Son of Just An IDea rides again

Discussion in 'ten-forward' started by Checkout, Oct 2, 2002.

Thread Status:
Not open for further replies.
  1. Checkout

    Checkout Security Rhinoceros

    Joined:
    Feb 11, 2002
    Posts:
    1,226
    Anybody here capable of writing a utility which could make Windows switch Swap files at every boot? The idea is that the last used one could be securely erased and deleted.
     
  2. Primrose

    Primrose Registered Member

    Joined:
    Sep 21, 2002
    Posts:
    2,743
  3. Primrose

    Primrose Registered Member

    Joined:
    Sep 21, 2002
    Posts:
    2,743
    There are many ways to do it depending on your OS>I was thinking mostly of this Checkout..but do not remember what you are running for an OS.

    Regards,
    John


    http://www.vanish.org/wipeswap.htm
     
  4. FanJ

    FanJ Guest

    Hi Checkout,

    You're using IEClean. It cleans and resets the swapfile after reboot, so it's not completely clear to me what you're asking for.......
     
  5. FanJ

    FanJ Guest

    Copy from the IEClean Helpfile:

    [hr]

    Windows uses a "swapfile" as "virtual memory" on your hard disk to swap out programs and data when memory gets a bit thin and you want to start up another program. Many programs use the swapfile as temporary storage for data while shuffling things around in memory. A tremendous amount of sensitive data ends up in the swapfile and Microsoft provides no means to eliminate this stray data when it is no longer needed and thus it can remain behind in the swapfile for a very long time. A primary method of compromising a system by crackers is to get ahold of the swap file and download it since it contains passwords and abundant amounts of very sensitive information within it.

    On Windows95, 98 and ME the swapfile is called WIN386.SWP while on NT and Windows 2000 it is called PAGEFILE.SYS. Selecting this item causes IEClean to completely overwrite the swapfile and then zero out its contents. Since the file is completely inaccessible while Windows is running, it can only be cleaned and zeroed out while the system is being shut down in the case of Windows NT and Windows 2000 and at reboot on Win95 and Win98 machines.

    IMPORTANT WARNING TO WINDOWS ME USERS: Because Windows ME does not support NT file modes and also does not contain DOS at bootup, it is IMPOSSIBLE to clean the swap file on Windows ME boxes. We strongly advise people to not install Windows ME and if they already have it to discard Windows ME and replace it with either Windows98 or Windows 2000 which will allow this to be done. The release of IEClean was delayed several weeks while we tried to find a solution for Windows ME. There isn't any solution.

    IEClean is Copyright 1996-2001 by Privacy Software Corporation
     
  6. bubs

    bubs Registered Member

    Joined:
    Apr 28, 2002
    Posts:
    106
    Location:
    Suffolk, England
    Thanks for the link. Win2K has the same key as NT4 - so the hack suggested in the link should work on win2K, right?

    (Guess who's paranoid about editing their registry LOL) :oops:
     
  7. root

    root Registered Member

    Joined:
    Feb 19, 2002
    Posts:
    1,723
    Location:
    Missouri, USA
    Well Bubs, I just changed it. I'll let you know if my box blows up. :)
     
  8. bubs

    bubs Registered Member

    Joined:
    Apr 28, 2002
    Posts:
    106
    Location:
    Suffolk, England
    Looking for a 'BOOMMM!!!@' smiley..... :D Thanks
     
  9. Mr.Blaze

    Mr.Blaze The Newbie Welcome Wagon

    Joined:
    Feb 3, 2003
    Posts:
    2,842
    Location:
    on the sofa
    lol as useal im a total newb i dont get it whats the purpose of doing that lol=)

    im runing windows me=)
     
  10. Checkout

    Checkout Security Rhinoceros

    Joined:
    Feb 11, 2002
    Posts:
    1,226
    Ah...I have licensed IEClean, so it looks like my worries are over. To Blaze: the swap file will contain evidence of where you've been and what you've you've done on the Internet, so you've no worries here. :)
     
Thread Status:
Not open for further replies.