Can ability to Encrypt files be turned off

  • Thread starter Thread starter Anthony Fontana
  • Start date Start date
A

Anthony Fontana

We have Win XP SP 3 workstations running under a Win Server 2003 domain. We
do not use the Encrypting capabilities of NTFS. I am curious if that
capability can be turned off.

I'm concerned about hackers encrypting our files and wanting cash to
decrypt them.
 
No problem...I'll just encrypt your users' files with my own encryption
utility...or maybe I'll zip your users' files and encrypt the
archive...or maybe...

Are you seeing my point? A hacker won't be impressed by efforts.
 
Yes, on a NTFS formatted drive - Window's Encrypted File System [EFS] can be
disabled - set the following registry value and reboot :

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\EFS]
"EfsConfiguration"=dword:00000001

If the value is not present - under the above key (between the square brackets)
create a new "Dword" value using the "Edit" menu, and give it a value of "1"

You must then reboot for the setting to take effect.

==

Cheers, Tim Meddick, Peckham, London. :-)
 
Thanks, I'll try this out!



Tim Meddick said:
Yes, on a NTFS formatted drive - Window's Encrypted File System [EFS] can be
disabled - set the following registry value and reboot :

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\EFS]
"EfsConfiguration"=dword:00000001

If the value is not present - under the above key (between the square brackets)
create a new "Dword" value using the "Edit" menu, and give it a value of "1"

You must then reboot for the setting to take effect.

==

Cheers, Tim Meddick, Peckham, London. :-)




Anthony Fontana said:
We have Win XP SP 3 workstations running under a Win Server 2003 domain. We
do not use the Encrypting capabilities of NTFS. I am curious if that
capability can be turned off.

I'm concerned about hackers encrypting our files and wanting cash to
decrypt them.
Click to expand...

.
Click to expand...
 
Great point. Thanks for pointing this out. It's probably better though to
at least try and stop the encryption. Make them do more work.
 
As far as "tampering" goes - I think you will find that only the current user has
rights to use encryption on files and folders.

The current user has an identification number associated with it (e.g.
S-1-5-21-1957994488-1004336348-682003330-1003) and it is this numbered ID that has
access to encrypted files granted to it (via an encryption key).

Therefore - no other user - local OR remote - can access encrypted files.

==

Cheers, Tim Meddick, Peckham, London. :-)




Anthony Fontana said:
Thanks, I'll try this out!



Tim Meddick said:
Yes, on a NTFS formatted drive - Window's Encrypted File System [EFS] can be
disabled - set the following registry value and reboot :

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\EFS]
"EfsConfiguration"=dword:00000001

If the value is not present - under the above key (between the square brackets)
create a new "Dword" value using the "Edit" menu, and give it a value of "1"

You must then reboot for the setting to take effect.

==

Cheers, Tim Meddick, Peckham, London. :-)




Anthony Fontana said:
We have Win XP SP 3 workstations running under a Win Server 2003 domain. We
do not use the Encrypting capabilities of NTFS. I am curious if that
capability can be turned off.

I'm concerned about hackers encrypting our files and wanting cash to
decrypt them.
Click to expand...

.
Click to expand...
Click to expand...
 
Tim said:
Yes, on a NTFS formatted drive - Window's Encrypted File System [EFS]
can be disabled - set the following registry value and reboot :

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\EFS]
"EfsConfiguration"=dword:00000001

If the value is not present - under the above key (between the square
brackets) create a new "Dword" value using the "Edit" menu, and give it
a value of "1"

You must then reboot for the setting to take effect.
Click to expand...

Nice. The following documentation might useful:

http://search.yahoo.com/search?n=10...l=lang_en&p=EfsConfiguration&vs=microsoft.com
EfsConfiguration - site:microsoft.com

John
 
Thanks. I've bookmarked it and will look at it too.


John John - MVP said:
Tim said:
Yes, on a NTFS formatted drive - Window's Encrypted File System [EFS]
can be disabled - set the following registry value and reboot :

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\EFS]
"EfsConfiguration"=dword:00000001

If the value is not present - under the above key (between the square
brackets) create a new "Dword" value using the "Edit" menu, and give it
a value of "1"

You must then reboot for the setting to take effect.
Click to expand...

Nice. The following documentation might useful:

http://search.yahoo.com/search?n=10...l=lang_en&p=EfsConfiguration&vs=microsoft.com
EfsConfiguration - site:microsoft.com

John
.
Click to expand...
 
Back
Top