Empty snaphot is that the way?

Discussion in 'FirstDefense-ISR Forum' started by demoneye, May 19, 2008.

Thread Status:
Not open for further replies.
  1. demoneye

    demoneye Registered Member

    Joined:
    Dec 30, 2007
    Posts:
    1,356
    Location:
    ISRHell
    lo all

    i read its for install new fresh os over FDISR within window...but its just aint work

    if its not the way how do i install (not from scracth and than archive it) new os to make it snapshot?


    cheers
     
  2. ErikAlbert

    ErikAlbert Registered Member

    Joined:
    Jun 16, 2005
    Posts:
    9,455
    It works, you just don't know how to do it. A few users have done this already.
    As I said before, FDISR has a longer learning curve, you don't learn FDISR in one day.
    Do some searches in this forum and you will find the answers.
     
    Last edited: May 19, 2008
  3. demoneye

    demoneye Registered Member

    Joined:
    Dec 30, 2007
    Posts:
    1,356
    Location:
    ISRHell
    erik u are the guru i read hehe , welp ... its just overwrite my previous OS (didnt format durung setup) and start boot with out FDISR login dos screen ( at post).... and i play with it for couple of days...this is maybe tje last knowledge hole i got :D

    chers:thumb:
     
  4. ErikAlbert

    ErikAlbert Registered Member

    Joined:
    Jun 16, 2005
    Posts:
    9,455
    I'm not the only FDISR-guru. If there are technical problems, Peter helped more users in the past, then I ever did and other FDISR-users were also sometimes a big help to other users. My technical knowledge is very poor.
    I don't use the function "Empty Snapshot", so I have to search myself in the forum to find that information.
     
  5. Woody777

    Woody777 Registered Member

    Joined:
    Aug 29, 2006
    Posts:
    484
    I also have tried this with the exact same results that You (Demoneye) have described. In fact my computer would not boot at all & attempts to repair the defunct MBR met with the expected (for Me) failure. I then put in my restore Disc & essentially started over. I did have a Archived FDISR Snapshot so I installed FDISR again & imported it into a snapshot. End of experiment. Yes there is indeed a description of how you are supposed to do this in a RAXCO FAQ that I read before trying this. I did not actually find step by step instructions in this forum but I certainly would not discount the possibility that somewhere in this forum they might exist. So for me too it " Did not work" , & yes indeed it probably can be done " IF" you know how. I then loaded my new Operating system in a Virtual Box snapshot & made do with that. I have chalked this whole fiasco up to experience & decided that there are just some things you should not try. Lets face it I only lost about 4 hours of my time trying this out
     
  6. osip

    osip Registered Member

    Joined:
    Oct 25, 2006
    Posts:
    610
    did you boot into the empty snapshot with the expected ntdlr missing as it should...and after this a new reboot with the install cd in ?
     
  7. ErikAlbert

    ErikAlbert Registered Member

    Joined:
    Jun 16, 2005
    Posts:
    9,455
    Last edited: May 19, 2008
  8. Peter2150

    Peter2150 Global Moderator

    Joined:
    Sep 20, 2003
    Posts:
    17,056
    Like wise I've never used empty snapshots, so I can't add anything to what's been said.
     
  9. Woody777

    Woody777 Registered Member

    Joined:
    Aug 29, 2006
    Posts:
    484
    Thank you ERIKALBERT I will review & try to figure out what I did wrong. If I ever try this again I will back up at least 3 ways. So did you ever describe (in this forum) how you managed to do this by your alternate method?
     
  10. ErikAlbert

    ErikAlbert Registered Member

    Joined:
    Jun 16, 2005
    Posts:
    9,455
    I think I did, but I don't remember in which thread.
     
  11. demoneye

    demoneye Registered Member

    Joined:
    Dec 30, 2007
    Posts:
    1,356
    Location:
    ISRHell
    yes idid and got this nt loader missing msg:doubt:
     
  12. ErikAlbert

    ErikAlbert Registered Member

    Joined:
    Jun 16, 2005
    Posts:
    9,455
    How to avoid an Empty Snapshot.

    1. Backup your actual system partition with all its snapshots. Very important !!!

    2. Install winVISTA as usual + anything else you need, like you installed winXP before FDISR.
    3. When finished, install FDISR with primary snapshot (secondary snapshot isn't needed)
    4. Copy/update from primary snapshot to a new archive on your external HDD. (winVISTA.arx)
    5. Optional : create an image if you think you will need it in the future

    6. Restore your actual system partition.
    7. Boot in your rescue snapshot or any other snapshot.
    8. Copy/update from winVISTA.arx to new snapshot.

