Announcement

Collapse
No announcement yet.

Efs

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • Efs

    How does one use the Administrator account (which is not configured as a DRA) to simulate an attacker attempting to access a file that another user has encrypted?

    How does one make sure the Administrator is not configured as a DRA?

  • #2
    Re: Efs

    In a domain environment the administrator is always the DRA but this can be changed through Group Policy. Files previously encrypted will still have the administrator as a DRA but new ones will not

    Not clear what you mean by "simulate an attacker" - just double click on the file as another user and observe the message. If you want to do this as the administrator, just use a machine which does not have the DRA certificate installed

    And be very careful you don't lose the ability to recover your encrypted files by messing around with the DRA account/certificates
    Tom Jones
    MCT, MCSE (2000:Security & 2003), MCSA:Security & Messaging, MCDBA, MCDST, MCITP(EA, EMA, SA, EDA, ES, CS), MCTS, MCP, Sec+
    PhD, MSc, FIAP, MIITT
    IT Trainer / Consultant
    Ossian Ltd
    Scotland

    ** Remember to give credit where credit is due and leave reputation points where appropriate **

    Comment

    Working...
    X