Security Basics mailing list archives

Re: File Encryption - Laptop

From: "Chris Berry" <compjma () hotmail com>
Date: Tue, 16 Sep 2003 15:29:53 -0700

From: Ansgar Wiechers <bugtraq () planetcobalt net>
> I totally agree that win98 is NOT secure, however, for this particular
> problem there is a registry hack.
>
> System Key: Hkey_Local_Machine\Network\Logon
> Value Name: MustBeValidated
> Data Type:    Reg_Dword
> Value Data:   0 = disable, 1 = enable

But beware that you will need an authentication server for this (most
likely a DC), so it's probably not really practical for a notebook. I
read once that you can get this to work without a separate server by
using Microsoft Family Logon, but I haven't tried that myself.


I haven't done it for a while, but if I remember correctly that would work.

Also keep in mind that anyone with physical access to the machine can
easily bypass this setting, since it is possible to use regedit.exe in
DOS mode to import a specially crafted .reg-file.

Yep, which is one more reason why you don't use 98, though you could open upthe laptop and cut the F8 key connection to prevent that, hehe. A bettersolution might be to install Grub as your bootloader and enforce a bootpassword, but all of these ideas are basically just hacks, what they reallyneed to do is upgrade.


Chris Berry
compjma () hotmail com
Systems Administrator
JM Associates

"You are not special. You are not a beautiful or unique snowflake. You arethe same decaying organic matter as everything else." -- Tyler Durden


_________________________________________________________________

Express yourself with MSN Messenger 6.0 -- download now!http://www.msnmessenger-download.com/tracking/reach_general



---------------------------------------------------------------------------

Captus NetworksAre you prepared for the next Sobig & Blaster?- Instantly Stop DoS/DDoS Attacks, Worms & Port Scans- Precisely Define and Implement Network Security- Automatically Control P2P, IM and Spam TrafficFIND OUT NOW - FREE Vulnerability Assessment Toolkithttp://www.captusnetworks.com/ads/42.htm

----------------------------------------------------------------------------

Current thread:

Re: File Encryption - Laptop, (continued)
- Re: File Encryption - Laptop Birl (Sep 15)
- RE: File Encryption - Laptop Oliver Rebollido (Sep 15)
- RE: File Encryption - Laptop Ross Wakelin (Sep 15)
  - RE: File Encryption - Laptop wbradd (Sep 16)
- RE: File Encryption - Laptop Ruiz Cifuentes, Rolando Matias (CL - Santiago) (Sep 15)
- RE: File Encryption - Laptop Bill_Roswell (Sep 15)
- Re: File Encryption - Laptop Chris Berry (Sep 15)
  - Re: File Encryption - Laptop Ansgar Wiechers (Sep 16)
- RE: File Encryption - Laptop Nero, Nick (Sep 16)
- RE: File Encryption - Laptop Pierre A. Cadieux (Sep 17)
- Re: File Encryption - Laptop Chris Berry (Sep 17)