Hello all,
Utimaco (www.utimaco.com) has a produkt called SafeGuard Easy (for win 2k).
It provides total harddrive encryption (including the filesystem) and
pre-boot authentififcation.
Basically it protects your laptop.
The documentation states:
"Unauthorized persons have no access to the system, since the pre-boot
authentication (PBA) asks the user for authentication before booting the
operating system. This kind of authentication cannot be manipulated PBA
therefore guarantees maximum security. Neither keys nor passwords are stored
on the PC's hard disk. All the information that is required to boot the
operating system is derived from the password. This makes the use of hard
disk tools for analyzing the hard disk completely ineffective."
and furthermore:
"Finally, a secure challenge/ response procedure is available to re-issue
the password, if a PC has been blocked because the pass-word has been
entered incorrectly or forgotten."
My question is, would it technically be possible to provide a means to
authenticate a user before booting the OS without the use of special
hardware, and not store any password on the disk? And if so, wouldn't
booting from a floppy bypass that?
It sounds like they encrypted the startup environment and the password is
the key to decrypt it, but that sounds very fairy-like...
But if so, how can they provide 'a secure challenge/ response procedure' to
restore the password?
Is this security through obscurity? or is it just to elite for me to grasp?
Thanks for your comments
Joost
-----Original Message-----
From: Andrew Mauer [mailto:[EMAIL PROTECTED]]
Sent: maandag 17 september 2001 16:54
To: 'Buzetta Fabian'; [EMAIL PROTECTED]
Subject: RE: Time Synchronization
Sensitivity: Confidential
If you use the Timeserv.exe from the NT resource kit, you will want to check
this link from the M$ support site:
http://support.microsoft.com/support/kb/articles/Q172/8/78.ASP?LN=EN-US&SD=g
n&FR=0&qry=timeserv&rnk=6&src=DHCS_MSPSS_gn_SRCH&SPR=MSALL
We use the timeserv.exe in maintaining the time synchronization of our
network and the when setting it up according to the documentation, our
domain servers hit 100% CPU utilization. The above page has a link to the
updated timeserv.exe file.
Just thought I'd pass this along.
Andrew Mauer
-=On the eighth day, God said, "You can take it from here, Murphy."=-
~> -----Original Message-----
~> From: Lynn, Samara [mailto:[EMAIL PROTECTED]]
~> Sent: Friday, September 14, 2001 1:47 PM
~> To: 'Buzetta Fabian'; [EMAIL PROTECTED]
~> Subject: RE: Time Synchronization
~> Sensitivity: Confidential
~>
~>
~> You should try Timeserv.exe from NT resource kit.
~>
~> -----Original Message-----
~> From: Buzetta Fabian [mailto:[EMAIL PROTECTED]]
~> Sent: Thursday, September 13, 2001 10:36 AM
~> To: [EMAIL PROTECTED]
~> Subject: Time Synchronization
~> Sensitivity: Confidential
~>
~>
~> Hi everybody
~>
~> I have a network with a lot of NT 4.0 workstations and a NT
~> Server, my local
~> setting is that nobody is administrator of their
~> workstation, but recently
~> we have to synchronize our workstations. When I run a batch
~> to do it, It
~> says that it couldn�t syn because don�t have enough
~> privileges. I do not
~> want to give the privilege of changing time to my users, but
~> I need to find
~> a way to syn the time of all worstation with my server.
~>
~> Any ideas, can somebody help me???
~>
~> Regards
~> Fabi�n
~>
**********************************************************************
The information in this mail is confidential and is intended solely
for the addressee(s).
Access to this email by anyone else is unauthorised. If you are not
an intended recipient, you must not read, use or disseminate the
information contained in the email.
**********************************************************************
