jal@ee.rochester.edu (John Lefor) (08/16/89)
A friend of mine wants to write a program that would provide some small security by either preventing people from booting off a floppy drive or by making the information on the hard-drive unusable if the system is booted off the floppy. This is for DOS and cannot involve significant hardware (like burning ROMS, cutting wires, etc). Any thoughts would be appreciated. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - I program ... therefore I am. John Lefor University of Rochester Dept of E. Engineering 716-275-8265 jal@ee.rochester.edu uunet!ur-valhalla!jal
brown@astroatc.UUCP (Vidiot) (08/16/89)
In article <1989Aug15.183532.27998@ee.rochester.edu> jal@ee.rochester.edu writes:
<A friend of mine wants to write a program that would provide some
<small security by either preventing people from booting off a
<floppy drive or by making the information on the hard-drive unusable
<if the system is booted off the floppy.
<
<This is for DOS and cannot involve significant hardware (like
<burning ROMS, cutting wires, etc). Any thoughts would be appreciated.
This is personal opinion.
The only real way to provide security via a program is if the BIOS is
modified to add password security, like the PS/2 line and other machines
now have. The way the current BIOS is written, any floppy can be booted.
It takes a BIOS change to change that. Also you want to be able to get
your system started if the hard disk crashed.
You see, when you boot off the floppy, all control of the PC is from the
software on the floppy, something you don't have control over. No matter
what program you place on your hard disk, it is never going to be activated.
The common code in the PC? Yep, the BIOS again.
Cure? Get a PC with password security.
Again, this is my opinion. I'm sure that someone will differ with me.
--
harvard\ att!nicmad\
Vidiot ucbvax!uwvax..........!astroatc!brown
rutgers/ decvax!nicmad/
ARPA/INTERNET: brown%astroatc.UUCP@spool.cs.wisc.edurwberry@hubcap.clemson.edu (Robert W Berry) (08/16/89)
From article <2610@astroatc.UUCP>, by brown@astroatc.UUCP (Vidiot): > In article <1989Aug15.183532.27998@ee.rochester.edu> jal@ee.rochester.edu writes: > < ... Looking for a way to prevent booting from a floppy ... > ... Vidiot replies only by modifying the BIOS ... If I remember correctly, there was a special PC-Magazine on PC security a while back and they had descriptions of different ways of protecting a PC. These ranged from physical locks to hardware cards which locked up the PC until a password was given to a software-based method which altered the fixed-disk's partition table so that DOS wouldn't recognize the fixed-disk unless the machine had been booted through a protective driver. In the case of a disk crash you had to boot off a floppy containing the security driver. One of the benefits of this method was that the PC was still functional if it was booted off floppy (as a floppy only machine) you just couldn't get to the fixed-disk. I don't know if the partition table was so screwed up that you couldn't FDISK over it (but then you would lose the information anyway, so it wouldn't be of use to _DATA_THIEVES_). This is all from memory, but it may be worth checking out. Hope this helps, (tm) Bob -- -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- -=- Bob Berry -=- PC-Guru's Inc. ! rwberry@hubcap.clemson.edu -=- -=- We are the science of modern motion. ! 803-654-7623 || 803-656-2635 -=- -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
craigb@hp-sdd.hp.com (Craig Bosworth) (08/16/89)
Lattice used to (still does?) make a package called SecretDisk that more or
less did what you're talking about.
What they did was write a block device driver for virtual disk drives. The
virtual drives (SecretDisks) can only be acccessed after giving the driver
the correct password. Once the SecretDisks are installed and accessed, they
look like regular old DOS disks.
The SecretDisks are represented in the system as large hidden files in which the
data is encrypted.
Running SecretDisk caused no performance or compatability problems on my Zenith
151.
You can't make the entire hard disk inaccessable: boot code, DOS, and the
SecretDisk driver have to be unencrypted, but you could protect everything
else. Also, you could still boot the PC from a floppy, but without running
the driver and entering the passwords, none of the SecretDisk data was useable
(although it was destroyable: delete and overwrite the hidden encrypted data
files).