    Now you have a snapshot that contains winVISTA.

    I never tried this with winVISTA (I don't have it), I always used the same OS : winXPproSP2.
    It should work in theory for winVISTA and win2000pro.

    If you don't understand it, use an Empty Snapshot :D
     
    Last edited: May 19, 2008
  13. Woody777

    Woody777 Registered Member

    Joined:
    Aug 29, 2006
    Posts:
    484
    Thank You for the proceedure. I will try sometime but not today. By the way my system was set to boot from the Hard Drive & not the CD as the first boot device. I suspect that is why it did not work. I changed it & will try again sometime but not today my other life is calling.
     
  14. ErikAlbert

    ErikAlbert Registered Member

    Joined:
    Jun 16, 2005
    Posts:
    9,455
    It's OK with me. I'm not waiting. :D
     
  15. demoneye

    demoneye Registered Member

    Joined:
    Dec 30, 2007
    Posts:
    1,356
    Location:
    ISRHell
    i think i take erik stand....its not secure/unsafe install threw "empty snapsot" better install fresh os archive it and use it after restore your working Xp AND FROM THERE "mount" it :)

    cheerso_O
     
  16. ErikAlbert

    ErikAlbert Registered Member

    Joined:
    Jun 16, 2005
    Posts:
    9,455
    In theory, I consider my actual system partition as infected, no matter how good my security/boot-to-restore is.
    Does my boot-to-restore remove all threats ? I'm not sure. What about low level HDD changes, rootkits, Rustock.C, Joanna's invisible things ?

    A system partition without boot-to-restore is even more vulnerable to new sophisticated threats, because there is no ISR-software to remove these threats, when they bypass your security.

    Using an Empty Snapshot means it will be installed in an actual system partition, which could be infected and that is not a safe environment anymore.

    Based on that theory, I also decided not to backup my actual system partition anymore. I could backup an infected system partition and even worse, I could restore it and re-infect my computer.
    That was bothering me constantly, even as ISR-user and certainly as non-ISR-user. The idea of having resident malware on my computer kept me awake.

    To fix this, I decided to change my classical backup habits and created a new backup procedure :

    1. I restore my clean image, which hasn't been online (only this is extra work)
    2. I upgrade my clean image with new versions of softwares or a new permanent software (same job as in the past)
    3. I backup my clean image and use it as my new clean actual system partition (same job as in the past).

    Since I don't have to spend any time on cleaning and repairing my system partition anymore, I have more time to do it this way. My system partition doesn't change that much, it only has Windows and Applications.

    Another advantage is that you can install new software in your actual system partition and try it as long you need.
    Once you know how to use it and configure it, you can install it permanently in your clean image.
     
    Last edited: May 20, 2008
  17. demoneye

    demoneye Registered Member

    Joined:
    Dec 30, 2007
    Posts:
    1,356
    Location:
    ISRHell
    u wrote " . I restore my clean image, which hasn't been online (only this is extra work) " is the online is the isue? or that u wrote "Does my boot-to-restore remove all threats ? I'm not sure. What about low level HDD changes, rootkits, Rustock.C, Joanna's invisible things " <<

    restore any new image made on the theory infected partition will do no good....its maybe clean MBR or whaever toold to clean it good and than restore the image...

    cheers
     
  18. ErikAlbert

    ErikAlbert Registered Member

    Joined:
    Jun 16, 2005
    Posts:
    9,455
    I didn't mention this, but the complete procedure is :
    1. I zero my harddisk [C:] (quick or full zero)
    2. I restore my clean image, which hasn't been online (only this is extra work)
    3. I upgrade my clean image with new versions of softwares or a new permanent software (same job as in the past)
    4. I backup my clean image and use it as my new clean actual system partition (same job as in the past).

    If I zero my harddisk (quick or full), there is no MBR or PBR or anything else anymore.

    Members consider me already enough as paranoid, so I didn't mention the zero part.
    Some users consider restoring an image as enough, zeroing is absurd to them. :)

    I find opinions always amusing, everybody thinks he is right and it's up to me to find out who is totally wrong or right or closest to the truth.
     
    Last edited: May 20, 2008
  19. demoneye

    demoneye Registered Member

    Joined:
    Dec 30, 2007
    Posts:
    1,356
    Location:
    ISRHell
    lol erik , for my point of view such a term "paranoid" in secuirty matters doesnt realy existent. the more u "paranoid" as much your working environment is clean from malware and your OS last:cautious:

    cheers:D
     
Thread Status:
Not open for further replies.