O'Reilly logo

Windows Vista Security: Praxisorientierte Sicherheit für Profis by Marcus Nasarek

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

384
|
Chapter 11: Securing and Sharing Your Data
Securing Your Data
Disk drives and devices with removable storage are formatted with a filesystem. The
filesystem allows you to create and manage files. The format of the disk that you are
working with determines the file security options that are available. You can format
disks by using either File Allocation Table (FAT) or NT File System (NTFS). As dis-
cussed in the sections that follow, FAT and NTFS are a bit different in the way they
work.
FAT Versus NTFS
Both FAT and NTFS come in several different variations, and in some cases, the type
of device you are working with determines which variation is used. With FAT, the
number of bits used with the allocation table determines the variant you are working
with and the maximum volume size. You’ll find that USB flash devices and MP3
players with 4 GB or less of storage are formatted with the 16-bit version of FAT.
FAT16, also known simply as FAT, defines its file allocation tables using 16 bits.
FAT16 is used because it is the most efficient version of FAT for volume sizes of up
to 4 GB.
If you use devices with removable storage that have file sizes larger than 4 GB, such
as a removable hard disk, the device will in most cases use the 32-bit version of FAT,
known as FAT32. FAT32 defines its file allocation tables using 32 bits, which allows
you to have volumes larger than 32 GB. Devices with removable storage use FAT
because it has no security controls, allowing you to access your data on multiple
computers simply by connecting your device to those computers.
On the other hand, NTFS allows you to control access to files and folders by assign-
ing permissions. At home, your computer will typically have file access permissions
only for accounts configured on the local computer. At the office, your computer will
typically have file access permissions for accounts configured on the local computer
as well as accounts configured for your network. While NTFS supports just about
any volume size you’ll want to work with, you can’t necessarily move devices format-
ted with NTFS from one computer to another and gain access to all the data on these
devices. You may not be able to do this because NTFS access permissions are set
using accounts that are specific to a single computer, to a network, or to both.
File Attributes
All files and folders, whether on FAT- or NTFS-formatted disks, can be marked with
attributes that give you limited control over how a file or folder is used. The file
attributes you can use are:
Securing Your Data
|
385
Read-only
Specifies that the file or folder is read-only and cannot be modified
Hidden
Specifies that the file or folder is hidden and can be viewed only if the folder
option “Show hidden files and folders” is enabled
System
Identifies a system file or folder that can be viewed only if the folder option
“Hide protected operating system files” is disabled
You can view or change the Read-Only and Hidden attributes on a file or folder by
completing the following steps:
1. In Windows Explorer, right-click the file or folder to display its Properties dia-
log box.
2. On the General tab, shown in Figure 11-1, select the Read-only checkbox to
make a file or folder read-only. Clear the Read-only checkbox to allow a file or
folder to be read and modified.
3. To hide a file or folder so that it can be viewed only if the folder option “Show
hidden files and folders” is enabled, select the Hidden checkbox. Otherwise,
clear this checkbox to allow a file or folder to be viewed normally.
4. Click OK to save your changes.
Figure 11-1. Viewing and setting file attributes
386
|
Chapter 11: Securing and Sharing Your Data
Generally, Windows Vista manages the system attribute. Windows Vista marks files
and folders that you shouldn’t modify as being system files. You can view files and
folders marked with the hidden and system attributes by completing the following
steps:
1. In Windows Explorer, click Organize on the toolbar and then select Folder and
Search Options.
2. On the View tab, shown in Figure 11-2, select “Show hidden files and folders” to
show hidden files and folders.
3. To show system files and folders, clear the “Hide protected operating system
files” checkbox.
4. Click OK to save your settings.
Although these attributes can be set on files and folders, anyone with access to a disk
or device can override or change these settings. This means there are no safeguards
for file access or deletion that someone can’t override easily.
Figure 11-2. Showing hidden files and folders

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required