Index for category y - security
Table of Contents by Order
130800DLF0 - INT 13 - SecureDrive - INSTALLATION CHECK
16FFA3BX0000 - INT 16 U - PC Tools v7-8 DATAMON, v9+ DPROTECT - INSTALLATION CHECK
16FFA3BX0001 - INT 16 U - PC Tools v7-8 DATAMON, v9+ DPROTECT - GET ???
16FFA3BX0002 - INT 16 U - PC Tools v7-8 DATAMON, v9+ DPROTECT - GET ???
16FFA3BX0003 - INT 16 U - PC Tools v7-8 DATAMON, v9+ DPROTECT - GET ???
16FFA3BX0004 - INT 16 U - PC Tools v7+ DATAMON - SET ??? FLAG
16FFA3BX0005 - INT 16 U - PC Tools v7+ DATAMON - CLEAR ??? FLAG
16FFA3BX0006 - INT 16 U - PC Tools v7+ DATAMON - SET PSP SEGMENT ???
213F - INT 21 - Trusted Access - NB.SYS - GET STATE
2140 - INT 21 U - Trusted Access - NB.SYS - SET STATE
214101DXFFFE - INT 21 - SoftLogic Data Guardian - ???
214402 - INT 21 U - PC Tools 9 CPRLOW.EXE - GET CODE AND DATA ADDRESSES
21440DCXEDC1 - INT 21 - DR PalmDOS - GENERIC IOCTL - LOGIN SECURITY
2F1020 - INT 2F CU - Novell DOS 7+ FDOS EXTENSIONS - CREATE PASSWORD ENTRY
2F1021 - INT 2F CU - Novell DOS 7+ FDOS EXTENSIONS - CHANGE PASSWORD ENTRY
2F1022 - INT 2F CU - Novell DOS 7+ FDOS EXTENSIONS - CHECK PASSWORD ENTRY
2FE200 - INT 2F - SecureDevice - LOGIN TO DRIVE
2FE201 - INT 2F - SecureDevice - GET INFORMATION
2FE203 - INT 2F - SecureDevice - DESTROY PASSWORD (LOGOUT FROM DRIVE)
2FE209DX0000 - INT 2F - SecureDevice - INSTALLATION CHECK
2FEE00 - INT 2F - GRIDLOC.EXE - INSTALLATION CHECK
326E - INT 32 - NOISE.SYS 0.53 - API
326E00 - INT 32 - NOISE.SYS v0.53+ - INSTALLATION CHECK
326E01 - INT 32 - NOISE.SYS v0.53+ - GET ENTRY POINT
326E10 - INT 32 - NOISE.SYS v0.53+ - STATUS CHECK
326E11 - INT 32 - NOISE.SYS v0.53+ - GET ENTROPY ESTIMATE
326E12 - INT 32 - NOISE.SYS v0.53+ - ADD SAMPLE FROM FAST TIMER
326E13 - INT 32 - NOISE.SYS v0.53+ - ADD 16-BIT SAMPLE TO RANDOM POOL
326E14 - INT 32 - NOISE.SYS v0.53+ - GET FLAGS
326E15 - INT 32 - NOISE.SYS v0.53+ - SET FLAGS
326E16 - INT 32 - NOISE.SYS v0.53+ - READ URANDOM BYTES
326E17 - INT 32 - NOISE.SYS v0.53+ - READ RANDOM BYTES
B6 - INT B6 - (NOT A VECTOR!) - USED BY TBFENCE
B7 - INT B7 - TBFENCE - ???
