JFS10@psuvm.psu.edu (Jonathan Swaby) (10/27/90)
I am in search of a password program for my hard drive. I don't want people to be able to boot with a floppy and gain access to the drive. I don't want a program that protect just individual, but one that asks for the password when the machine is powered on. Thank you. ---------------------------------------------------------+ Jonathan Swaby | Computer Instructional Specialist | Center for Computing Assistance College of Liberal Arts | Penn State University | ---------------------------------------------------------+
nol2321@dsacg4.dsac.dla.mil (Jim Dunn) (10/29/90)
In article <90299.144326JFS10@psuvm.psu.edu> JFS10@psuvm.psu.edu (Jonathan Swaby) writes: >I am in search of a password program for my hard drive. I don't want people >to be able to boot with a floppy and gain access to the drive. I don't want >a program that protect just individual, but one that asks for the password >when the machine is powered on. > >Thank you. > >---------------------------------------------------------+ >Jonathan Swaby | >Computer Instructional Specialist | >Center for Computing Assistance College of Liberal Arts | >Penn State University | >---------------------------------------------------------+ I hate to tell you this Jonathan, but there's not really any security built into the "standard" IBM-PC or compatible. No matter WHAT you do with the software, someone will be able to UNDO it with software... You will probably need to buy some custom ROM chips that protect you. (or go buy an IBM PS/2, they come with password capability built into their ROM chips... but you can get around that too, if you unplug the internal battery for 3 hours...) :) Jim Jim Dunn; jdunn@dsac.dla.mil; AV 850-9713; AT&T 614-238-9713; FAX 614-238-9936 Department of Defense-Defense Logistics Agency-Systems Automation Center, DSAC ******* Compuserve Users Send Mail To: >INTERNET:jdunn@dsac.dla.mil ******* "I thought I needed to be free-but when I was free-I just needed to be needed"
lucas@ccu.umanitoba.ca (Brian Lucas) (10/31/90)
In article <90299.144326JFS10@psuvm.psu.edu> JFS10@psuvm.psu.edu (Jonathan Swaby) writes: >I am in search of a password program for my hard drive. I don't want people >to be able to boot with a floppy and gain access to the drive. I don't want >a program that protect just individual, but one that asks for the password >when the machine is powered on. > I doubt such a thing is possible with software. Apparently, this is not uncommon with hardware, though - my roommate has a '386 that allows a power-up password to be installed, presumably in the CMOS setup. There are ways around this, as with any password, but it would make it quite difficult to get around, and that of course is what passwords are for. No security is unbreakable, as we all know. Maybe you should investigate hardware that allows such things. I imagine that there is nothing that you could do without messing with the hardware that couldn't be undone with the simple step of booting fom a floppy. Brian Lucas, a lowly student at the U of Manitoba. <lucas@ccu.umanitoba.ca> (Internet preferred address) <lucas@ccm.umanitoba.ca> (Not preferred address) <lucas@uofmcc> (Bitnet address - last resort for email)
norlin@uokmax.ecn.uoknor.edu (Norman Lin) (10/31/90)
