Secret Sector Backdoor / Security Breach

Secure Home | Search | About

Lost Password?

Microsoft Applications Security

get this group's latest topics as an RSS feed

add this group's latest topics to your My MSN content

add this group's latest topics to your My Yahoo content

add this group's latest topics to your Google content

Subject	Author	Date
Secret Sector Backdoor / Security Breach	Security.Concerned.User	10-21-2007

Posted by on October 21, 2007, 2:11 pm

If you were Registered and logged in, you could reply and use other advanced thread options

Hello everyone,

Recently I've realized that Windows XP Pro (SP1) secretly writes data
to hard-disk sector(s) that were beyond its installation-partition
boundaries;
at that time I used a basic Windows XP installation on a 3-GB
partition,
and the rest of the harddisk was unformatted, for all Windows cared.

I should also mention that my WinXP partition is formatted on FAT32,
but I am capable of accessing NTFS partitions, if need be, using
NTFS4DOS,
(which I didn't).

Obviously I was only able to have discovered that with an MSDOS-run
Disk Editor
capable of accessing all 160 million sectors of my 80GB hard disk, and
making
a text-based datafile containing sector numbers (Cyl., Head, Sector +
Index),
that was runnable under pure MSDOS mode avaiable by booting
from a BootCD / BootDVD.

I wasn't quite sure what the nature of that data was,
and whether or not it was a copy of the swapfile
(e.g., PageFile.SYS), or some other data off RAM,
or maybe password(s) or other sensitive data
that I may have been working on prior to re-booting
from my BootDVD.

So my questions are:

1. Would anybody be familiar with that sector-writing stuff?
2. If so, what is the nature of the data written?
3. Would password(s) typed at MSDOS-based program(s), run within
Dos-Box windows, be secretly saved there too?
4. How Am I do prevent that from happening?
5. How Am I to erase such data?

Thanks much,
SCU

Similar Threads	Posted
Secret Sector Backdoor / Security Breach	October 21, 2007, 2:11 pm
Possible Security Breach	February 19, 2006, 11:02 pm
Implementing security for a "very secret document"	November 2, 2007, 9:21 am
Urgent help: Possible security breach	April 13, 2007, 8:10 am
Re: Secret Windows In IE??	June 25, 2005, 2:05 am
Re: passwords/secret questions change??	June 28, 2005, 9:29 am
RE: passwords/secret questions change??	June 28, 2005, 7:17 am
Best Way to Share a Secret String Between Member Servers?	February 7, 2007, 12:20 am
Trojan-Backdoor-Retro64	December 27, 2005, 8:54 pm
Backdoor Trojan targets Microsoft Access	October 6, 2005, 11:48 pm

The site map in XML format XML site map