[PLUG] It was going so well...

Benjamin Watson bwatson1979 at gmail.com
Wed May 23 05:02:19 UTC 2007 

If you're managing a plethora of machines, you may want to think about
disk (re)imaging software such as Deep Freeze.

I know the network admins here at school love it, because it keeps all
of the public and laboratory computers very clean.  Essentially, the
computers reboot each night and the hard drive image is restored back
to the state it was previously.  You can create different images to
suite different needs.

The only drawback here is that the user's data is wiped each day, so
they'd need to have some network and/or removable storage.

Ben

On 5/22/07, m0gely <m0gely at telestream.com> wrote:
> Ed Sawicki wrote:
>
> > For the past few years I've been fortunate not
> > to have to support Windows desktops. Now that
> > may be changing a bit. I need to be able to
> > disinfect a Windows box without having to spend
> > any significant amount of time keeping up with
> > the goings on in the Windows insecurity world.
>
> This is impossible.  This is where the meat of all the issues you hear
> about happen.  You're going to get to know Windows better than most
> people if you care about the quality of your work in doing this.  As
> others have mentioned, BartPE with an AV plugin is your best bet for
> offline virus cleaning.  You'll want to spend some time adding in many
> network card drivers though so any system you put the disc in will have
> net access to update the virus def's.
>
> Unfortunately ad|spy|malware mostly needs to be done while the syste, is
> live.  There is a Spybot plugin for Bart, but that class of software can
> be more cancerous to a system than a virus causing damage on multiple
> levels.
>
> It might take you a couple days to learn BartPE and put together a good
> disk that you like, but oh the time it will save in the long run...
>
> > What should I buy?
>
> ERD from Sysinternals (now part of MS).  Their tools are invaluable.
>
> If you're able too, suggest that people use Firefox instead of IE.  I
> keep it and the Flash, shockwave and Java plugins on a thumb drive so
> they have the essential features they expect.  Then I run Spyware
> Blaster on the machine which does some preventative measures in IE and
> FF so malware doesn't get in there to begin with.  I like it because it
> doesn't run in the background and eat resources.  Really, that keeps
> people out of trouble for the most part.
>
> --
> - m0gely
> _______________________________________________
> PLUG mailing list
> PLUG at lists.pdxlinux.org
> http://lists.pdxlinux.org/mailman/listinfo/plug
>

More information about the PLUG mailing list