Full Disclosure mailing list archives

Previous By Date Next
Previous By Thread Next

RE: Imaging Operating Systems

From: Chmielarski TOM-ATC090 <Tom.Chmielarski () motorola com>
Date: Thu, 27 May 2004 09:22:28 -0500
VMWare is a great way to go. You get a quarantined "guest" OS that you can restore by simply replacing a file. You can 
also take a "snapshot" of the OS and then just revert to that snapshot anytime you like. You can also set up a private 
LAN that is isolated to your test computer for multiple guest Oses - lets you watch how the applications want to 
communicate.

Baseline system -> Snapshot -> Do Bad Thing -> Rebaseline -> Revert to snapshot and Compare baselines -> Repeat as 
needed

- Tom Chmielarski



-----Original Message-----
From: full-disclosure-admin () lists netsys com [mailto:full-disclosure-admin () lists netsys com] On Behalf Of James 
Riden
Sent: Wednesday, May 26, 2004 4:24 PM
To: mbs () mistrealm com
Cc: Full-Disclosure
Subject: Re: [Full-disclosure] Imaging Operating Systems


Michael Schaefer <mbs () mistrealm com> writes:


Hi all

We are building a Windows test system, to try out tool bars, spy ware, 
malware and trojans on.

Once we learn what we need to know, we obviously want to get rid of 
the junk quickly and cleanly.

I keep hearing suggestions about having a "clean image" to transfer 
onto the computer.

Can anyone send some details?


Ghost or Altiris can do this for you.

-- 
James Riden / j.riden () massey ac nz / Systems Security Engineer Information Technology Services, Massey University, 
NZ. GPG public key available at: http://www.massey.ac.nz/~jriden/

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
Previous By Date Next
Previous By Thread Next

Current thread: