Diagnostics with Beep Codes

Following are the beep messages associated with the IBP bios.

1 short beep specifies a normal post

2 short beeps tells about POST errors that can be find on screen.
Continuous beeps indicates power supply and other cards errors.
One long and short beep indicates system board problems

3 long beeps defines keyboard errors
No system beep tells about power supply errors.

__________________
A.Rajesh Khanna

What is EFS? How can I use it to protect my files and folders?

The Encrypting File System (EFS) is a component of the NTFS file system on Windows 2000, Windows XP Professional, and Windows Server 2003. (Windows XP Home doesn't include EFS). EFS enables transparent encryption and decryption of files by using advanced, standard cryptographic algorithms. Unlike 3rd-Party encryption tools, EFS is fully integrated into the Windows Explorer shell, thus enabling easy encryption and decryption of files and folders. Any individual or program that doesn't possess the appropriate cryptographic key cannot gain access to the encrypted data. Encrypted files can be protected even from those who gain physical possession of the computer that the files reside on. Even persons who are authorized to access the computer and its file system cannot view the data.

Note: EFS does not offer 100% security against all sorts of attacks. Besides EFS you must also use other defensive strategies such as physically securing your data and computers, using a strong password and so on. Using EFS requires only a few simple bits of knowledge. However, using EFS without knowledge of best practices and without understanding recovery processes can give you a mistaken sense of security, as your files might not be encrypted when you think they are, or you might enable unauthorized access by having a weak password or having made the password available to others. It might also result in a loss of data, if proper recovery steps aren't taken.

EFS has several advantages over traditional encryption techniques. EFS’s encryption technology integrates into the file system, so users can’t access the hard disk without going through the file system. W2K’s EFS drivers run in kernel mode to provide better security. EFS is easy to manage and completely transparent to the user. A user can use a private key, which the OS generates, to encrypt only those files or folders that need protection. Users can then access their data transparently. Users who don’t have the private key can’t access the data.

No preparation is needed to encrypt files and the first time a user encrypts a file an encryption certificate for the user and a private key are automatically created.

If encrypted files are moved they stay encrypted, if users add files to an encrypted folder the new files are automatically encrypted. There is no need to decrypt a file before use; the operating system automatically handles this for you in a secure manner.

In the event of a user’s private key being lost (either by reinstallation or new user creation) the EFS recovery agent can decrypt the files.

ThankQ
KiruthikaSambandam

What is Wireless Computer Networking?

Wireless networks utilize radio waves and/or microwaves to maintain communication channels between computers. Wireless networking is a more modern alternative to wired networking that relies on copper and/or fiber optic cabling between network devices.

A wireless network offers advantages and disadvantages compared to a wired network. Advantages of wireless include mobility and elimination of unsightly cables. Disadvantages of wireless include the potential for radio interference due to weather, other wireless devices, or obstructions like walls.

Wireless is rapidly gaining in popularity for both home and business networking. Wireless technology continues to improve, and the cost of wireless products continues to decrease. Popular wireless local area networking (WLAN) products conform to the 802.11 "Wi-Fi" standards.

The gear a person needs to build wireless networks includes network adapters (NICs), access points (APs), and routers.

ThankQ
KiruthikaSambandam

What Is the Difference Between Bits and Bytes?

A bit is a single numeric value, either '1' or '0', that encodes a single unit of digital information. A byte is a sequence of bits; usually eight bits equal one byte.

For example, in Internet Protocol (IP) networking, IP addresses contain 32 bits or 4 bytes. The bits encode the network address so that it can be shared on the network. The bytes divide the bits into groups.

The IP address 192.168.0.1, for instance, is encoded with the following bits and bytes:

11000000 10101000 00000000 00000001

Bits are grouped into bytes to, generally speaking, increase the efficiency of computer hardware, including network equipment, disks and memory.

ThankQ
KiruthikaSambandam

"Is there any difference between bps (small 'b') and Bps (capital 'b')?"

The term "bps" specifies network bandwidth in bits per second. The term "Bps" specifies network bandwidth in bytes per second.


"What is the difference between a client and a server, and what is client/server networking?"

Clients and servers are devices that perform specific functions on a network
Client devices normally request and receive information over the network. Mobile computers and most desktop PCs operate as clients. A server device hosts files, databases, Web sites, or other applications. Server devices often feature higher-powered processors, more memory, and larger disk drives than clients.

The term client/server refers to any network design utilizing clients and servers. Web, FTP, email, DNS and many other database applications are client/server designs. Client/server networks can be built on the Internet, on intranets, or in homes.

The main alternative to client/server networking is peer-to-peer networking, where network devices all perform equivalent functions.

