Data Partition Protection

Then we concur Dr Trad. Great minds think alike and fools.....

 

I haven't read all this thread but theres no need for expensive software. I can think of 2 ways off top of my head. Setup true crypt to hide the drive and you can open it up with a batch file as it supports command line options. You have batch on a usb stick that runs, secures your drive when you insert it and hides it again when you pull the usb stick out.

Another batch file you could easily setup is to change the registry.

Go to Start -> Run and type Regedit to start the registry editor. Now you need to follow a specific key which must be edited:

HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionPolicies

Right click in the right panel and select New->DWORD value. Name it NoDrives. You will immediately observe that this new DWORD value got its data something like this: 0x00000000. There are four sets of double 0. This means that every set has its representations as follows:

first set: drive letters from A to H
second set: I to P
third set: Q to X
fourth set: Y to Z

The value number for the each drive is:

1 for A I Q Y, 2 for B J R Z, 4 for K C S, 8 for D L T, 16 for E M U, 32 for F N V, 64 for G O V and 80 for H P X.

Now focus on the information I provided you with above. If you want to hide drive/partition, let's say partition E:, you should edit the NoDrives value as follows: E: corresponds to the first set of double 00 and the value for E is 16. Therefore, replace the first double 00 with 16.

They cant access the drive with no drive letter.

 

I have a very cool trick if anyone wants to know on how to strongly hide files in a folder and hide the folder itself with a password. The folder cannot be accessed because the folder is not a folder. lol Beat that.

ErikAlbert, How can something be infected if it's hidden, not accessible and read only? It can't. You can use not 1 but 3 256bit key encryption. Nobody will get thru that.

 

Markymoo,
I like to keep it also simple.
I just don't want any change on my data partition, which is my whole second harddisk.
I know encryption, I played with it, container or volume encryption and I didn't like it.
I don't like to change my partition letter either and there is no need to, when the drive is locked.
I don't like to protect the harddisk partial by locking folders, while the rest is vulnerable.
It's not about money, PC Security was the only EASY one compared with the rest.

I'm not doing this to hide secrets, I just don't like any change on my data partition, while I'm surfing on the internet, just like I don't like any change on my system partition.
I practice the same kind of philosophy for both harddisks, while I'm on-line.
It's only about being ON-LINE, not about being OFF-LINE.
If I boot in my off-line snapshot all my worries are over, because there is no internet and that's where I work or do my hobbies.

The proof is there, my computer is a paradise : constantly clean, working properly and malware-free and each small or big problem is solved with a simple reboot. The worst scenario is solved with restoring a clean image (10 minuts) and I'm back in business.
If I read the posts with problems at Wilders and what the poster has to do to fix it, then I know for a fact, that my approach is working better than his.
I don't know much about internet, malware and anti-malware, that's true, but I'm not stupid either.
I'm still not satisfied and I'm waiting ... until the security industry invents a new kind of security software, instead of inventing a new scanner or a new HIPS or a new firewall, because that is re-inventing the wheel.

 

I disabled internet via Windows : Start / Control Panel / Network Connections.
I have two lines there :
1. 1394 connection, which is disabled in both snapshots. (I don't know what this is. LOL)
2. Local Area Connection, which is disabled in my off-line snapshot, not in my on-line snapshot of course.

I also dragged the second line to my desktop and that creates an icon. I only have to click that icon to enable or disable internet, otherwise I have to go to Network Connections each time, when I want to re-connect/disconnect, too many clicks and I'm lazy.
One of the members at Wilders taught me this long ago, not with so many words, but I only need hints or arrows.

It works, because any software with internet doesn't work anymore, like Firefox, MSIE, Thunderbird, ...

I also have another way to disconnect from internet : turning OFF the power supply of my router. I only have to stretch my hand and press a red button. My modem is connected to the wall and that was very inconvenient to turn the modem off. My router has no switch ON/OFF button, so I turn ON/OFF the power supply and that was alot easier.

 

Firewire can be used to make an ad-hoc network.

 

Thanks, another mystery solved.

 

Erik - I'm intrigued by all this turning on and off. If you have a snap shot built off line is it really necessary to turn off the Lan ? I appreciate that you might forget and click on Firefox or IE but unless you actually go on line from this snapshot and assuming you have a decent hardware firewall I don't see a realistic chance of contamination.

 

The difference between me and you and probably alot of other users, is that you trust your security softwares and I don't.

If I didn't turn off LAN, it wouldn't be an off-line snapshot.
You seem to think that I turn off/on my internet connection constantly, that's not true. I just made it possible to do it in a convenient way and as quick as possible, in case I need it.
Why would I change anything in my off-line snapshot, internet is already and always OFF, when I boot in it.