INT 13 - SecureDrive - INSTALLATION CHECK AX = 08000h DL = F0h Return: AX = EDCBh for version 1.0-1.2 AX = EDCCh for version 1.3 CX = code segment DX = data address within code segment Program: SecureDrive by Mike Ingle <mikeingle@delphi.com> allows you to create an encrypted partition on your harddisk.Top
INT 16 U - PC Tools v7-8 DATAMON, v9+ DPROTECT - INSTALLATION CHECK AX = FFA3h BX = 0000h CX = 0000h Return: AX = segment of resident code BX = 5555h CX = 5555h Note: also supported by DOS 6 UNDELETE which is licensed from PC Tools SeeAlso: INT 21/AH=3Fh"NB.SYS",INT 21/AX=4101h,INT 2F/AX=6284hTop
INT 16 U - PC Tools v7-8 DATAMON, v9+ DPROTECT - GET ??? AX = FFA3h BX = 0001h CX = 0001h Return: AX:BX -> ??? CX = BXTop
INT 16 U - PC Tools v7-8 DATAMON, v9+ DPROTECT - GET ??? AX = FFA3h BX = 0002h CX = 0002h Return: AX = ??? (0 or 1) CX = BX = AXTop
INT 16 U - PC Tools v7-8 DATAMON, v9+ DPROTECT - GET ??? AX = FFA3h BX = 0003h CX = 0003h Return: AX = ??? (0 or 1) CX = BX = AXTop
INT 16 U - PC Tools v7+ DATAMON - SET ??? FLAG AX = FFA3h BX = 0004h CX = 0004h SeeAlso: AX=FFA3h/BX=0005hTop
INT 16 U - PC Tools v7+ DATAMON - CLEAR ??? FLAG AX = FFA3h BX = 0005h CX = 0005h SeeAlso: AX=FFA3h/BX=0004hTop
INT 16 U - PC Tools v7+ DATAMON - SET PSP SEGMENT ??? AX = FFA3h BX = 0006h CX = 0006h DX = current PSP segment as known to DOS??? or 0000hTop
INT 21 - Trusted Access - NB.SYS - GET STATE AH = 3Fh BX = file handle for device "$$NB$$NB" CX = 0002h (size of state) DS:DX -> buffer for state record (see #01414) Return: CF clear if successful AX = number of bytes actually read (0 if at EOF before call) CF set on error AX = error code (05h,06h) (see #01680 at AH=59h/BX=0000h) Program: Trusted Access is a security and access-control package by Lassen Software, Inc.; NB.SYS is a device driver to prevent the user from terminating CONFIG.SYS or AUTOEXEC.BAT with Ctrl-Break SeeAlso: AH=40h"NB.SYS",AX=4101h Format of Trusted Access state record: Offset Size Description (Table 01414) 00h BYTE 00h off, 01h on 01h BYTE keys being disabled bit 0: Ctrl-Break bit 1: SysReq bit 2: Ctrl and Alt bit 3: Ctrl-Alt-Del bit 7: all keys (overrides other bits)Top
INT 21 U - Trusted Access - NB.SYS - SET STATE AH = 40h BX = handle for character device "$$NB$$NB" DS:DX -> state record (see #01414) CX ignored Return: CF clear if successful AX = number of bytes actually written CF set on error AX = error code (05h,06h) (see #01680 at AH=59h/BX=0000h) Program: Trusted Access is a security and access-control package by Lassen Software, Inc.; NB.SYS is a device driver to prevent the user from terminating CONFIG.SYS or AUTOEXEC.BAT with Ctrl-Break SeeAlso: AH=3Fh"NB.SYS"Top
INT 21 - SoftLogic Data Guardian - ??? AX = 4101h DX = FFFEh Return: AX = 0000h if installed Note: resident code sets several internal variables on this call SeeAlso: AH=3Fh"NB.SYS",INT 16/AX=FFA3h/BX=0000hTop
INT 21 U - PC Tools 9 CPRLOW.EXE - GET CODE AND DATA ADDRESSES AX = 4402h BX = file handle referencing device "RECLOWLD" DS:DX -> buffer for address list (see #01505) CX ignored Return: CF clear if successful buffer filled CF set on error AX = error code (01h,05h,06h,0Dh) (see #01680 at AH=59h/BX=0000h) Format of CPRLOW address list: Offset Size Description (Table 01505) 00h WORD segment of CPRLOW code 02h WORD offset in code segment of ??? entry point (switches into protected mode) 04h WORD offset in code segment of jump array (see #01506) 06h WORD segment of copy of interrupt vector table at CPRLOW load time Note: neither the entry point nor the jump array is valid until after a CPR /LOAD, because CPR.EXE installs the code into CPRLOW at runtime. Format of CPRLOW jump array: Offset Size Description (Table 01506) 00h 3 BYTEs initialize CPRLOW interrupt hooks 03h 3 BYTEs reset timers and enable CPR (hotkey enable) 06h 3 BYTEs disable CPR (hotkey disable) 09h 3 BYTEs clear ??? flag, hotkey disable, and ??? 0Ch 3 BYTEs initialize delay loop counter (destroys AX,BX,CX,DX) 0Fh 3 BYTEs disable CPR completely (commandline /DISABLE) 12h 3 BYTEs enable ??? if CPR enabled by both cmdline and hotkey 15h 3 BYTEs enable CPR (commandline /ENABLE)Top
