Secret Sector Backdoor / Security Breach



Hello everyone,

Recently I've realized that Windows XP Pro (SP1) secretly writes data
to hard-disk sector(s) that were beyond its
installation-partition boundaries; at that time I used a
basic Windows XP installation on a 3-GB partition,
and the rest of the harddisk was unformatted, for all Windows cared.

I should also mention that my WinXP partition is formatted on FAT32,
but I am capable of accessing NTFS partitions, if need be, using
NTFS4DOS, (which I didn't).

Obviously I was only able to have discovered that with
an MSDOS-run Disk Editor capable of accessing all 160 million
sectors of my 80GB hard disk, and making a text-based datafile
containing sector numbers (Cyl., Head, Sector + Index),
that was runnable under pure MSDOS mode avaiable by booting
from a BootCD / BootDVD.

I wasn't quite sure what the nature of that data was,
and whether or not it was a copy of the swapfile
(e.g., PageFile.SYS), or some other data off RAM,
or maybe password(s) or other sensitive data
that I may have been working on prior to re-booting
from my BootDVD.

So my questions are:

1. Would anybody be familiar with that sector-writing stuff?
2. If so, what is the nature of the data written?
3. Would password(s) typed at MSDOS-based program(s), run within
Dos-Box windows, be secretly saved there too?
4. How Am I do prevent that from happening?
5. How Am I to erase such data?

Thanks much,
SCU

.



Relevant Pages

  • Re: bootsect.bak
    ... of Windows, so this answer may not be correct for all versions. ... This first sector on each ... HDD is the MBR - the Master Boot Record. ... there is just enough room to hold the 64-byte Partition Table plus ...
    (microsoft.public.windows.vista.general)
  • Re: DU Cant Reinitialize/Reformat External Drive-Update & Question
    ... , to reformat the drive for Windows on a Windows machine, ... partition, click the Options button, select one of the Mac-specific ... Master Boot Record uses the first sector on the drive, ... Did you tell Windows to erase every sector on the drive? ...
    (comp.sys.mac.system)
  • Secret Sector Backdoor / Security Breach
    ... Recently I've realized that Windows XP Pro secretly writes data ... I should also mention that my WinXP partition is formatted on FAT32, ... containing sector numbers, ...
    (microsoft.public.windows.server.general)
  • Secret Sector Backdoor / Security Breach
    ... Recently I've realized that Windows XP Pro secretly writes data ... I should also mention that my WinXP partition is formatted on FAT32, ... containing sector numbers, ...
    (alt.computer.security)
  • Secret Sector Backdoor / Security Breach
    ... Recently I've realized that Windows XP Pro secretly writes data ... I should also mention that my WinXP partition is formatted on FAT32, ... containing sector numbers, ...
    (microsoft.public.windowsxp.security_admin)