RE: Windows 2000 Offline Files on a Laptop

From: Jonah Kowall (jkowall@psteering.com)
Date: Fri May 24 2002 - 10:53:31 EDT

• Next message: Philipp Buehler: "Re: generating own customized http requests, fragmenting, determing sequence"
• Previous message: Rob Shein: "Re: generating own customized http requests, fragmenting, determing sequence"
• Maybe in reply to: Johann van Duyn: "Windows 2000 Offline Files on a Laptop"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

I know they are encrypted. If you change the users password, then you
are an admin. Administrators have access to encrypted files.

> -----Original Message-----
> From: Johann van Duyn [mailto:Johann_van_Duyn@bat.com]
> Sent: Friday, May 24, 2002 5:52 AM
> To: pen-test@securityfocus.com
> Subject: Windows 2000 Offline Files on a Laptop
>
>
>
>
> Hi there...
>
> Has anyone on the list ever hacked away at a laptop machine
> with Windows 2000 Offline Folders? Are these folders
> encrypted at all, and if I were to reset the user's password
> and then log in, would that give me access to the folders?
> Any other concerns? I am trying to assess the risks involved
> in the possible use of offline folders by our mobile workforce.
>
> Thanks!
>
> -----------------------------------------
> Johann van Duyn, CISSP
> IT Risk and Security Manager: British American Tobacco South
> Africa Stellenbosch, South Africa Tel. +27 (21) 8883765 Cel.
> +27 (82) 4588472 Fax. +27 (21) 8838692
> E:mail: johann_van_duyn@bat.com
> -----------------------------------------
> "Technology is dominated by two types of people: those who
> understand what they do not manage, and those who manage what
> they do not understand."
>
>
> -- Anonymous
>
> Confidentiality Notice: The information in this document and
> attachments is confidential and may also be legally
> privileged. It is intended only for the use of the named
> recipient. Internet
> communications are not secure and therefore British American
> Tobacco does not accept legal responsibility for the contents
> of this message. If you are not the intended recipient,please
> notify us immediately and then delete this document. Do not
> disclose the contents of this document to any other person,
> nor take any copies. Violation of this notice may be unlawful.
>
>
>
> --------------------------------------------------------------
> --------------
> This list is provided by the SecurityFocus Security
> Intelligence Alert (SIA) Service. For more information on
> SecurityFocus' SIA service which automatically alerts you to
> the latest security vulnerabilities please see:
https://alerts.securityfocus.com/

----------------------------------------------------------------------------
This list is provided by the SecurityFocus Security Intelligence Alert (SIA)
Service. For more information on SecurityFocus' SIA service which
automatically alerts you to the latest security vulnerabilities please see:
https://alerts.securityfocus.com/

• Next message: Philipp Buehler: "Re: generating own customized http requests, fragmenting, determing sequence"
• Previous message: Rob Shein: "Re: generating own customized http requests, fragmenting, determing sequence"
• Maybe in reply to: Johann van Duyn: "Windows 2000 Offline Files on a Laptop"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:53:21 EDT