Contents of the SECURE.DOC file
Hard Disk Secure
Copyright TeraTronics Consulting
I have undertaken a considerable effort to create both this Security
utility and the corresponding installer utility and to painstakingly ensure
that it works flawlessly on a multitude of configurations. As with any Shareware
utilities that alter your system, I strongly suggest that you perform regular
backups of your system on tape or disk(s).
If you find this software useful then please help out my future efforts
by sending $20.00 per copy to:
107 Horizon Road
Palmdale, CA 93551 USA
Documentation for disk security program(s).
Install.exe - Self-contained Installation utility
Secure.sys - Config.sys-based Device Driver for password protection upon IPL
Secure.doc - This Help file
SetVar.Exe - Utility to dynamically change the Disk protection options Format and Write
This Security utility, combined with the secure.sys driver, offers a substantial
increase in hard disk security over other security mechanisms. This utility
comes with the following features:
1) Prevent unauthorized access to Hard disk by using an
eight character sign on password(secure.sys). This
utility will allow the user to enter up to an eight
character password. If incorrect, the user will be informed
and the system will halt. If correct then the system will
continue loading the operating system. The User/intruder
can not break out of this prompt by pressing CTRL-C.
2) Prevent unauthorized access to the Hard disk if the system
is booted from the floppy drive. DOS will not be able to
find a valid Hard drive. This ability is gained through
running the Install.exe utility.
3) Prevent accidental Format of Hard disk. This option, if
enabled, will prevent the DOS Format command from formatting
any Tracks on the Hard Disk.
4) Prevent any Writes to Hard disk. This option, if enabled,
will prevent any BIOS and DOS -level Writes to the Hard
Disk. This utility can be useful in the event that LAN
Gateway or Bridge PC's are placed in a "non-trusted" area.
This utility could also offer some protection against
viruses that attempt to install themselves onto the Hard
disk(assuming that the utility is first loaded to the
Hard disk or executed from the Floppy disk).
This software has been verified to work without any problems with the
following LAN workstation shells: Banyan VINES, Novell Netware and LAN Support
This software has been verified to work with:
IBM DOS 3.0
IBM DOS 3.3
Microsoft DOS 3.3
Microsoft DOS 5.00.449
Compaq DOS 3.31
Compaq DOS 4.01
Microsoft Windows 3.0.
Banyan VINES 4.00, 4.02 Redirectors
Novell Netware 2.15 Redirectors
The only requirement is DOS 3.0 or greater since the Installer uses
features not found in earlier versions of DOS.
This software has been verified to work on the following systems:
IBM PC, PC-XT, PC-AT(all), PS/2(30,50,55SX,60,70,80(386)) ESDI and MFM drives.
NCR (all i286 and i386 workstation models)
COMPAQ Portable 386.
PC-AT Clones running Phoenix, Award and Chips and Technologies BIOS.
*** NOTE ***
Will Not Work on an NCR i486 system with SCSI drives. (Current Incompatibility)
However, if installed from A: drive, the system can be restored to its
original state by running the install utility to remove the security
Please not that with some Virus detection software you will get a message "Invalid Disk Media Access" -
Don't worry, this is normal as the Install.exe utility modifies the Disk partition
Security Feature 1,024 Bytes of NON-DOS Memory. DOS Memory Reduced by 1KB
Secure.sys 94 Bytes of DOS Memory.
INSTALL.EXE Requires DOS 3.0 or greater and at least 128KB of Memory.
HOW TO INSTALL THE SECURITY UTILITY:
*** NOTE ***
For your own protection, please install this utility from the A: drive
on a bootable diskette (format a:/s...). This is your protection if
you are running on a non-tested platform. Resolving a problem is as simple
as re-running the Install utility to automatically restore the original
1) Type INSTALL S - You should get a message that Install.EXE can be
distributed. If Not then you have a copy of Install.exe that has already been installed
somewhere and therefore you can't use it.
2) Type INSTALL H - This will provide you with a help screen in case
you decide to blaze through this document and forget/overlook the option switches.
3) The parameters for the Install.exe are as follows:
Where Options are:
H : Help Screen that reviews options and commands
A : About screen that advertises the product
P:Password : Up to eight character case-sensitive password
Default password is "PASSWORD"
O:Options : Security options:
F : Disable BIOS and DOS Format commands for
Hard Disk only.
W : Disable BIOS and DOS Write commands for
Hard Disk only.
Install P:Hello O:FW : Password = "Hello" which is not equal to
"HELLO" or "hello", Options = Format and Write
Install O:F : Password defaults to "PASSWORD", Options =
Format protection ON, Write protection OFF.
4) Run Install.exe with the appropriate command line parameters. Please note
that input redirection is not supported. Please note that Install.exe
will check to see if it, or another copy, has already been installed on
the Hard disk. If so, then Install.exe will terminate with the appropriate
message. For the upmost in protection, Install.exe should be run from
the A: drive on a formatted system diskette.
5) After Install.exe has completed, you will be prompted to press any key to
reboot. After rebooting, the system will load as usual with no apparent
changes to the end-user. If there are any error messages then please note
them down and contact me via E-mail on Compuserv.
6) Save a copy of the Install.exe file since it is now specific to your system(
specifically, your hard disk). The Install.exe file, after running, will
contain a copy of the pre-existing partition table. Once installed, you will not
be able to run Install.exe on any other system except the one that it was
originally installed on. Furthermore, Install knows when it has been installed,
and if run again on the same Disk, will attempt to remove itself. If you save
this file to a floppy(strongly suggested) then please ensure that the floppy is
"self booting" (format a:/s). Doing this will allow you to restore your system
to its original state from the Floppy disk. Naturally, leave this diskette in
a very safe place.
