Comments on: Attack of the Hacker Crickets http://kevindevin.com/?p=2455 MY Blog, MY Interests Sat, 17 Apr 2010 07:26:06 +0000 hourly 1 http://wordpress.org/?v=abc By: georgestarcher http://kevindevin.com/?p=2455&cpage=1#comment-35045 georgestarcher Fri, 21 Sep 2007 13:15:49 +0000 http://kevindevin.com/?p=2455#comment-35045 I wasn't saying I thought the key was stored. I was talking about the password hash to authenticate the user.<br><br>I don't have active directory so I am not sure. But yes I would assume any changing of the password would pose a sync issue. But the most likely answer is that since its cached somehow you use the old one to get in. You probably then just use the change pw option in the finallysecure software to put it back into sync. I wasn't saying I thought the key was stored. I was talking about the password hash to authenticate the user.

I don't have active directory so I am not sure. But yes I would assume any changing of the password would pose a sync issue. But the most likely answer is that since its cached somehow you use the old one to get in. You probably then just use the change pw option in the finallysecure software to put it back into sync.

]]> By: George Starcher http://kevindevin.com/?p=2455&cpage=1#comment-20490 George Starcher Fri, 21 Sep 2007 12:15:49 +0000 http://kevindevin.com/?p=2455#comment-20490 I wasn't saying I thought the key was stored. I was talking about the password hash to authenticate the user. I don't have active directory so I am not sure. But yes I would assume any changing of the password would pose a sync issue. But the most likely answer is that since its cached somehow you use the old one to get in. You probably then just use the change pw option in the finallysecure software to put it back into sync. I wasn’t saying I thought the key was stored. I was talking about the password hash to authenticate the user.

I don’t have active directory so I am not sure. But yes I would assume any changing of the password would pose a sync issue. But the most likely answer is that since its cached somehow you use the old one to get in. You probably then just use the change pw option in the finallysecure software to put it back into sync.

]]> By: Slim Backwater http://kevindevin.com/?p=2455&cpage=1#comment-35044 Slim Backwater Fri, 21 Sep 2007 11:51:09 +0000 http://kevindevin.com/?p=2455#comment-35044 Regarding the Seagate Encrypted drive. You were wondering where the key was. I don't know how many keys it supports, but it's possible the key isn't stored on the drive anywhere. Could it simply try the decryption with the password you provided? If you provide the correct key, the drive would decrypt correctly, wrong password, bad decryption.<br><br>Also about changing the user's password from Active Directory. The software might have trouble syncing the password if the drive/computer is off when the Administrator changes the AD password. Under Windows Server 2003, isn't there a warning when you change a password from AD Users and Computers? Something specifically about the user losing access to their encrypted folders? The warning might also apply to this drive.<br><br>Great podcast. Keep up the good work. I'd like hearing about the high-end stuff. I manage about 100 PCs and like to hear about the challenges of managing thousands of PCs, basically I like the "working in a large organization" stories. I would also like more security and forensics stories, not only "How" but also "Why". Why, specifically, do you do a forensics analysis of a drive.<br><br>Thanks.<br><br>._. Regarding the Seagate Encrypted drive. You were wondering where the key was. I don't know how many keys it supports, but it's possible the key isn't stored on the drive anywhere. Could it simply try the decryption with the password you provided? If you provide the correct key, the drive would decrypt correctly, wrong password, bad decryption.

Also about changing the user's password from Active Directory. The software might have trouble syncing the password if the drive/computer is off when the Administrator changes the AD password. Under Windows Server 2003, isn't there a warning when you change a password from AD Users and Computers? Something specifically about the user losing access to their encrypted folders? The warning might also apply to this drive.

Great podcast. Keep up the good work. I'd like hearing about the high-end stuff. I manage about 100 PCs and like to hear about the challenges of managing thousands of PCs, basically I like the “working in a large organization” stories. I would also like more security and forensics stories, not only “How” but also “Why”. Why, specifically, do you do a forensics analysis of a drive.

Thanks.

._.

]]>