BOS
--
Craig Bosworth (619) 592-8609 16399 West Bernardo Drive
Hewlett-Packard, San Diego Division San Diego, CA 92127-1899
UUCP : {hplabs|nosc|hpfcla|ucsd}!hp-sdd!craigb
Internet : craigb%hp-sdd@hp-sde.sde.hp.com (or @nosc.mil, @ucsd.edu)lbr@holos0.uucp (Len Reed) (08/16/89)
In article <1989Aug15.183532.27998@ee.rochester.edu> jal@ee.rochester.edu writes: >A friend of mine wants to write a program that would provide some >small security by either preventing people from booting off a >floppy drive or by making the information on the hard-drive unusable >if the system is booted off the floppy. > >This is for DOS and cannot involve significant hardware (like >burning ROMS, cutting wires, etc). Any thoughts would be appreciated. I have a similar question. How can one reorder the sequence of disk searches during bootup? I worked on a semi-AT-clone that had the boot device in the CMOS RAM. You could tell it to go to the hard disk and it would ignore the floppy. If you had a problem you hit ESC during bootup and it booted the floppy. Why would you want this? Running DOS it's only an aggravation when the system tries to boot the unbootable diskette you left in the drive. Under Xenix, though, we get a middle of the night power failure when someone's left a diskette in the drive and the system is unusable (no dial in) until someone actually goes to the office. (Without the diskette the system reboots completely.) Surely the only way to fix this is to burn new BIOS PROMS. I have access to the equipment to do this. Do I have to buy the BIOS, though, or is this something that can be easily found by disassembly? Anyone done this? (I've got an AST 386-20 with Phoenix BIOS.) I've added comp.unix.xenix to comp.sys.ibm.pc, and have directed followups to Xenix. -- Len Reed Holos Software, Inc. Voice: (404) 496-1358 UUCP: ...!gatech!holos0!lbr
davidsen@sungod.crd.ge.com (ody) (08/17/89)
If (1) the system is an AT, and (b) you can live with one floppy disk,
make it the B drive and change setup to show it as such. *most* systems
will not boot off the B drive. This assumes that the physical security
is at least minimal (case lock) so the floppy can't be recabled by
unauthorized personell.
Note: before the AT came out I saw one non-disclosure, and suggested
that a third position be added to the key switch to boot from hard disk
only. IBM told me there would be no market, since "nobody does anything
important on a PC, anyway." If they had done it, it would be standard on
all clones today.
Watch out for password systems, if you lose the password you may *really
lose*. I saw this on a PS/2, where 2 months of work was flushed for want
of a password.
bill davidsen (davidsen@crdos1.crd.GE.COM)
{uunet | philabs}!crdgw1!crdos1!davidsen
"Stupidity, like virtue, is its own reward" -mewek@point.UUCP (Bill Kuykendall) (08/17/89)
>A friend of mine wants to write a program that would provide some >small security by either preventing people from booting off a >floppy drive or by making the information on the hard-drive unusable >if the system is booted off the floppy. What your friend wants to do is a fair amount of work, but it can be done and already has been by the makers of various security packages (Kinetic Access II comes immediately to mind). The trick is to have a dummy partition table installed with the real one hidden elsewhere. The bootstrap code on the hard drive is modified to find the hidden table, and a device driver is used to password access. Users attempting to boot from a floppy will get an 'Invalid Drive' message if they try to access c:. Bill Kuykendall ...ddsw1!point!wek
Ralf.Brown@B.GP.CS.CMU.EDU (08/17/89)
In article <1710@crdgw1.crd.ge.com>, davidsen@sungod.crd.ge.com (ody) wrote: }Watch out for password systems, if you lose the password you may *really }lose*. I saw this on a PS/2, where 2 months of work was flushed for want }of a password. I thought you could clear the password by opening the case and pulling out the battery for a few minutes. (at least that's what I've heard a number of times) -- UUCP: {ucbvax,harvard}!cs.cmu.edu!ralf -=-=-=-=- Voice: (412) 268-3053 (school) ARPA: ralf@cs.cmu.edu BIT: ralf%cs.cmu.edu@CMUCCVMA FIDO: Ralf Brown 1:129/46 FAX: available on request Disclaimer? I claimed something? "Drama is life with the dull bits left out." -- Alfred Hitchcock
jack@csccat.UUCP (Jack Hudler) (08/19/89)
In article <1710@crdgw1.crd.ge.com> davidsen@crdos1.UUCP (bill davidsen) writes: >Watch out for password systems, if you lose the password you may *really >lose*. I saw this on a PS/2, where 2 months of work was flushed for want >of a password. Not the CMOS Password. all you have to there is unplug the battery for about 20 minutes to an hour. Must have been some other method.. -- Jack Computer Support Corportion Dallas,Texas Hudler UUCP: {texsun,texbell,attctc}!csccat!jack
kim@kannel.lut.fi (Kimmo Suominen) (08/21/89)
In article <24eac58e@ralf> Ralf.Brown@B.GP.CS.CMU.EDU writes:
I thought you could clear the password by opening the case and pulling out
the battery for a few minutes. (at least that's what I've heard a number
of times)
That is true. Open the case and pull out the battery. Then wait for about
twenty (20) minutes and the password is gone.
