csd072@cck.cov.ac.uk (Alice) (10/29/90)
I'm trying to write a password program for PC's/PS/2's under MS-/PC-DOS that can be used throughout a company having both separate passwords on each machine and a global, non-public password for the security officer(s) (in case users forget their passwords etc.). I know that a similar thing available for PS/2's, but this does not allow for the global password. The major stumbling block with this is: How can I cause such a program to be executed at power-on/boot-up time in such a way that it cannot be interrupted and is *always* invoked even if booting from the floppy-disk drive (all machines have a hard-disk)? Thanks in anticipation for any advice/comments (replies by e-mail if possible, as I don't always have time to read the news before it expires, and our feed is a little bit erratic). -- Flesh: Alice (N.Bowler) | "I would like to spend an evening Email: csd072@uk.ac.cov.cck | with Nicholas Parsons because never Voice: (+44 21 or 021) 373 8341 | ever ever bloody anything ever." Paper: 29 Holliday Rd. c/o B24 9HA, UK. | - Dreamytime Escorts
c37189h@saha.hut.fi (Harri "Haba" Suomalainen) (11/01/90)
In comp.os.msdos.programmer csd072@cck.cov.ac.uk (Alice) writes: >I'm trying to write a password program for PC's/PS/2's under MS-/PC-DOS that >can be used throughout a company having both separate passwords on each > machine this is: How can I cause such a program to be executed at power-on If you really gotta write the program you could make it as a part of boot by locating it in boot sector, autoexec.bat etc. This program should check the valid password and then eg. decrypt your FAT (the part of it not needed in boot-up). It sure is hard to do! There is a more practical way to do this. You could add your own program as a part of boot sequence by making a ROM extention. You'll find one in hard disks etc. There was an article in Radio Electroncs of how to do it. It shouldn't be too hard if you're familiar with electronics. You could as well add one in an empty ROM socket in case your machine has one. -haba -- Harri Suomalainen c37189h@saha.hut.fi haba@otax.tky.hut.fi
hartnegg@sun1.ruf.uni-freiburg.de (Klaus Hartnegg) (11/04/90)
c37189h@saha.hut.fi (Harri "Haba" Suomalainen) writes: >If you really gotta write the program you could make it as a part of boot >by locating it in boot sector, autoexec.bat etc. This program should check >the valid password and then eg. decrypt your FAT (the part of it not needed >in boot-up). It sure is hard to do! OH NO NO NO! Never encrypt the FAT unless you want to get into really big trouble! You could encrypt the partition table but you should never encrypt the FAT. When ever happens anything to your hard disk and you want to use a disk editor to repair it (Norton's NU or NDD for example) then you have no chance to get your information back when the FAT was encrypted. Its much easier to restore a partition table than a FAT! Of course that also means that you will never have perfect security: it's always possible to bypass such a password protection by guessing what the partition table may have been. As long as there is no file encryption built in the operating system you will NEVER have perfect security: either a possible cracker can bypass the password or your data lives very dangerous. -- --------------------------------------------------------------- Klaus Hartnegg, Kleist-Str. 7, D-7835 Teningen, Tel 07641/48652 BITNET : HAKL@DFRRUF1 Internet : HAKL@ibm.ruf.uni-freiburg.de