Solved

Truecrypt boots to black screen on server 2008 r2

Posted on 2013-11-08
6
680 Views
Last Modified: 2015-02-08
I'd thought i would take a chance by asking this question here as well as the truecrypt forum.

I have a medical business customer that wants the entire hdd drive on their server encrypted.  Easy enough right?  well so i encrypt using truecrypt.  everything works great.  about 3 weeks later though the server when it boots up stops at the truecrypt boot up screen wanting the password.  and once you put the password in, it begins booting up.  i see the windows logo with the scrolling from left to right at the bottom of the screen.  that logo then dissapears and a black screen shows up.  and it sits there never coming to the blue ctrl-alt-del screen.  
        so i decrypted the system and it boots fine now.  but this hdd needs to be encrypted so i went through the motions of re-encrypting the hdd and i reburned the rescue disc and truecrypt wants to do the pretest of rebooting.  when i reboot, again it stop at a black screen.  at the black screen the server hdd light is blinking to show activity, but i let it sit for 3 hrs and nothing.  I then reset the computer and let it reboot and press esc instead of typing the password and the server boots up to windows only to tell me that truecrypt failed the pretest.  Any suggestions?
0
Comment
Question by:BNCAdmin
6 Comments
 
LVL 38

Assisted Solution

by:Rich Rumble
Rich Rumble earned 250 total points
ID: 39635009
Server HDD's are not typically encrypted in this way. you have to understand that Full Disk Encryption only protects data at rest, when the OS is not running. When it's booted, the HDD looks no different to a networked attacker or a trojan than any other running windows OS.
Have a look at my article here:
http://www.experts-exchange.com/Security/Encryption/A_12134-Choosing-the-right-encryption-for-your-needs.html

If the encryption is to protect against physical theft, then you want full disk encryption. If it's to comply with HIPAA, then you've not encrypted anything at all when the OS is running.
-rich
0
 
LVL 53

Accepted Solution

by:
McKnife earned 250 total points
ID: 39638204
You can of course use truecrypt for servers if you want to protect against theft. If it does not work out, uninstall truecrypt, reboot and try disk cryptor, a truecrypt spin-off.
If that does not work, take the built-in bitlocker.
0
 

Author Closing Comment

by:BNCAdmin
ID: 39656302
After reviewing the replies, we researched the built-in bitlocker and decided to install this option.  This was completed this weekend and will be delivered to the customer today.  

Thanks for the replies.
0
Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

 
LVL 53

Expert Comment

by:McKnife
ID: 39656378
Ok.

Make your customer aware that with a fully encrypted system, any reboot will require the passphrase, so any automatic bluescreen-reboot, too! Unless you used a TPM without PIN.
0
 
LVL 38

Expert Comment

by:Rich Rumble
ID: 39656409
And the encryption is only protecting the drives from theft :) The data is not safer when the OS is running.
-rich
0
 

Expert Comment

by:peteviti
ID: 40597565
I installed true crypt. I did not activate any encryption. But I rebooted and I now I have a black screen on all users. How do I turn off black screen? Please help pete.viti@gmail.com
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Cybersecurity has become the buzzword of recent years and years to come. The inventions of cloud infrastructure and the Internet of Things has made us question our online safety. Let us explore how cloud- enabled cybersecurity can help us with our b…
Many companies are looking to get out of the datacenter business and to services like Microsoft Azure to provide Infrastructure as a Service (IaaS) solutions for legacy client server workloads, rather than continuing to make capital investments in h…
The Email Laundry PDF encryption service allows companies to send confidential encrypted  emails to anybody. The PDF document can also contain attachments that are embedded in the encrypted PDF. The password is randomly generated by The Email Laundr…
With Secure Portal Encryption, the recipient is sent a link to their email address directing them to the email laundry delivery page. From there, the recipient will be required to enter a user name and password to enter the page. Once the recipient …

863 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

25 Experts available now in Live!

Get 1:1 Help Now