Can ability to Encrypt files be turned off

A

Anthony Fontana

We have Win XP SP 3 workstations running under a Win Server 2003 domain. We
do not use the Encrypting capabilities of NTFS. I am curious if that
capability can be turned off.

I'm concerned about hackers encrypting our files and wanting cash to
decrypt them.
 
L

Leonard Grey

No problem...I'll just encrypt your users' files with my own encryption
utility...or maybe I'll zip your users' files and encrypt the
archive...or maybe...

Are you seeing my point? A hacker won't be impressed by efforts.
 
T

Tim Meddick

Yes, on a NTFS formatted drive - Window's Encrypted File System [EFS] can be
disabled - set the following registry value and reboot :

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\EFS]
"EfsConfiguration"=dword:00000001

If the value is not present - under the above key (between the square brackets)
create a new "Dword" value using the "Edit" menu, and give it a value of "1"

You must then reboot for the setting to take effect.

==

Cheers, Tim Meddick, Peckham, London. :)
 
A

Anthony Fontana

Thanks, I'll try this out!



Tim Meddick said:
Yes, on a NTFS formatted drive - Window's Encrypted File System [EFS] can be
disabled - set the following registry value and reboot :

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\EFS]
"EfsConfiguration"=dword:00000001

If the value is not present - under the above key (between the square brackets)
create a new "Dword" value using the "Edit" menu, and give it a value of "1"

You must then reboot for the setting to take effect.

==

Cheers, Tim Meddick, Peckham, London. :)




Anthony Fontana said:
We have Win XP SP 3 workstations running under a Win Server 2003 domain. We
do not use the Encrypting capabilities of NTFS. I am curious if that
capability can be turned off.

I'm concerned about hackers encrypting our files and wanting cash to
decrypt them.
Click to expand...

.
Click to expand...
 
A

Anthony Fontana

Great point. Thanks for pointing this out. It's probably better though to
at least try and stop the encryption. Make them do more work.
 
T

Tim Meddick

As far as "tampering" goes - I think you will find that only the current user has
rights to use encryption on files and folders.

The current user has an identification number associated with it (e.g.
S-1-5-21-1957994488-1004336348-682003330-1003) and it is this numbered ID that has
access to encrypted files granted to it (via an encryption key).

Therefore - no other user - local OR remote - can access encrypted files.

==

Cheers, Tim Meddick, Peckham, London. :)




Anthony Fontana said:
Thanks, I'll try this out!



Tim Meddick said:
Yes, on a NTFS formatted drive - Window's Encrypted File System [EFS] can be
disabled - set the following registry value and reboot :

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\EFS]
"EfsConfiguration"=dword:00000001

If the value is not present - under the above key (between the square brackets)
create a new "Dword" value using the "Edit" menu, and give it a value of "1"

You must then reboot for the setting to take effect.

==

Cheers, Tim Meddick, Peckham, London. :)




Anthony Fontana said:
We have Win XP SP 3 workstations running under a Win Server 2003 domain. We
do not use the Encrypting capabilities of NTFS. I am curious if that
capability can be turned off.

I'm concerned about hackers encrypting our files and wanting cash to
decrypt them.
Click to expand...

.
Click to expand...
Click to expand...
 
J

John John - MVP

Tim said:
Yes, on a NTFS formatted drive - Window's Encrypted File System [EFS]
can be disabled - set the following registry value and reboot :

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\EFS]
"EfsConfiguration"=dword:00000001

If the value is not present - under the above key (between the square
brackets) create a new "Dword" value using the "Edit" menu, and give it
a value of "1"

You must then reboot for the setting to take effect.
Click to expand...

Nice. The following documentation might useful:

http://search.yahoo.com/search?n=10...l=lang_en&p=EfsConfiguration&vs=microsoft.com
EfsConfiguration - site:microsoft.com

John
 
A

Anthony Fontana

Thanks. I've bookmarked it and will look at it too.


John John - MVP said:
Tim said:
Yes, on a NTFS formatted drive - Window's Encrypted File System [EFS]
can be disabled - set the following registry value and reboot :

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\EFS]
"EfsConfiguration"=dword:00000001

If the value is not present - under the above key (between the square
brackets) create a new "Dword" value using the "Edit" menu, and give it
a value of "1"

You must then reboot for the setting to take effect.
Click to expand...

Nice. The following documentation might useful:

http://search.yahoo.com/search?n=10...l=lang_en&p=EfsConfiguration&vs=microsoft.com
EfsConfiguration - site:microsoft.com

John
.
Click to expand...
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

Remove domain user ability to encrypt files 4
Can WMI logging be turned off to stop the creation of XML files inWINDOWS\PCHealth\HelpCtr\DataColl\ 2
Help with CryptoStream and incomplete files... 8
EFS Recover Agents Unable to decrypt files 5
Encrypting File System - offline? 1
User moving off domain to workgroup. 3
EFS Files Inaccessible After Profile Change (Even for Recovery Agent) 2
Help 3DES File Encrypt in VB6 to 3DES File Decrypt In VB.NET 6

Top