Comprehesive security guide

Discussion in 'other security issues & news' started by Mrkvonic, Sep 28, 2005.

Thread Status:
Not open for further replies.
  1. Mrkvonic

    Mrkvonic Linux Systems Expert

    Joined:
    May 9, 2005
    Posts:
    8,695
    Hello,

    I decided to add some more information in the guide I have written.

    The original thread can be found here:

    https://www.wilderssecurity.com/showthread.php?t=88785

    Your suggestions, tips and corrections would be welcome.

    This is the addition:





    Computer Resurrection – Part 2


    Disclaimer

    ************************************************************************

    This document is a recommendation only. I give no warranty for your actions. You will not hold me responsible for any inconvenience, incompatibility, damage, or lack of satisfaction that you experience by undertaking any or all of the steps mentioned in this document. Although I have a positive personal experience with everything I’ve written here, I cannot guarantee the same results for you, whether due to inadvertent actions, hardware or software issues.

    The entire contents here are written in my own words. This document is based on my own knowledge and experience. Of course, it is built on the knowledge and experience I have gained from other people.

    This document does not breach the copyrights of, or advertise any vendor or website mentioned here. No parts of text have been copied off other sites or from other documents. I do not have and will not have any profit from writing this document.

    I believe this documents holds no false data or misconceptions. However I am only human and mistakkes are possible. You are welcome to add suggestions and corrections.

    All web links I post here are, in the best of my knowledge and belief, linked to reputable software. However, I hold no responsibility whatsoever for any download you make on the net.


    ************************************************************************

    End of disclaimer

    A. Introduction

    In the first part of this document, I wrote about how to properly format and install Windows XP operating system. In this part, I will elaborate on some more tweaking and extra security for those who want to take the control of their machine one step further.

    Please refer to the original document for more information.

    B. Preparations

    Back up your data. Save your personal files. To burn CDs or DVDs, you will need a burner and appropriate software. You can use the Windows internal burner, if you lack third-party software.

    C. Creating a bootable Live Windows CD

    In the last chapter, I discussed the installation of Windows XP + SP2. Now, I will explain how non-SP2 Windows XP installations can be converted into a fully integrated SP2 installation (this is called slipstreaming) and how you can create your own bootable Windows CD.

    C1. Slipstreaming your Windows XP

    You will need your original Windows XP CD.
    You will need the SP2 (you can find the download link in the first part of this document).
    You will need ISOBuster (download at: http://www.smart-projects.net/ ).

    The most comprehensive guide I have found so far is this:

    http://www.winsupersite.com/showcase/windowsxp_sp2_slipstream.asp

    If you have trouble following what is being said in the document, here’s the gist of it:

    Open your Windows XP disk using Windows Explorer.
    Copy all files to a folder called C:\XP.
    Copy the SP2 file to a folder called C:\XP.
    Integrate the SP2 into the Windows XP.
    Install ISOBuster.
    Extract the Bootable CD node to C:

    Burn the new compilation to CD. You will have to create a bootable disk. When prompted for the location of the boot file, make sure you select the path to the file extracted from the Bootable CD node.

    Make sure you name the new disk EXACTLY the same as the original one.

    You will now have a fully integrated Windows XP SP2 installation ready.

    C2. Install Bart PE builder

    Bart PE builder allows you to build bootable Windows CD/DVDs. The bootable disks have a great advantage of allowing the user to perform security, maintenance, diagnostics, or rescue operations and checks on any PC.

    The disks will grant full network and internet access, as well as tools for creation and restoration of partitions, backup, imaging, remote control, and more. If your machine ever becomes unbootable, you will always be able to boot from the CD and salvage your personal data. In the case of severe virus or spyware infection, you will be able to scan the hard drives without the complex dependencies of the OS installed.

    You can download Bart PE builder here:

    http://www.nu2.nu/pebuilder/

    C3. Download extended drivers and plug-ins

    Bart PE comes with a standard set of tools. However, you do not need to limit yourself to these. You can download a variety of extra drivers and plug-ins, which will increase the functionality and flexibility of your Live CDs.

    A very useful and powerful set of tools and drivers can be found here:

    http://www.ubcd4win.com/

    http://www.ubcd4win.com/downloads.htm

    Download the Programs and Drivers.
    Back up your existing ‘drivers’ and ‘plugin’ folders.
    Extract the Programs and Drivers and overwrite the existing ‘drivers’ and ‘plugin’.

    The package of tools provided is comprehensive and very powerful. The full list can be found here:

    http://www.ubcd4win.com/contents.htm

    Note: you might need to have to register to download the drivers.