lucas@ccu.umanitoba.ca (Brian Lucas) writes: >In article <90299.144326JFS10@psuvm.psu.edu> JFS10@psuvm.psu.edu (Jonathan Swaby) writes: >>I am in search of a password program for my hard drive. I don't want people >>to be able to boot with a floppy and gain access to the drive. I don't want >>a program that protect just individual, but one that asks for the password >>when the machine is powered on. >> >I doubt such a thing is possible with software. > >Apparently, this is not uncommon with hardware, though - my roommate has a >'386 that allows a power-up password to be installed, presumably in the >CMOS setup. There are ways around this, as with any password, but it would Just a thought... if the machine in question is an AT or higher class machine, what about the following: set the CMOS RAM so that it thinks the floppy drive isn't there. Then it will boot from the hard drive, thus running whatever password or security program is needed. Of course on most AT's, a simple key sequence will bring up the setup menu, but this requires a knowledgeable user. Also, some AT's exist (such as mine) that do not have the setup built in, so that to reconfigure CMOS requires running an external SETUP.EXE program. Hope this helps in some degree. In any event, I think there is some degree of security affordable with software only. -- \ /\/\ /\/\ +-----------------------------+ /\/\ /\/\ /./ \\ /./\\\ /./\\\ /====|Norman Lin/norlin@129.15.20.2|===/./\\\ /./\\\ /./ \\\/./ \\\/./ \\\/./===| norlin@uokmax.ecn.uoknor.edu|====/ \\\/./ \\\/./ \/\/ \/\/ \/\/ +-----------------------------+ \/\/ \/\/
mcastle@mcs213f.cs.umr.edu (Mike Castle) (10/31/90)
In article <1990Oct31.021421.7987@uokmax.ecn.uoknor.edu> norlin@uokmax.ecn.uoknor.edu (Norman Lin) writes: >lucas@ccu.umanitoba.ca (Brian Lucas) writes: >>In article <90299.144326JFS10@psuvm.psu.edu> JFS10@psuvm.psu.edu (Jonathan Swaby) writes: >>>I am in search of a password program for my hard drive. I don't want people >Just a thought... if the machine in question is an AT or higher class >machine, what about the following: set the CMOS RAM so that it thinks the >floppy drive isn't there. Then it will boot from the hard drive, thus >running whatever password or security program is needed. Good idea as long as he NEVER messes up his config.sys, autoexec.bat, has to ever write to a floppy, etc etc. I *seem to remember* having problems accessing a hard-drive when booting off of a floppy before. I found out later that the hard-drive was configured in such a way in that regular dos (in might have been because I was using an older version) couldn't read/recognize the existence of the hard-drive. I could use the machine, but not the hard-drive. It might have also been because I was using a Zenith Data Systems machine (thus again, DOS incompatabilities (sp?)). I think that there *should* be something out there that will let him configure his hard-drive so that it can't be accessed unless booted from the hard-drive or a floppy that has certain special configurations on it (which there shouldn't be too many of). Now after all this rambling's, I've just now realized that I've not come up with a solution to the password problem yet. Hmmm... I don't guess it would be too hard to write a prog that would turn off ctrl-break and then just loop forever until you got the password right.... (still want a floppy w/o pw prot just incase...). Oh well, at least it's something else to keep in mind. :-> BTW, wouldn't this be better discussed in comp.os.msdos.apps/misc??? ;-> -- Mike Castle | Life is like a clock: You can work constantly and be Nexus | right all the time, or not work at all and be right S087891@UMRVMA.UMR.EDU | at least twice a day. mcastle@cs.umr.edu | Love does not exist anymore.