ThankQ
KiruthikaSambandam

"What is peer-to-peer networking?"
Peer-to-peer is a type of network design where all devices support roughly equivalent capabilities. Peer-to-peer networking (also known simply as peer networking) is in contrast to client/server networking, where certain devices have responsibility for providing or "serving" network information and other devices consume or otherwise act as "clients" of those servers. Peer-to-peer networking is most common on small LANs, particularly Windows home networks. Peer networking on the Internet gained widespread popularity thanks to file sharing services like Napster. However, many of these file sharing services, including Napster, actually integrate both peer and client/server networking design. Technically, these are called hybrid networks.

ThankQ
KiruthikaSambandam

"Is there a way to transfer files between two PCs using a cable called a null modem cable?"

This cable allows you to set up file sharing between two PCs by connecting their serial or parallel ports. The details of the setup depend on which operating systems run on the PCs The term "null modem" comes from the ability of the cable to provide networking at relatively slow speeds without actually using modems.

Null modem cables do not require computers to possess Ethernet cards. For this reason, they are a very popular (though not the only) form of Direct Cable Connection (DCC) possible between PCs.

Thanks
Suresh

What are the new EFS features in Windows XP?

Microsoft Windows 2000 introduced the capability for data recovery with the implementation of Encrypting File System (EFS), and this capability has been enhanced in Windows XP. Microsoft Windows XP provides many enhancements in the area of data protection - especially Encrypting File System (EFS). Windows XP provides significant advancements in data recovery and protection, and private key recovery.

This article provides a technical walkthrough that illustrates how to use important data recovery and protection features in Windows XP. Also included are best practices and the steps you need to take to build an effective data recovery and protection strategy.

In addition to explaining strategies for data recovery and data protection in Windows XP, this article includes many step-by-step examples that illustrate how to set up the data recovery and data protection features you'll want to use when deploying a Windows XP data recovery and protection solution.

Note: EFS is only available on Windows XP Professional; it is not supported on Windows XP Home Edition.

The increased functionality of EFS has significantly enhanced the power of the Windows XP Professional client. Windows XP Professional now provides additional flexibility for corporate users when deploying security solutions based on encrypted data files and folders. These new features include:

* Full support for revocation checking on certificates used by the system
* Alternate color support (green) for encrypted files


* Support for encrypted offline folders


* Multi-user support for encrypted files in the shell user interface (UI)


* Support for the Microsoft-enhanced cryptographic service provider (CSP)


* Additional support for FIPS 140-1 Level 1 compliant symmetric algorithms (3DES [Data Encryption Standard])


* End-to-end encryption using EFS over WebDAV


* Enhanced recovery policy flexibility


* Additional security features for protecting EFS data.

Thanks
suresh.B

What are the new EFS features in Windows XP?

Microsoft Windows 2000 introduced the capability for data recovery with the implementation of Encrypting File System (EFS), and this capability has been enhanced in Windows XP. Microsoft Windows XP provides many enhancements in the area of data protection - especially Encrypting File System (EFS). Windows XP provides significant advancements in data recovery and protection, and private key recovery.

This article provides a technical walkthrough that illustrates how to use important data recovery and protection features in Windows XP. Also included are best practices and the steps you need to take to build an effective data recovery and protection strategy.

In addition to explaining strategies for data recovery and data protection in Windows XP, this article includes many step-by-step examples that illustrate how to set up the data recovery and data protection features you'll want to use when deploying a Windows XP data recovery and protection solution.

Note: EFS is only available on Windows XP Professional; it is not supported on Windows XP Home Edition.

The increased functionality of EFS has significantly enhanced the power of the Windows XP Professional client. Windows XP Professional now provides additional flexibility for corporate users when deploying security solutions based on encrypted data files and folders. These new features include:

* Full support for revocation checking on certificates used by the system


* Alternate color support (green) for encrypted files


* Support for encrypted offline folders


* Multi-user support for encrypted files in the shell user interface (UI)


* Support for the Microsoft-enhanced cryptographic service provider (CSP)


* Additional support for FIPS 140-1 Level 1 compliant symmetric algorithms (3DES [Data Encryption Standard])


* End-to-end encryption using EFS over WebDAV


* Enhanced recovery policy flexibility


* Additional security features for protecting EFS data.

Thanks
Suresh.B

How can I disable EFS on Computers Running Windows 2000?

To disable EFS on computers running Windows 2000, you must remove the default data recovery agent from the computer. This restriction is removed in Windows XP and Windows Server 2003 to help prevent security attacks on computers that are not members of a domain.

The following procedure will show you how to use Group Policy to disable EFS for all computers running Windows 2000 in a Windows Server 2003 domain.

Note: Before you remove the certificate for the default domain recovery agent, you should back up the certificate by exporting it to a file.

1. Open the Default Domain Policy GPO. You can use Active Directory Users and Computers or the GPMC to edit the GPO.
2. In the Group Policy Object Editor, expand Computer Configuration, expand Windows Settings, expand Security Settings, expand Public Key Policies, and then click Encrypting File System.
3. In the details pane, right-click Administrator, point to All Tasks, and then click Export. Complete the Certificate Export Wizard to export the Administrator's EFS recovery certificate.

