First, modify the hard disk partition table information
Boot-critical hard disk partition table information on the hard drive, if not find a valid partition table, you can not boot from the hard disk, or even boot from a floppy disk can not find the hard drive. Typically, the first sub-section 0 partition table entry is 80H, showing the C drive is active DOS partition on the hard disk bootstrap can rely on it. If the bytes to 00H, you can not boot from the hard drive, but after a floppy disk, hard disk can still be accessed. The first 4 bytes of the partition table is the partition type flag, the first partition is usually here 06H, showing the C drive is active DOS partition, if the first partition on the hard drive can be modified here play a role of encryption.
1. If this byte to 0, it indicates that the partition is not used, of course, you can not boot from the C drive. Boot from the floppy disk, the original C drive is gone, you see the C drive is the original D drive, D drive is the original E drive, and so on.
2. If here bytes to 05H, then not only can not boot from the hard drive, even from a floppy disk, each logical hard drives are not accessible, this is equal to the entire hard drive is encrypted. In addition, the hard disk master boot record valid flag is the last two bytes of the sector is 55AAH. If these two bytes to 0, the entire hard drive can also lock which can not be accessed. Physical hard disk partition table in cylindrical 0 0 1 Sector Head, you can directly call up the sector and the modified save with Norton for Win95 in Diskedit. Debug or treated with sub-function 02H of INT 13H will cylindrical 0 0 1 Sector Head into memory, modify it in the appropriate position, and then sub-function 03H of INT 13H write head 0, cylinder 0, sector 1 can a.
Encryption processing above, the average user is concerned enough. But for experienced users, even if the hard disk is not accessible, you can also use the INT 13H function 02H sub-cylindrical 0 0 1 Sector Head read out, based on the experience of the corresponding position data can be modified, can be achieved on the hard disk to unlock, because these the position data is usually fixed or had very limited circumstances. Another of insurance but clumsy way is the hard disk partition table entry for back up, and then it all becomes 0, and others because they do not know the partition information, you can not unlock the drive and access the hard drive.
Second, the hard disk password plus
We know that, in the CMOS system password can be set so that unauthorized users can not start your computer, of course, will not be able to use the hard drive. But it did not really lock the hard drive, as long as the hard disk will hang on another computer, data, and software on the hard disk can be used. To add a password to the hard disk, you can first primary hard disk 0 cylinder 0 head 1 sector of the boot record and partition information is stored in the hidden sector of the hard disk does not use, such as cylinder 0 head 0 3 sectors. Debug and then rewrite a program of no more than 512 bytes (100 bytes actually enough) is loaded to the hard drive in cylindrical 0 0 1 Sector Head. Function of the program is the first to enter a password when you execute it, if incorrect password is entered an infinite loop; if the password is correct, then read on there main hard disk boot record and partition information hidden sector (cylinder 0 head 0 3 district), and turn to the implementation of the master boot record.
The first is due to the hard disk BIOS calls bootstrap program INT 19H of the main primary hard drive in cylindrical 0 0 1 Sector Head of the boot record is read into memory 0000: 7C00H performed at, and we have been perpetrating a fraud, will head 0, cylinder 0 1 sector into our own design process. So when you boot from the hard drive, the first executed is not the master boot program, but our design process. In the implementation of our design process, if the password for you can not proceed, it will not start. Even booting from a floppy disk, since the cylindrical 0 0 1 Sector Head no partition information, the hard disk can not be accessed. Of course, we can also design a program like a virus, some of which reside in the high memory, monitor INT 13H used to prevent cylindrical 0 0 1 Sector Head rewritten.
Third, to achieve the user hard disk encryption management
UNIX operating system allows multiple users to manage, in DOS system, the hard drive will improve the management system, but also to achieve a similar function multi-user management. The management system can meet some of the requirements this: 1. The hard disk is divided into a number of public and private partitions partition C D. The "power users" to manage the C zone, the C region can read, write and update the system; "Special Users" (such as internal staff room) by using its own partition password to protect your files and data; "average user" (eg machine room to ordinary people) use any designated public partition. The latter two users can not write to the C drive, so that if the operating system and a large number of application software installed in the C drive, can be prevented in the public rooms of other people intentionally or unintentionally damage the system and software to ensure that the system security and stability. 2. At system startup, you need to use a floppy disk to start the key system, otherwise the hard disk is locked and can not be used. Implementation of this method by utilizing the hard disk partition table for each logical partition list structure, using assembler programming to achieve.
Fourth, to achieve a logical write protection
We know that there are write-protect notch on the floppy disk in the floppy disk before the write operation, BIOS floppy disk you want to check the status, if the write-protect notch is sealed, it can not be written. While the write protection on the hard drive, the hardware can not be, but can be implemented by software. In DOS systems, the disk write operation includes several conditions: (1) in COMMAND.COM with the support of a write operation, such as MD, RD, COPY, etc; (2) some of the sub-functions in DOS function calls, such as function number 10H, 13H , 3EH, 5BH, etc., may be written to the hard disk; (3) logical sectors through INT 26H will be converted to absolute sector write; (4) by sub INT 13H function number 03H, 05H and other disk writes. But each must write the final call INT 13H sub-function to be realized.
Therefore, if INT 13H intercept, you can achieve a ban on a particular logical hard disk write operation. Because write files on the disk is write by the INT 13H function 03H child, call this sub-function, register CL represent the starting sector number (actually only use low 6); CH represents track number, that is the hard disk for the cylinder number, the cylinder number represented by 10, its highest in two of the highest two CL. When the hard disk can be divided into multiple logical partitions on the hard disk drive, and each logical drive is a complete start from a cylinder. As the author of a hard disk is 2.5GB, divided into C, D, E, F, G five discs. Wherein the C drive starting cylinder number 00H, D disk starting cylinder number 66H, E disk starting cylinder number E5H, F disk starting cylinder No. 164H, G disc starting cylinder number 26BH . If INT 13H intercept, when AH = 03H, and high cylinder number two by the CL and CH together represent more than E4H and less than 164H, does nothing to return to, so that you can achieve the E disk write prohibited.