frisk@rhi.hi.is (Fridrik Skulason) (10/31/90)
In article <1990Oct30.180312.5734@ccu.umanitoba.ca> lucas@ccu.umanitoba.ca (Brian Lucas) writes: >In article <90299.144326JFS10@psuvm.psu.edu> JFS10@psuvm.psu.edu (Jonathan Swaby) writes: >>I am in search of a password program for my hard drive. I don't want people >>to be able to boot with a floppy and gain access to the drive. I don't want >>a program that protect just individual, but one that asks for the password >>when the machine is powered on. >> > >I doubt such a thing is possible with software. It is possible...well sort of... The solution involves replacing the partition poot record with invalid information about the partitions, and the password program. If the correct password is entered, the partition table will be corrected, making the hard disk visible. If the user attempts to bypass this, by booting from a floppy, the disk can not be accessed. Running NDD or a similar program to "recover" the lost partitions will not help. A program for doing this exists, but it is a commercial product. Of course this can never be as secure as a hardware solution, which would also encrypt/decrypt all data on the disk "on the fly"... -frisk
sci240s@monu6.cc.monash.edu.au (mr w.j. ho) (10/31/90)
mcastle@mcs213f.cs.umr.edu (Mike Castle) writes: >In article <1990Oct31.021421.7987@uokmax.ecn.uoknor.edu> norlin@uokmax.ecn.uoknor.edu (Norman Lin) writes: >>lucas@ccu.umanitoba.ca (Brian Lucas) writes: >>>In article <90299.144326JFS10@psuvm.psu.edu> JFS10@psuvm.psu.edu (Jonathan Swaby) writes: >>>>I am in search of a password program for my hard drive. I don't want people >I think that there *should* be something out there that will let him configure >his hard-drive so that it can't be accessed unless booted from the hard-drive >or a floppy that has certain special configurations on it (which there ^^^^^^^^^^^^^^^ ****-> I have just tried XLOCK1.ZIP from SIMTEL20 in directory PD1:<MSDOS.SYSUTL>. This program actually let you install your PC for one user ( userid and password ) and check login when "loading" config.sys from the installed boot disk. ( It loads a device driver supplied with the program ) I tried to fool it by booting from floppy and it does not recognize my hard drive ( "c:" in my case ) though it allows me to boot up. Still trying it and has not "bumped" into any bugs or problems yet. Hope this help people looking for ways to stop unauthorized access to their system. NOTE : I will be interested to hear from anyone who has or is still trying to break this "lock" from accessing the hard drive ( of course without cheating by having the inside knowledge from the originator of the program : X-LOCK Corp. [Tel: (404) 475-8787 @ Ga. 30201, USA] ). >shouldn't be too many of). -- ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ ^ Wey Jing Ho (Mr HO) E-mail : sci240s@monu6.cc.monash.edu.au ^ ^ Physics Dept., Monash University ( Caulfield Campus ), Melbourne, AUSTRALIA ^ ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
feg@moss.ATT.COM (Forrest Gehrke,2C-119,7239,ATTBL) (10/31/90)
In article <1990Oct31.021421.7987@uokmax.ecn.uoknor.edu> norlin@uokmax.ecn.uoknor.edu (Norman Lin) writes: >lucas@ccu.umanitoba.ca (Brian Lucas) writes: > >>In article <90299.144326JFS10@psuvm.psu.edu> JFS10@psuvm.psu.edu (Jonathan Swaby) writes: >>>I am in search of a password program for my hard drive. I don't want people >>>to be able to boot with a floppy and gain access to the drive. I don't want >>>a program that protect just individual, but one that asks for the password >>>when the machine is powered on. >>> > >>I doubt such a thing is possible with software. >> > >Just a thought... if the machine in question is an AT or higher class >machine, what about the following: set the CMOS RAM so that it thinks the >floppy drive isn't there. Then it will boot from the hard drive, thus >-- It is possible with software. Try PCLOK11F, available on simtel20. It absolutely locks out the hard drive unless given a password. The machine may be booted with a floppy system disk, however the Hard Disk will be inaccessible. Any users of this program should be advised to make a copy of the partition sector before loading pclok11f because any chance write to the partition sector afterwards will lock out the hard disk permanently unless FDISK is used. This takes the chance of ending up with a complete restore (if you have one). It is much easier simply to restore the saved copy of the partition sector to recover from this chance write. Of course, another reason for squirreling away an original copy of the partition sector is if you forget your password (;-)) Forrest Gehrke feg@moss.att.com
herrickd@iccgcc.decnet.ab.com (10/31/90)