The only thing, I turn on is the locking of my data partition, when I start surfing and when I'm done I turn it off and I don't surf in my off-line snapshot, that's why I have an on-line snapshot.
I don't have MSIE, Firefox and Thunderbird in my off-line snapshot, because I don't need them and I can't use them.

If you don't understand how it works in practice, sorry for you, I do understand it and that's enough.

 

I don't use security sofware - not because I don't trust them but because I have found over an 11 year period that I personally don't need them.

This is the point that interests me. Couldn't care less about the turning on and off. what exactly do you thing would happen if the LAN was turned on ?
Unless you check your mail or go one line or surf , ie unless you communicate in some way how likely is anything nastie going to get onto your snapshot if you are behind a good hardware firewall ? You seem to be suggesting that merely having the Lan connected is enough to get infected ?

I understand what you are doing - I was simply curious to know why. Just because I don't do something the same way doesn't mean I have no interest in the ways other people operate. My own systems have worked find for over 11 years on line with no malware problems. Even though I have never locked my data partition nor seen then need for "off -line" snap shots I still have an interest. I'm sorry for you if your only concerns are about your own practices.

 

Wow! I thought I was paranoid.

 

A clever malware that bypasses my router and firewall, if I'm connected to the internet.
Possible or not ? How can I know if that is possible or not ? I'm not an expert in anything, I just made it impossible that this can ever happen, because I pulled the plug.
Eleven years ago, nobody expected a malware hidden in graphical files, rootkits didn't exist, etc.
The bad guys learned also alot during these 11 years and that means only one thing : better malware created by brilliant bad guys.
Stupid bad guys only provide the quantity of malware based on existing malware, but the clever ones provide the quality of malware and create NEW malware.

 

Hello,
This topic has become stale and boring. The discussion about data protection ends @ redundancy and/or encryption. Plugging the internet in and out w/ online/offline snapshots is a waste of time, particularly for some one who professes to download only "legitimate" files from "legitimate" companies. The only kind of user with the need for this type of protection is some one who plays with cracks and malware all the time, NOT, and again, I repeat, NOT some one who operates like ErikAlbert. A logical person would choose a simpler, and indeed more secure, approach as has been suggested by numerous posters in this thread. A protection scheme that involves online/offline snapshots is borderline psychotic-paranoid and misleading to newer users seeking a solution on this forum.

 

I'm surprised that Powershadow and PC Security behave on the same machine since Powershadow also shadows a data partition does it not? Say you had PC Security on locked and hidden and then turned on powershadow in full shadow mode, wouldn't it have a hard time finding D:? Or do you just only use single shadow mode with it?

 

lollll

 

You say your data partition is your whole second hard disk so then you can disable it in the bios or build a switch between the psu and the hd and flick it on and off. External drives come with a switch. Sata drives are hot swappable so you can access it later without rebooting. Is that overkill or what. Peace of mind. You can disable any drive by right clicking it in the device manager and click disable. Go into Disk Director and hide it.

You want a novel way do this.

MS have a command line tool for device manager called Devcon. You can disable and enable any device by a command.

http://www.robvanderwoude.com/devcon.html

"Ban cryptography ! Yes. Let's also ban pencils, pens and paper, since criminals can use them to draw plans of the joint they are casing or even, god forbid, create one time pads to pass uncrackable codes to each other. Ban open spaces since criminals could use them to converse with each other out of earshot of the police. Let's ban flags since they could be used to pass secret messages in semaphore. In fact let's just ban all forms of verbal and non-verbal communication — let's see those criminals make plans now !"

 

Hey...one man's paranoia is another man's diligence. Dwelling on Erik's "need for absolutes" is an obsession for some people. Security is a state of mind and since it doesn't get in the way of his productivity, he could not be considered paranoid or obsessive. Over-protective, maybe, but we don't know what he's protecting.

 

Don't let sensible data dwell on your disk instead of worrying day and night how to protect this,its that easy !!

 

The only secure method to disconnect from the LAN is pulling the network cable.

 

Yeah right, it doesn't need to be that perfect. Disconnecting LAN in Windows is good enough for me. Do you really think, that this worries me.
I'm alot more worried, when a scanner tells me I'm malware-free.

The results for my system partition are there and proven, that counts for me and locking my data partition during surfing only improved it.

 

Nope, I just wanted to let you know about this.
You should be aware of any loophole that might exist on your setup.

 

Thanks, I will reduce my 100% malware-free off-line snapshot with 0.001%.
This must worry alot of other users, now they know that turning off LAN, even doesn't help.

 

With PC Security i completely eliminated intrusion attempts at my data partition while On-Line, i could easily done that with a partition CD or went into a parallel partition and open up Paragon Hard Drive Manager to set the flag as "hidden", but PC Security does so much more and assists in my system security also.

With this welcome addition to the arsenal, confidence levels are well off the scale now plus it's one of the most quietly stable programs i have ever seen on the same level of a Power Shadow for me.