________SWAT MAGAZINE ISSUE TWENTY THREE: NOVEMBER 1999_________ / \___________________________________________/ \ / Encryption boot disks \ / By -=The Firestarter=- \ ----------------------------------------------------------------------- One of the most disturbing thoughts that a hacker or phreaker can have is that of the police raiding there house at dawn, most of you out there will have all of your data securly encrypted enough to keep you from getting busted due to any data that you may have stored on your computer, but what if something slips past? that few kb's of text data could be the only excuse they need to put you away. Well since i can't say much for Linux (i'm still experimenting with Linux encryption proggys), i have made myself an "Encryption boot disk", a disk that uses two encryption algorithms (i use Blowfish and GOST) to cipher ALL data on the target hard drive(s) as well as wiping the data once it's compleated. Very handy indeed, you can also add a few opotions to it in order to make it more secure etc, perhaps you might want a disk that not only encypts the hard drive, but also wipes all data from it? But all that's up to you, here's the basics of creating an "Encryption Boot disk" for Windows9x, it has many advantages, for instance it doesn't take that long to cipher all of the data on the hard drive and a single modification to the code will ensure that data can be safely recovered just as fast! Right what do you need for such a helpful disk? Simply acquire the following programs: Blowfish Advanced 7 for DOS 1 blank disk Yep that's it, format the disk and select the "copy system files" option, this will make the disk into a boot disk. Now, create a file on the disk called Autoexec.bat and enter a line or two like this: bfa e /r c:\*.* /a13 /c /j /h /l /o7 bfa e /r d:\*.* /a13 /c /j /h /l /o7 save it, now copy bfa.exe and bfa.ini to the disk and your ready to go! Ok now to explain a little about it all, ok the command bfa will simply run Blowfish Advanced 7, normally this will boot to a GUI in dos mode. all very pretty, but not practicle at all. The other commands after the bfa command will do a number of things for you, i'll explain them! e - This tells BFA to encrypt data, using d will tell it to decrypt data! /r - This will make Blowfish advanced recurse directories so that it can go from the root directory all the way throught the whole hard drive! C:\*.* - Specify the files and drive that you want to encrypt, since or - we used the recurse directories option, you will want it to D:\*.* - start at the root directory, unless of course you only want it to encrypt certain files or maybe only one or two strings of directories. /a13 - This is one of the most important things to add, it tells BFA what algorithms to use and in what order to use them, you can use a maximum of two, which i recommend. The algorithms that are supported are: 1 : Blowfish 2 : Blowfish with 32 rounds 3 : GOST 4 : TDES (fast TripleDES variant) 5 : Cobra-(16,64) I'm not going to go into everything about them all, Blowfish is very fast as well as secure, Blowfish with 32 rounds is about half the speed of blowfish, while being more secure. GOST is marginally slower that Blowfish, it also very secure (was used by the Russian Government a while ago) TDES is very secure, although it's the slowest of the lot, use it if you know that you have a lot of spare time on your hands. Cobra comes in second for speed, only just sower than Blowfish, it is also very secure. Ok so me giving speeds for all of them and saying that they are secure might mean fuck all to most of you, basically if it's fast to encrypt, it'll be fast to decrypt. Read the blowfish manual for more details on the algorithms. Oh yeah remember what numbers you picked and in what order, if you used /a13 then you can't decrypt with /a31 or /a1 then /a3 you need to decrypt with /a13! /c - Enable data compression although this might save on disk space it will slow the process down, it's use is optional, i wouldn't recommend it for most cases. /j - Turns off any sound (pointless really) /h - Enables the renaming of encrypted files using random characters. I mean are the police going to want to decrypt Pentagonhack.txt or hG8Hfiy5GFH.G67 first? i recommend that you use this option. /l - Turns off the display info off, reduces information that is displayed. /o7 - Enables data wiping, the number that is after /o will be the ammount of times that the data is overwritten, this option does slow down the procedure a bit, but it's pointess if you encrypt everything only to have an undelete program regain all of the information you tried to hide. using /o1 will be a fast way to cover your tracks, but it's the least secure, /o99 will ensure that nothing on earth can get the data that was deleted but it will take an ice age to finish encrypting a few gigs. /o7 is the recommended (by the DoD), depending on how much time you actually have and how big your hard drive is will depend on how many times you will want your data overwritten. If you are using additional programs to wipe free space on the hard drive, you might only want to use /o2 or something similar. Of course once you boot your computer using the disk, you will be prompted for two passwords, read Unknown Guests article on choosing a good password in last months issue of SWAT Magazine for information on choosing a password, unfortunatly the shareware version of BFA will only allow a password of 5 characters or less, kinda insecure, but it's better than nothing! Additional lines to add to the autoexec.bat file. ------------------------------------------------- Ok so if you only have one Hard drive then you aren't needed to stick around to enter the passwords for another hard drive encryption run (you need to enter the passwords for each bfa command that is run, i.e if you only have: bfa e /r c:\*.* /a13 /c /j /h /l /o7 you only need to enter two passwords, if however you have: bfa e /r c:\*.* /a13 /c /j /h /l /o7 bfa e /r d:\*.* /a13 /c /j /h /l /o7 then you will need to enter the password for the first line, then when the C drive is encrypted you will need to enter it for the D drive as well. So anyway, you might want to run the disk and then leave the area while the programs do there work. So by popping the program format.exe onto the disk, you can add these lines to the batch file: copy a:\format.exe c:\ c: cd \ format /autotest /u a: echo : a >kill.bat echo md a >>kill.bat echo cd a >>kill.bat echo goto a >>kill.bat kill.bat this will format the disk in A drive (i.e the floppy) then create hundreds of directories on the disk to make recovery very difficult indeed. This only really covers the stuff on the disk, but hey, you might as well. You can also add lines like: c: echo :b >>c:\fill.bat echo echo bbb >>a:\b >>c:\fill.bat echo goto b >>fill.bat del a:\*.* copy a:\format.exe c:\ format /autotest a: c:\fill.bat this will format the hard drive then fill it full of data, kinda crappy way of doing it, but it does offer another method of covering your tracks. You can also add "killer batch file" lines to the autoexec.bat file if you want to remove all of the data on your hard drive, of course they will need to be modified so that they run files from the floppy drive and not getting them from the C drive. Additional stuff to add ----------------------- If you can get your hands on a dos based "free space wiper" then by all means add it to the disk and use that as well, you can then increase the speed of the encryption boot disk by only using /o1 instead of /o7 and it can also be used when removing data from the floppy disk. At the moment in time i am writing a program to wipe all of the free space on the hard drive. It will either be written in QBasic or Pascal, i'll let you all know when it's compleated! I hope that this article will come in handy for all of you!