INT 21 - DR PalmDOS - GENERIC IOCTL - LOGIN SECURITY AX = 440Dh CX = EDC1h (category code EDh, minor code C1h) BL = boot drive number (01h=A:,02h=B:,etc) Return: AL = 0 if already logged in AL <> 0 if system is still secured (not logged in) ES:DI -> ??? Notes: This function is called by DR PalmDOS IBMBIO.COM after CONFIG.SYS processing has finished and it has launched the LOGIN.SYS utility (if this is not in the root of the boot drive, the undocumented CONFIG.SYS LOGIN directive can be used to change the path and the moment when the login prompt will be displayed). If security is active and the user has still not logged in, IBMBIO.COM will display an error message and halt the system.Top
INT 2F CU - Novell DOS 7+ FDOS EXTENSIONS - CREATE PASSWORD ENTRY AX = 1020h ??? Return: ??? Notes: This private function is called internally by the OS kernel to an optional SECURITY TSR. By using the INT 2F/AX=1001h FDOS hook, it can be intercepted by external system components such as Multiuser SECURITY, bundled with DR DOS "Panther" Beta 1. This function must under no circumstances be called by applications! SeeAlso: INT 2F/AX=1001h,AX=1021h,AX=1022h,AX=10FEhTop
INT 2F CU - Novell DOS 7+ FDOS EXTENSIONS - CHANGE PASSWORD ENTRY AX = 1021h CL > 05h ??? BX -> matching directory entry??? AL = directory attributes??? Return: ??? CF set on error (password change not allowed) Notes: This private function is called internally by the OS kernel to an optional SECURITY TSR. By using the INT 2F/AX=1001h FDOS hook, it can be intercepted by external system components such as Multiuser SECURITY, bundled with DR DOS "Panther" Beta 1. This function must under no circumstances be called by applications! SeeAlso: INT 2F/AX=1001h,AX=1020h,AX=1022h,AX=10FEhTop
INT 2F CU - Novell DOS 7+ FDOS EXTENSIONS - CHECK PASSWORD ENTRY AX = 1022h ??? Return: ??? Notes: This private function is called internally by the OS kernel to an optional SECURITY TSR. By using the INT 2F/AX=1001h FDOS hook, it can be intercepted by external system components such as Multiuser SECURITY, bundled with DR DOS "Panther" Beta 1. This function must under no circumstances be called by applications! SeeAlso: INT 2F/AX=1001h,AX=1020h,AX=1021h,AX=10FEhTop
INT 2F - SecureDevice - LOGIN TO DRIVE AX = E200h DL = drive number (0 = A:) DS:SI -> 104-byte key Return: AL = status 00h unable to determine key's validity 01h key is valid FFh key is invalid Program: SecureDevice is a copylefted device driver by Max Loewenthal and Arthur Helwig which turns one or more disk files into encrypted logical drives SeeAlso: AX=E201h,AX=E203h,AX=E209hTop
INT 2F - SecureDevice - GET INFORMATION AX = E201h DX = driver index (0000h = first loaded) Return: AL = number of volumes handled by driver DL = drive number of first volume (00h = A:) SeeAlso: AX=E200h,AX=E203h,AX=E209hTop
INT 2F - SecureDevice - DESTROY PASSWORD (LOGOUT FROM DRIVE) AX = E203h DL = drive number (00h = A:) or FFh for all drives Return: nothing SeeAlso: AX=E200h,AX=E209hTop
INT 2F - SecureDevice - INSTALLATION CHECK AX = E209h DX = 0000h Return: AX = 1DEAh if installed DX = number of drivers installedTop
INT 2F - GRIDLOC.EXE - INSTALLATION CHECK AX = EE00h Return: AL = FFh if installed Program: GRIDLOC is a PC security program by Intelligent Security Systems, Inc. SeeAlso: INT 21/AH=40h"NB.SYS"Top
INT 32 - NOISE.SYS 0.53 - API AH = 6Eh (function ID) AL = subfunction (see INT 32/AX=6E00h) Return: CF set on error AL = error code (see #03166) CF clear if successful Notes: INT 32 is only a proposed interface for NOISE.SYS. Use the IOCTL READ from the RANDOM device to determine the interrupt and function ID used by the driver, since future versions may use the Alternate Multiplex Interrupt (AMIS) at INT 2Dh. the beta v0.51 had a substantially different API on INT 32/AH=6Eh (Table 03166) Values for NOISE.SYS error codes: 00h subfunction not supported FBh random pool is empty FCh quality of sample is too low FDh too many processes using the API or driver FEh subfunction is disabled in the current build FFh successfulTop
