steven L Umbach (n9rou_at_n0-spam-for-me-comcast.net)
Date: 11/08/05
- Next message: Rhonda Rasmussen: "Re: Software Restriction Policy"
- Previous message: Shenan Stanley: "Re: Pop-ups"
- Maybe in reply to: Carey Frisch [MVP]: "Re: Security of the Windows XP SP2 Boot Process"
- Next in thread: Kerry Brown: "Re: Security of the Windows XP SP2 Boot Process"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Mon, 7 Nov 2005 19:11:37 -0600
If a hacker steals your notebook deactivating the Windows Firewall will be
the least of your problems. "I know that my system is only as safe as the
operating system" is wrong. Your data is only potentially secure if A - an
attacker can never get physical access to your computer or B - the data is
properly encrypted with a strong algorithm and access to the private key is
not possible. An attacker may not try to gain access through your operating
system. They will simply try to access the data from their own or use a
utility to reset the administrator password on your operating system to be
able to logon as an administrator which takes less than five minutes if the
computer can be booted from floppy or cdrom.
If you must protect your data then you can use something like EFS
encryption. If you export/delete your EFS private key when done with your
files and then run cipher /w on your computer no one is going to access that
data since EFS in the current SP of XP uses AES 256 encryption. If you leave
your EFS certificate/private key on your computer then your data is only as
safe as your password. If you use weak passwords it can be fairly easy to
crack your user password in the local SAM. Strong passwords, particularly
when used with cached logons, can greatly increase your chances of your
password never being cracked. I would consider a strong password to be
greater than 15 characters in length and use lower and upper case, numeric,
and punctuation characters. A password or pass phrase of at least 15
characters will also make sure no LM hash of the password is stored.---
Steve
http://support.microsoft.com/default.aspx?scid=kb;en-us;223316&sd=tech ---
EFS best practices
"FrEaK_@CH" <FrEaKCH@discussions.microsoft.com> wrote in message
news:6360DFE5-CB6B-4DC2-A91E-942D2A7C5BEF@microsoft.com...
> Hi
>
> Thanks for your answer...but, I should explain a little bit more..
>
> The hard disk of my notebook is encrypted. I know that my system is only
> as
> safe as the operating system, because I have deactivated the boot
> authentication from the hard disk encryption application.
> I ask me now, which security problems are present during the starting
> procedure. For example, a hacker who steals my notebook could modify the
> boot
> process, deactivate the firewall, ...
>
> Regards
> Dominik
>
>
> "Carey Frisch [MVP]" wrote:
>
>> Your PC is secure during booting with the Windows Firewall enabled.
>> You must wait until reaching the desktop before accessing your data
>> or turning-off the Windows Firewall, which is not a good idea.
>>
>> --
>> Carey Frisch
>> Microsoft MVP
>> Windows - Shell/User
>> Microsoft Community Newsgroups
>> news://msnews.microsoft.com/
>>
>> -------------------------------------------------------------------------------------------
>>
>> "Dominik" wrote:
>>
>> | Hi
>> |
>> | How secure is the Windows XP SP2 starting / booting process? Can I
>> modify
>> | the boot process so that I can disable the Windows XP SP2 firewall or
>> access
>> | any data during?
>> |
>> | Thanks and Regards
>> | Dominik
>>
- Next message: Rhonda Rasmussen: "Re: Software Restriction Policy"
- Previous message: Shenan Stanley: "Re: Pop-ups"
- Maybe in reply to: Carey Frisch [MVP]: "Re: Security of the Windows XP SP2 Boot Process"
- Next in thread: Kerry Brown: "Re: Security of the Windows XP SP2 Boot Process"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