    C4. Create your bootable CDs

    Now you can use the PE builder. Provide the source of your original (slipstreamed) Windows XP. Make sure all plugins are selected. Create an image.

    This image can be burned to CD. Once you burn it, you can use it. It will boot on any computer.

    Among many other tools, you will enjoy anti-virus programs, Ad-Aware, Spybot S&D, HijackThis, Firefox browser, Popcorn mail client, DeepBurner, PDF Reader, defragmentation, imaging and recovery tools, an ability to see Linux partitions from inside Windows, FTP support, VNC, benchmarking tools, and much more.

    D. Backup & Imaging

    D1. Backups

    I will mention two tools, which can be used for the backup of files and registry, apart.

    PTReplicator

    http://www.karenware.com/powertools/ptreplicator.asp

    The tool can be used to backup files automatically using scheduled task. This can be very useful for people who often modify a large number of files and have a problem keeping an accurate track of all the changes. The automated backup (copy) will allow them to sore away backups on daily or even hourly basis.

    ERUNT

    http://www.larshederer.homepage.t-online.de/erunt/

    ERUNT can be used instead of the existing System Restore to backup the registry. Like the Replicator, ERUNT has the automated backup feature, which can be activated to run with every boot. The program can save a large number of backups, and old backups can be automatically erased after a time.

    D2. Imaging

    I do not usually recommend the imaging of hard drives. However, for the sake of those who wish to keep their data in forms of backup images rather than stand-alone CD/DVDs, you can use Snapshot:

    http://www.drivesnapshot.de/en/

    Snapshot is NOT a free utility. It has a 30-day free trial period, after which it can be used for the restoration of existing images only. However, the program can be uninstalled and reinstalled at any time, granting the user an unlimited cycle of 30-day trial periods.

    However, for the sake of ethics, I recommend you contact the owners of the software on this issue.

    E. Internet

    E1. Firefox

    Assuming you have installed Firefox browser as advised in the first chapter, I will now elaborate some more on the available extensions.

    In the last chapter, I advised the users to install the Adblock extension. This extension can be made fully effective using imported filters.

    You can download the FiltersetG filter set here:

    http://www.pierceive.com/filtersetg/

    Explanations about how to import the filters can be found on the site.

    Installing the new filter sets manually can be a tedious work. To avoid this, you can download and install the Adblock Filterset.G Updater extension. The extension will automatically update the new set of filters every week.

    https://addons.mozilla.org/extensions/moreinfo.php?id=1136

    E2. Opera

    In the last months since the previous document, Opera have released an ad-free free version of their browser. I must recommend it here.

    http://www.opera.com/

    Opera browser is also very fast and secure and can be successfully used as an alternative to Firefox, or in conjunction therewith. One of the interesting features in the Opera browser is to save your last browsing session, allowing you to continue surfing at a later time without losing any data.

    F. Extra tools

    RootkitRevealer

    http://www.sysinternals.com/utilities/rootkitrevealer.html

    This application will help detect possible rootkits on the your computer. However, analyzing the logs can be a bit tricky.

    EULAlyzer

    http://www.javacoolsoftware.com/eulalyzer.html

    This application will help you find suspicious clauses in long EULAs and help you decide whether the program you are installing might be used to compromise your privacy and security.


    That’s it for now . . . In the third part, I will probably cover multiple-OS partitioning and booting and possibly some Linux installations.


    End of document


    ************************************************************************

    Have fun

    Mrk
     
    Last edited: Sep 28, 2005
  2. Scoobs

    Scoobs Registered Member

    Joined:
    Sep 21, 2005
    Posts:
    110
    Blimey - this, and your other post (which I was compelled to read after reading this) certainly seem comprehensive. Good work. As a newb I think I may well use this to start again on an old PC.



    In the interests of making an alreadyvery impressive document more so can I ask about one point? At C1 you say:

    As a Newb, I don't quite follow that. (And I don't understand
    but assume I will if I install ISO Buster and use it)
     
  3. Mrkvonic

    Mrkvonic Linux Systems Expert

    Joined:
    May 9, 2005
    Posts:
    8,695
    Hi,
    If you go to the link I posted, you will see how it's done. Actually, in command prompt, you type sp2.exe /integrate:c:\xp to do that, assuming your service pack 2 is called sp2 and that you ARE in the c:\sp2 folder.
    Read the article you will get it.
    The second question, extract is the right click option you will have once you use the ISOBuster. Extracting will in fact properly save the file within the boot node to your c:, which you will be able to use later on to create your cd. Again, I suggest you read the hyperlinked documents to fully understand it. Then, if you do not get it, read again my guide, and I think you will find things clear.
    Hope this helps.
    Mrk
     
Loading...
Thread Status:
Not open for further replies.