INT 32 - NOISE.SYS v0.53+ - INSTALLATION CHECK AX = 6E00h Return: AL = installation status 00h not installed FFh installed CX = version (ie, 0123h = Version 1.2.3) DX:DI -> signature stringTop
INT 32 - NOISE.SYS v0.53+ - GET ENTRY POINT AX = 6E01h Return: AL = FFh DX:DI -> far call hookTop
INT 32 - NOISE.SYS v0.53+ - STATUS CHECK AX = 6E10h Return: CF set on error AL = error code (FDh) (see #03166) CF clear if successful AL = status FFh successful BH = number of processes using the API CX = number of random bytes waiting DX = maximum possible bytes waiting (if CX=DX, the pool is full) Note: this subfunction is a convenient way to check the driver if any fresh bytes are waiting in the output pool. SeeAlso: INT 32/AH=6Eh,AX=6E00h,AX=6E11hTop
INT 32 - NOISE.SYS v0.53+ - GET ENTROPY ESTIMATE AX = 6E11h Return: CF set on error AL = error code (00h,FDh,FEh) (see #03166) CF clear if successful EBX = estimated bit count (refer to note below) CL = FRACBITS (number of fractional bits) EDX = low 32-bits of total number of samples added Note: the estimated number of fresh random bits is equal to (EAX >> FRACBITS) + ((EAX & ((1 << FRACBITS)-1) / (1 << FRACBITS)) SeeAlso: AH=6Eh,AX=6E00hTop
INT 32 - NOISE.SYS v0.53+ - ADD SAMPLE FROM FAST TIMER AX = 6E12h Return: CF set on error AL = error code (FCh,FDh,FEh) (see #03166) CF clear if successful CX = number of random bytes waiting Note: subfunctions 12h and 13h are meant for applications or devices which are able to gather entropy from other sources which are not polled by NOISE.SYS (for example, a communications driver could use this call to sample packet arrival times). SeeAlso: AX=6E00h,AX=6E10h,AX=6E13hTop
INT 32 - NOISE.SYS v0.53+ - ADD 16-BIT SAMPLE TO RANDOM POOL AX = 6E13h DX = sample Return: CF set on error AL = error code (FCh,FEh) (see #03166) CF clear if successful CX = number of random bytes waiting SeeAlso: AX=6E00h,AX=6E11hTop
INT 32 - NOISE.SYS v0.53+ - GET FLAGS AX = 6E14h Return: BX = flags (see #03167) CX = mask of settable flags in BX SeeAlso: AX=6E00h,AX=6E15h Bitfields for NOISE.SYS flags: Bit(s) Description (Table 03167) 0 MS Windows active 1-5 reserved 6 clock drift sampling 7 video retrace drift sampling 8 network access sampling (not implemented yet in 0.53) 9 CD-ROM access sampling (not implemented yet in 0.53) 10 DOS spinner 11 DOS process start/end and miscellaneous process activity sampling 12 mouse movement/button sampling 13 disk sampling (INT 13) 14 keystroke timings 15 reserved for hardware RNGTop
INT 32 - NOISE.SYS v0.53+ - SET FLAGS AX = 6E15h BX = flags (see #03167) Return: BX = new flags Note: flags which AX=6E14h indicates are not settable should be masked off by ANDing with the CX returned by AX=6E14h SeeAlso: AX=6E00h,AX=6E14hTop
INT 32 - NOISE.SYS v0.53+ - READ URANDOM BYTES AX = 6E16h CX = number of bytes ES:DI -> buffer Return: CF set on error AL = error code (FDh,FEh) (see #03166) CF clear if successful CX = number of random bytes read SeeAlso: AX=6E00h,AX=6E12h,AX=6E17hTop
INT 32 - NOISE.SYS v0.53+ - READ RANDOM BYTES AX = 6E17h CX = number of bytes ES:DI -> buffer Return: CF set on error AL = error code (FBh,FDh,FEh) (see #03166) CF clear if successful CX = number of random bytes read SeeAlso: AX=6E00h,AX=6E16hTop
INT B6 - (NOT A VECTOR!) - USED BY TBFENCE Program: TBFence is a security program by ESaSS B.V. which transparently encrypts floppies and optionally allows only encrypted diskettes to be accessed Note: the low word of this vector (0000h:02D8h) contains the segment of the TBFence INT 13h code, which starts with the signature word E487h; this forms the installation check the highest byte of this vector contains the start of a FAR JMP instruction to ??? SeeAlso: INT B7"TBFENCE" Index: installation check;TBFenceTop
INT B7 - TBFENCE - ??? SeeAlso: INT B6"TBFENCE"Top