| TIP: Click on subject to list as thread! | ANSI |
| echo: | |
|---|---|
| to: | |
| from: | |
| date: | |
| subject: | Re: EFS Best practices |
From: Mike N. On Fri, 22 Oct 2004 18:14:04 -0500, "Geo" wrote: >> Assuming I never created a password reset disk, there's still no way >into >> the SAM to create a password reset disk. Someone could replace the SAM >> and log in as Administrator, but that still gives them no access to the >> LSA, EFS keys, or original accounts.. > >I don't remember for sure but I believe there is a way by replacing less of >the registry than is specified in that procedure. This link seems to confirm that you need the SYSKEY decryption (password or floppy) to get to EFS files- http://www.elcomsoft.com/aefsdr.html Known problems and limitations - For files encrypted on Windows 2000, if Account Database Key (SYSKEY) is stored on floppy disk, or if "Password Startup" option has been set, you should know/have one of the following in order to be able to decrypt the files: - startup password or startup floppy disk - the password of user who encrypted the files - the password of Recovery Agent (if one is availbale) --- BBBS/NT v4.01 Flag-5* Origin: Barktopia BBS Site http://HarborWebs.com:8081 (1:379/45) SEEN-BY: 633/267 270 5030/786 @PATH: 379/45 1 396/45 106/2000 633/267 |
|
| SOURCE: echomail via fidonet.ozzmosis.com | |
Email questions or comments to sysop@ipingthereforeiam.com
All parts of this website painstakingly hand-crafted in the U.S.A.!
IPTIA BBS/MUD/Terminal/Game Server List, © 2025 IPTIA Consulting™.