7) At this point, the Secure.sys utility can be placed into the Config.sys
file. This driver should(but doesn't have to be) be the first driver in the
Config.sys file. Also, this driver is only required if one wishes to have
Password protection before gaining access to the Hard Disk. It is not
required for Format or Write protection or for preventing a user from
booting from the A: drive and accessing the Hard disk.
8) After installing the Secure.sys utility, manually reboot the PC.
9) When the PC is processing the Config.sys file, the user will be prompted
for a password in order to gain access to the system. Type the same
password as was done for the Install.exe utility.
HOW TO REMOVE THE SECURITY UTILITY:
1) Remove or comment out the Secure.sys utility from the Config.sys file. If
you accidentally remove the security system before removing or commenting
out the Secure.sys file, don't worry - Secure.sys will sense that the
security system is absent and will not interfere with the DOS loading
2) Take the earlier-saved Install.exe file and run it from either the Hard or
Floppy disk. You can even boot from the floppy disk and then run
3) Type Install P:password
Where P: Password is the earlier-mentioned password used with
Install.exe. if you did not use a password when Install.exe
was previously run then this field can be omitted.
example : Without a password type INSTALL
Note: If a password was used during the installation phase then
one must be entered in order to remove the security system.
4) The Install.exe utility will check the Disk to ensure that it is the same
one used during the Installation phase. If the disk is the same then Install.exe
will replace the current Partition sector with the original partition sector.
You must use the Install.exe, or a copy of, that was used in the installation
process - this is software enforced and there are no exceptions.
5) When complete, Install will prompt you to press any key to Reboot.
6) After rebooting, the system will be restored to its original pre-installation
Since Install.exe does not support StdIn or StdOut, a DOS return code is
provided to indicate program completion status or a failure point.
Install.exe will display Text messages indicating the cause of any failure.
HOW THE SECURITY SYSTEM WORKS
The Install.exe utility saves a copy of the current partition sector which is
comprised of both partition loader code and the actual partition tables.
Install.exe then copies an internally-generated, serialized, Partition image
to the hard Disk. Each Partition image is virtually guaranteed to be unique due
to a 32-bit random number that is seeded off of the internal BIOS clock.
Install.exe, once installed, will never allow itself to be installed on another
system. Further, it will not attempt to remove a partition image that it did
not specifically create. Install.exe will only remove itself from the system
that it was originally installed on. As an added measure of security, if a
password was specified during installation then one will be required for
removal. This strict enforcement is critical since the original Partition table
is stored in the Install.exe file in case the software needs to be removed/upgraded.
Only after Install.exe has completed an Install/Remove cycle can the
Install.exe file again be freely distributed to other co-workers. If you attempt to
run a copy of install.exe that has already been installed but not removed, it
will automatically terminate. To check the state of your copy of install.exe, type
This Security application does not modify DOS in any way. It is a BIOS-level
utility that is completely transparent to DOS. This means that when you
Format system diskettes, they are no different than they were before
Install.exe was installed.
This Security utility will allow you to re-partition your Hard Disk,
provided that the Write protect option is disabled. It will also allow you
to Format your Hard disk, provided that the Format protect option is disabled.
Formatting or running Fdisk will have no effect on the Security utility as long
as the system is booted from the C: drive.
When you boot from the Floppy drive, you loose this Write/Format protection.
However, DOS applications can not correctly read the partition sector when
booted from a Floppy.
Fdisk or Format can be run at any time and will not effect, or be effected by the
presence of this utility.
The security that this utility provides is that the Hard Disk is not accessible
if the system is booted from a Floppy Disk. Provided that the Secure.sys
utility is used, the Hard Disk is virtually safe from unwanted "guests."
Like any form of security, this system, is not completely invincible to the serious
Hacker who has nothing better to do than to break into systems. However, it is felt
that this form of security is adequate enough to protect against break-ins from
the majority of PC users/programmers.
Although I have done my best to fully test this product, to prevent any
serious problems, I insist that the best protection is to run Install.exe
from a Floppy drive and keep the file in a safe place(perhaps make several copies
using the following command:
COPY INSTALL.EXE A:INSTALL.EXE /V
In this manner, if there is ever a problem, I could E-mail you a Partition
table restoration utility within hours that would restore your Partition to
its original state.
As mentioned above, the software will not currently run on NCR i486 systems
with SCSI due to an incompatibility problem.
Have Fun and feel free to drop me a line on how you have used this software in your
environment and any suggestions/product enhancements that you would like to see
in a future release.
I can be reached on Compuserve as: "Stuart Macdonald"
Software Library Information:
This disk copy provided as a service of
Public (software) Library
We are not the authors of this program, nor are we associated
with the author in any way other than as a distributor of the
program in accordance with the author's terms of distribution.
Please direct shareware payments and specific questions about
this program to the author of the program, whose name appears
elsewhere in this documentation. If you have trouble getting
in touch with the author, we will do whatever we can to help
you with your questions. All programs have been tested and do
run. To report problems, please use the form that is in the
file PROBLEM.DOC on many of our disks or in other written for-
mat with screen printouts, if possible. PsL cannot debug pro-
programs over the telephone, though we can answer questions.
Disks in the PsL are updated monthly, so if you did not get
this disk directly from the PsL, you should be aware that the
files in this set may no longer be the current versions. Also,
if you got this disk from another vendor and are having prob-
lems, be aware that some files may have become corrupted or
lost by that vendor. Get a current, working disk from PsL.
For a copy of the latest monthly software library newsletter
and a list of the 3,000+ disks in the library, call or write
Public (software) Library
P.O.Box 35705 - F
Houston, TX 77235-5705
Outside of U.S. or in Texas
or for general information,
PsL also has an outstanding
catalog for the Macintosh.