Guest User!

You are not Sophos Staff.

Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 27 replies
  • Subscribers 5 subscribers
  • Views 26275 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

SG Enterprise encryption - Bad Sectors survey

jb1111

Has anyone here encountered bad sectors on encrypted machines?  I had 2 computers run for 3-4 months, get bad sectors and start crashing or going to a Windows screen with no icons <-you can only power off at this point.  Attempting to fix the bad sectors does not help.  The only thing I've gotten to work is backup the files (assuming I can even get into the system) and destroy the hard disk with Dban or killdisk.  These low level format and, "Zero out" the drive.  Once this 6 hour process is done, I reload Windows.  Chkdsk no longer shows bad sectors and life is good.

Has anyone come up with another approach to bad sectors or other hard drive issues?  I am most concerned this will be a monthly occurance.  Perhaps I could get a utility to report when drives start getting bad sectors?

Thanks.

PS - my SG policy is set to, "Proceed on bad sectors = yes"

:4085


This thread was automatically locked due to age.
Parents
  • 0

    Not meaning to argue with the pros here - but maybe what MawfTech meant was this:

    1. Create a file on the partition to be encrypted; make sure the file is contiguous (NTFS should do this for you; if not, defragment and repeat).

    2. Set the file as immovable (possible on NTFS, and starting with Windows 7, also on FAT, AFAIK - see http://www.osronline.com/showthread.cfm?link=183894).

    3. Write through to that file, and make a note you don't want to encrypt this one (should be easy, it is your driver working there).

    4. Note the location of that file in sectors - regardless of the partition being encrypted or not, it is now sitting firmly on the hard disk.

    5. Rejoice! You just got rid of an ugly hack involving bad sectors. No more dangerous chkdsk switches, no more extra sector math.

    Risk? I say none special. If your user manages to mess with a file marked as hidden+system+immovable, to which only a special administrator account even has permissions, then good luck preventing him from doing pretty much anything else.

    Precautions? Just one I am aware of - don't use PageDefrag. Should be easy to remember, at least as easy as the thing with chkdsk (which is installed by default, unlike PageDefrag).

    So what do you say? Bad idea? Did I miss something? I believe GRUB2 uses similar technique (create a file and then access it as a sequence of sectors later on) if you tell it it doesn't deserve a partition - without any bad sectors involved. Not sure about the original GRUB, my brain got stuck on the concept of phase 1.5 - but my guess is no bad sectors there, either.

    Petr

    :4460
Reply
  • 0

    Not meaning to argue with the pros here - but maybe what MawfTech meant was this:

    1. Create a file on the partition to be encrypted; make sure the file is contiguous (NTFS should do this for you; if not, defragment and repeat).

    2. Set the file as immovable (possible on NTFS, and starting with Windows 7, also on FAT, AFAIK - see http://www.osronline.com/showthread.cfm?link=183894).

    3. Write through to that file, and make a note you don't want to encrypt this one (should be easy, it is your driver working there).

    4. Note the location of that file in sectors - regardless of the partition being encrypted or not, it is now sitting firmly on the hard disk.

    5. Rejoice! You just got rid of an ugly hack involving bad sectors. No more dangerous chkdsk switches, no more extra sector math.

    Risk? I say none special. If your user manages to mess with a file marked as hidden+system+immovable, to which only a special administrator account even has permissions, then good luck preventing him from doing pretty much anything else.

    Precautions? Just one I am aware of - don't use PageDefrag. Should be easy to remember, at least as easy as the thing with chkdsk (which is installed by default, unlike PageDefrag).

    So what do you say? Bad idea? Did I miss something? I believe GRUB2 uses similar technique (create a file and then access it as a sequence of sectors later on) if you tell it it doesn't deserve a partition - without any bad sectors involved. Not sure about the original GRUB, my brain got stuck on the concept of phase 1.5 - but my guess is no bad sectors there, either.

    Petr

    :4460
Children
No Data
Unfiltered HTML