This will export the default EFS recovery certificate for the domain to a file. Store this file on removable media such as a floppy disk, and then store the media in a secure location.

4. In the details pane, right-click Administrator, and then click Delete.

This will delete the default EFS recovery certificate for the domain.

5. In the Certificates window, click Yes to permanently delete the certificate.

Important: Deleting the EFS recovery agent for the domain will prevent users on computers running Windows 2000 from encrypting files; however, it will not prevent users on computers running Windows XP and Windows Server 2003 from encrypting files. In addition, it will disable the recovery agent for all encrypted files. If users who have previously encrypted files are unable to decrypt their files for any reason, there will be no recovery agent to decrypt their files.

Thanks
Suresh.B

How can I disable EFS on Computers Running Windows XP or Windows Server 2003?

The following procedure will show you how to use Group Policy to disable EFS on computers running Windows XP and Windows Server 2003.

1. Open the GPO that you want to edit. You can use Active Directory Users and Computers or the GPMC to edit the GPO.
2. In the Group Policy Object Editor, expand Computer Configuration, expand Windows Settings, expand Security Settings, expand Public Key Policies, and then click Encrypting File System.
3. Right-click Encrypting File System, and then click Properties.
4. Clear the Allow users to encrypt files using Encrypting File System (EFS) check box, and then click OK.

Thanks
Sathian.K

How can I easily discover who's the user that encrypted a file?

The Windows Explorer user interface (UI) shows which files are encrypted but not who encrypted them, causing a lot of confusion when trying to access specific files needed by other users. As an administrator, you could rectify the situation by decrypting the files. But wouldn't you like to know the identity of the dastard that caused the trouble?

The Windows 2000 Resource Kit includes the tool Efsinfo.exe, which you can use to view information about the recovery agent accounts. You can use Efsinfo to verify what recovery accounts are current for an encrypted file.

To determine who the designated recovery agent is after installing the Windows 2000 Resource Kit:

1.Click Start, point to Programs, point to Accessories, and then click Command Prompt.


2. Use the cd (change directory) command to change to the folder that contains the encrypted file.


3. Type efsinfo /r /u filename, where filename is the name of the file you want to check. Or, leave the filename parameter off to report information for all the files in the current folder.

Thanks
Sathain.K

How does EFS work?

EFS uses an encryption attribute to designate files for EFS protection. When a file's encryption attribute is on, EFS stores the file as encrypted cipher text. When an authorized user opens an encrypted file in an application, EFS decrypts the file in the background and provides a plaintext copy to the application. The authorized user can view or modify the file, and EFS saves any changes transparently as cipher text. Other users are denied permission to view or modify EFS-encrypted files. EFS-protected files are bulk encrypted to provide confidentiality even from intruders who bypass EFS and attempt to read files by using low-level disk tools.

When you specify that you want to use EFS to encrypt a file or a folder, EFS generates a file encryption key (FEK), which consists of a pseudo-random number. The system uses this number and the Data Extended Standard X (DESX) algorithm to create the encrypted file and write it to the hard disk. The system then encrypts the FEK with your public key and stores it with the encrypted file. When you access the encrypted file, the system uses your private key to decrypt the FEK and then uses the FEK to decrypt the file. When you use EFS for the first time, the system automatically generates a public/private key pair if one doesn’t already exist. If you're logged on to a domain, the public/private key pair resides on a domain controller (DC); otherwise, it resides on the local machine.

EFS, which is based on public key cryptography, uses a randomly generated file encryption key (FEK) to encrypt data (e.g., local NTFS files). A public key-based system uses a pair of keys: one private and one public. Only the user who owns the private key has access to the private key. The public key is available to anyone who requests it. The user’s public key encrypts FEKs; the private key decrypts FEKs.

NTFS stores a list of encrypted FEKs with the encrypted file in special EFS attributes known as Data Decryption Fields (DDFs) and Data Recovery Fields (DRFs).

When EFS encrypts a file, it does the following:

1. Generates a bulk symmetric encryption key.


2. Encrypts files by using the bulk encryption key.


3.Encrypts the bulk encryption key by using the EFS user's public key.


4.Stores the encrypted bulk key in a special field called the data decryption field (DDF), which is attached to the EFS file.



EFS can then use the user's private key to decrypt the bulk encryption key and decrypt the file as necessary. Because only the user has the private key, others cannot unlock the DDF.

EFS’s key-storage mechanism is based on W2K’s CryptoAPI architecture, which stores users’ public and private keys separately from the randomly generated FEK. This setup lets users store their private keys on secure devices (e.g., NTFS volumes, smart cards). Smart cards, which require smart card readers on computers, are credit-card sized devices that let users log on to W2K with a PIN. Smart cards make personal information (e.g., account numbers, passwords, digital certificates) portable.

Thanks
Sathian.K