Help: creating a USB boot security thing

[rabster1]

I want to boot windows XP on a hard disk from USB device and disable booting from the hard disk.

The goal is that The PC must only boot when the USB stick is plugged in. Ideally the USB device will not have any files on it and be formatted as a ntfs drive.

My initial thoughts were that this will be fairly simple. Just copy the bootsector from the hard disk to the USB device and clear the boot sector on the hard disk?

Set bios to boot from USB disk.

But reading further into the whole bootsect/mbr/usb thing I'm now quite confused

Will the above or similar work?

Will booting from the usb stick screw the drive letter assignments?

Any comments or ideas?

PS: I'm new here, great resource, hope I can contribute in the future.

thanks.

[jaclaz]

Unfortunately, at the moment it is NOT possible (at least not with Public Domain/ Freeware/Open Source tools).

But it is possible with:

DOS/WIN9x/ME

BartPE

WinPE

Linux

Please read these:

http://www.msfn.org/board/index.php?showtopic=40538

http://www.msfn.org/board/index.php?showtopic=26612

http://www.msfn.org/board/index.php?showtopic=44352

http://www.msfn.org/board/index.php?showtopic=31465

http://www.msfn.org/board/index.php?showtopic=46943

Yes, LOOOOONG read!

jaclaz

[rabster1]

Are you sure?

I'm not trying to install xp onto the USB stick. Just have the USB stick boot the operating system from the Hard drive. Flashboot can do it, but it costs $20.

[rabster1]

Done!

Had a lot of trouble formatting the stick so that it would boot. In the end the HP USB disk storage format tool did the trick. After that it was as simple as going to the xp recovery console and running fixboot on the usb stick. Then Copying ntdetect.exe, ntldr and boot.ini to the device.

My boot.ini was edited to read:

[boot loader]

timeout=-1

default=multi(0)disk(0)rdisk(1)partition(1)\WINDOWS

[operating systems]

multi(0)disk(0)rdisk(1)partition(1)\WINDOWS="windows" /noexecute=optin /fastdetect

note the rdisk(1) to select the correct disk to boot.

My only concerns are that ranish partition manager now says the disks partition has invalid values. Anyone know why? But everything now works as I wanted so I'm not too concerned...

[jaclaz]

Sorry, I did not get it in your first post, my bad.

However you are lucky if your BIOS can read an NTFS formatted stick.

If you are interested, read my tutorial here:

http://home.graffiti.net/jaclaz:graffiti.n...B/USBstick.html

You could find out what is the problem in the Partitioning.

Jaclaz

[rabster1]

Your tutorial is very interesting, thanks for making it available. You might want too change "16 Kb, 32 Kb, 64 Kb, (elder models) to 128 Kb, 256 Kb, 512 Kb (common models)" to read Mb though?

Have not tried ntfs as much of what I read, as you suggested, said it probably would not work.

[jaclaz]

You might want too change "16 Kb, 32 Kb, 64 Kb, (elder models) to 128 Kb, 256 Kb, 512 Kb (common models)" to read Mb though?

Yes, I'll do it next release, thanks.

Out of topic, but not much, have you seen this kind of things, (can be handy for security AFTER booting):

http://www.usbgeek.com/prod_detail.php?prod_id=0022

(but it can be found cheaper elsewhere)

http://www.newegg.com/Product/Product.asp?...-702-001&depa=0

This guy has written "alternative" drivers for it:

http://blogs.patchadvisor.com/bryan/archiv...01/27/1066.aspx

as the built -in ones seem "flaky":

http://www.f-secure.com/weblog/archives/ar...4.html#00000316

jaclaz