save and sound operating system

  • Thread starter Thread starter Jurek Karle
  • Start date Start date
J

Jurek Karle

Hi everyone,
I'd like to set up XP workstation which would be both
secure and accesible without any restrictions.
Here is how I'd like it to work: I install the operating
system, all needed applications, network
connections, printers, user accounts, etc. Then I save it
into a read-only device, which I can boot
from (just like installation CD, for example). Whenever
disaster strikes (virus or reckless user),
all what is needed is a fresh reboot. The user's work
might be lost (if not backed up on time),
but at least I'll have a clean and configured operating
system (quite substantial time saving).
How can I do that ?
Jurek
 
Jurek said:
I'd like to set up XP workstation which would be both
secure and accesible without any restrictions.
Here is how I'd like it to work: I install the operating
system, all needed applications, network
connections, printers, user accounts, etc. Then I save it
into a read-only device, which I can boot
from (just like installation CD, for example). Whenever
disaster strikes (virus or reckless user),
all what is needed is a fresh reboot. The user's work
might be lost (if not backed up on time),
but at least I'll have a clean and configured operating
system (quite substantial time saving).
How can I do that ?
Click to expand...

Third party applications..
Ghost images..
I think those are your best options for such a backup scheme..

Really - the best is just to prevent the user with good management (Active
Directory policies, etc) from screwing up the machine too badly in the first
place. heh

Your idea is interesting (look into Bart's PEBuilder) - but Windows XP
really won't boot (and stay working) for more than 24 hours from a READ ONLY
environment.. At least that I know of. Plus, putting your installation on
a read-only device isn't really optimal. Changes happen all the time, lots
of applications need access to parts you seem unaware of. Just not a very
plausible idea IMHO.
 
Hi,
Thanks for replying. There are really two aspects of this
issue to me.
One is a short-term solution. Anything that I could use
totally automatically, just rebooting a workstation
without recovery console, interactive partition image
restore, etc. Another is a long-term solution.
I understand that a domain controller cannot fall into
that category, but a stand-alone server (especially Web
server) or a workstation (I hope Microsoft is reading
this) could have a memory as well as disk space divided
into several categories distinguished by attributes (just
like files or folders), for example read-only,
exectue-only, read-write, etc. In case of disaster the
booting sequence (here is where Microsoft’s cooperation is
needed) the read-only files (DLLs, device drivers, etc.)
will be copies from DVD-ROM,
as well as memory image of last-working fresh-after-reboot
operating system. INI files could be copied
from removables and user files from tapes (later). All
totally automatic. With this in place the only way
the hacker or virus could destroy such system is by coming
to my desk and physically destroying my DVDs and CDs.
What’s wrong with this picture and why Microsoft hasn’t
developed anything like that ?
Jurek
 
Jurek said:
Thanks for replying. There are really two aspects of this
issue to me.
One is a short-term solution. Anything that I could use
totally automatically, just rebooting a workstation
without recovery console, interactive partition image
restore, etc. Another is a long-term solution.
I understand that a domain controller cannot fall into
that category, but a stand-alone server (especially Web
server) or a workstation (I hope Microsoft is reading
this) could have a memory as well as disk space divided
into several categories distinguished by attributes (just
like files or folders), for example read-only,
exectue-only, read-write, etc. In case of disaster the
booting sequence (here is where Microsoft’s cooperation is
needed) the read-only files (DLLs, device drivers, etc.)
will be copies from DVD-ROM,
as well as memory image of last-working fresh-after-reboot
operating system. INI files could be copied
from removables and user files from tapes (later). All
totally automatic. With this in place the only way
the hacker or virus could destroy such system is by coming
to my desk and physically destroying my DVDs and CDs.
What’s wrong with this picture and why Microsoft hasn’t
developed anything like that ?
Click to expand...

You can use ghost and a little creative scripting to hide the partition to
do what you want. Two partitions, one with the ghost image, one with the
working install.

I've done that before. In my case, a certain user was logged into the
computer to trigger the reboot and re-ghosting.
 
Back
Top