> In article <90299.144326JFS10@psuvm.psu.edu> JFS10@psuvm.psu.edu (Jonathan Swaby) writes: >>I am in search of a password program for my hard drive. I don't want people >>to be able to boot with a floppy and gain access to the drive. I don't want >>a program that protect just individual, but one that asks for the password >>when the machine is powered on. >> > Golden Bow something company has some software with a name that starts with V that I hate because it is tolerably effective at doing what you describe. My client had a cad package that was shipped with this protection and he had me making some change in his config.sys. When I made the hard disk unbootable I grabbed the nearest copy of the DOS distribution and tried to fix things. The hard disk was two (or ten) megabytes and there was nothing there! I expect the thing is penetrable, but the easiest way to penetrate it is to compromise the password. Golden Bow advertises here and there. You should be able to find them. (They're not in the Byte that came today.) dan herrick herrickd@astro.pc.ab.com
tcs@router.jhuapl.edu (10/31/90)
In article <1990Oct31.021421.7987@uokmax.ecn.uoknor.edu>, norlin@uokmax.ecn.uoknor.edu (Norman Lin) writes: >lucas@ccu.umanitoba.ca (Brian Lucas) writes: > >>In article <90299.144326JFS10@psuvm.psu.edu> JFS10@psuvm.psu.edu (Jonathan Swaby) writes: >>>I am in search of a password program for my hard drive. I don't want people >>>to be able to boot with a floppy and gain access to the drive. I don't want >>>a program that protect just individual, but one that asks for the password I have been using a program for 4 years or so called VFeature Deluxe. It is a partitioning program that allows you to create your own drive table and places it in a file that is located in your config.sys. It allows you to place a password on your computer so noone can access it. Since it's drive table is in a device file (Fixt_Drv.Sys), if you boot from a floppy, you will see nothing or garbage on the hard drive. And since you create your own drive table, you will be able to use the entire hard drive. This doesn't prevent someone from booting from floppy and formatting C:, but it will (90%) prevent them from using the data (I say 90% because if you create a normal partition size (32M) I think you can still boot to a floppy and access C: however I was unable to load OS/2 which has to boot to install so ... 90%). It's put out by Golden Bow and I'm sorry, but I don't have the phone number handy. Also, I remember seeing a program a few years ago that protected your hard drive by modifying the partition table. It put garbage in as the first partition and the second partition was the DOS one. If you booted from a floppy you were unable to access C: (or D: ... ). It also had a screen clear function that I could never get to work. I decided that my information wasn't important enough to risk someone modifying my partition so I couldn't access it. I don't recall the program name, but maybe this triggers someone elses memory ( I think it was PC-Protect or something). I think it's on one of my BBS tape backups, but maybe not. Carl Schelin | "I wouldn't hurt a fly, tcs@router.jhuapl.edu | but only because they taste funny."
mvolo@uncecs.edu (Michael R. Volow) (11/01/90)
[poster asks about security programs requiring password for HD access and blocking floppy boot] PC-Vault and HandsOff both claim to do this. Both are currently commercial programs. Have used demo of PC-Vault. Will post addresses after I get home (where my records are). -- Michael Volow, Psychiatry, Durham VA Med Center, Durham NC 27712 919 286 0411 Ext 6933 mvolo@ecsvax.edu
prs@io.UUCP (Paul Schmidt) (11/03/90)
In article <1990Oct31.021421.7987@uokmax.ecn.uoknor.edu> norlin@uokmax.ecn.uoknor.edu (Norman Lin) writes: > >Just a thought... if the machine in question is an AT or higher class >machine, what about the following: set the CMOS RAM so that it thinks the >floppy drive isn't there. Then it will boot from the hard drive, thus >running whatever password or security program is needed. > Probably won't work. At boot time, most BIOSs go out and specifically look for floppy drives. If they exist, and CMOS says they don't, an error will be posted telling you to run Setup. Its a safety feature; if your CMOS dies, you will still be able to boot your machine from floppy disk. Besides, unless the security program is a device driver in CONFIG.SYS, a control-break at the right time would interrupt AUTOEXEC processing before the security program can be run. Now, what you _could_ do is set up floppy disks specifically for booting that contain a hard disk driver that accesses the FAT in non-compatible ways. You'd have to run the security program off the floppy, and enter the right password, and so forth. Unfortunately, that would preclude you from running applications that access the disk directly, like various popular hard disk utilities.