That's why I keep the case locked.
Kim
--
,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,
( Kimmo Suominen Electronic Mail on Internet: kim@kannel.lut.fi )
( "That's what I think!" on Funet: KUULA::KIM )
''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''tcm@srhqla.SR.COM (Tim Meighan) (08/30/89)
In article <1989Aug15.183532.27998@ee.rochester.edu> jal@ee.rochester.edu writes: >A friend of mine wants to write a program that would provide some >small security by [preventing people from booting off a floppy drive.] >This is for DOS and cannot involve significant hardware (like >burning ROMS, cutting wires, etc). Any thoughts would be appreciated. Forget writing a program; unless you modify the EPROMs you can't stop the firmware boot code from checking the A drive for a system (bootable) diskette. But there is an easy fix. Once the hard drive is set up and the computer is booting properly from it, open the case and unplug the A drive. If the A drive is dead, no floppy boots are possible. If you only have one floppy drive, plug the "B" data cable into the drive so that you still have the use of it (as drive B, naturally). Of course, this doesn't protect you from those who have access to your computer while you aren't around and have enough savvy to open the case and re-connect the A drive. If this is the situation, though, you are really vulnerable no matter what scheme you use, unless you bolt the PC chasis to the desk and put a lock on the case. Tim Meighan SilentRadio "It is a poor secret that has no agent."
rick@NRC.COM (Rick Wagner) (08/31/89)
In article <1989Aug15.183532.27998@ee.rochester.edu> jal@ee.rochester.edu writes: >A friend of mine wants to write a program that would provide some >small security by either preventing people from booting off a >floppy drive or by making the information on the hard-drive unusable >if the system is booted off the floppy. > >This is for DOS and cannot involve significant hardware (like >burning ROMS, cutting wires, etc). Any thoughts would be appreciated. > >This is personal opinion. Well, depending upon your system: IBM's and many (most?) compatables will not boot from the B: drive; so... (a) if you have a dual floppy system, unplug your A: drive. This will leave you with the B: drive to read/write floppies. (b) If it is a single floppy system, use the second drive connector on the flat ribbon cable for the drive; this will accomplish the same thing as (a). Now this assumes a case with a lock, or some other method of locking the case closed. The biggest problem (more of an annoiance) is that the system will report a drive failure for drive A:, probably requiring you to press the F1 key. The advantage is that in the an appropriate system, there is no H/W mods needed, just unplugging a cable, which is a reversable process. Now you still need some software to password protect the hard disk. The comlpexity of this will depend upon how much you trust the people who are allowed to log on. (Do you trust them not to change your config.sys file, say; or delete the security program?). The simplest way would be to write a 'device driver' to ask for a password. It would not really be a driver, but would look like one so it will get loaded at boot time from your config.sys. It can't be in your autoexec.bat file, since that can be aborted with a ^c, dropping whoever back into DOS. A more complex system would involve modifying the boot block, but that would still be at the mercy of someone with a disk-editor. If you don't mind buying some hardware, there are small boards which plug into one of your system slots, and prompt for a password at power-up. This only occurs at power up time, so your logout is a power down. Again, for most of these boards, the case must be locked. -- =============================================================================== Rick Wagner Network Research Corp. rick@nrc.com rick@nrcvax.UUCP 2380 North Rose Ave. (805) 485-2700 FAX: (805) 485-8204 Oxnard, CA 93030 Don't hate yourself in the morning, sleep 'till noon.