application and Internet Explorer snapshotting


I have been asked to provide an analysis of security risks associated with permitting access to applications within our environment via a SSL VPN gateway, in particular what things change on the system as part of an inital deployment of an application (ie. there may be registry keys that need to change), as well as what our exposure may be by means of sensitive data left on the pc after a connection has been terminated.

This data may be in the form of cookies, temporary web pages, etc.

I am after a tool that can do a before-and-after evaluation and comparisson.  I have read a few articles that refer to sysdiff (but have been unable to locate it as M$ have removed the link from their site), but is there any other applications that may do a similar function ?

We do not run ZENworks, SMS, ManageSoft, Alteris (or any of the other larger Enterprise s/w management apps).  This is for a once-off (simulate what a home user will experience in order to assess our level of risk).

Thanks in advance.

Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Hello  r_boucher  hope my little offerings may assist you.
here is an alternative Sysdiff for XP

Computer Services
Stanton/Wilmington Campus
Preparing a computer for sysdiff

r_boucherAuthor Commented:
Thanks Merete,

The Checkpoint article is brilliant.  Hopefully it will assist in one of my goals (educating management as to the perils and risks associated with RAS).

WinInstallLE seems to be (from the quick view I had) more aimed at application (in particular .MSI) packaging.

The sysdiff article looks good, but I am still left with the need to find a copy of sysdiff.exe.  M$ have removed it from their site.

To recap my requirements...

To be able to track the differences in a pc (files, registry, etc.) when a user accesses an application via SSL for the first time (this may help to 'pre-deliver' some larger components, such as Java, disable Java updates, etc.).
To be able to determine what is left behind after a session is terminated.  This is mainly in terms of cookies, commercially sensitive data, etc.

Once again, thanks.

awe thank you, I even surprise myself sometimes.I  hoped the checkpoint would make up for the other two links if they were no good to you.

I really do not have a lot of experience with keeing a snapshot of regestry /internet etc / and ssl.

But have you considered using the regestry backup this does keep a complete snapshot of the system and the changes.
 the Registry is stored
In Windows 95, 98, and Me, the Registry is contained in two hidden files in your Windows directory, called USER.DAT and SYSTEM.DAT.
In Windows 2000 and Windows XP, the Registry is stored in several Hives, located in the \windows\system32\config and \Documents and Settings\{username} folders.

With the sysdiff.exe the xp version or the one recomended for xp "WinINSTALL LE"   is here r/click and save as
pro's and con's

The other is on the >>
There's also a WinINSTALL LE on the Windows 2000 Server CD at >> E:\VALUEADD\3RDPARTY\MGMT\WINSTLE\SWIADMLE.MSI however, I'd go with the download above (it's free and is a newer version that also works with Windows 2003 Server) instead. Sysdiff was based on this from what a friend who's been in IT for 15+ years told's NICE!

Sysdiff.exe Deployment Tool Is Not Included in Windows XP
This article was previously published under Q298389
The Sysdiff.exe deployment utility is not included on the Windows XP CD-ROM. This article provides alternative resources you may be able to use to deploy Windows XP.
As an alternative resource for deploying Windows XP, the following alternative resources may apply to your environment: • For Windows XP custom installations, third-party solutions such as Wininstall provide the ability of repackaging programs into packages that are suitable for distribution with the Windows Installer. Wininstall LE is included on the Microsoft Windows 2000 Server CD-ROM in the>>  \VALUEADD\3dparty\Mgmt\Winstle folder.
• In a Windows 2000 domain environment, you can also deploy Windows 2000 Professional or Windows XP Professional installations with custom programs by using the Remote Install Service (RIS) by Ripreping an image of a custom installation to an RIS server.
For more information about how to deploy Windows XP, please view the OEM Preinstall Kit (OPK), or visit the following Microsoft Web site: (
The third-party products that are discussed in this article are manufactured by companies that are independent of Microsoft. Microsoft makes no warranty, implied or otherwise, regarding the performance or reliability of these products.

HOWTO: Using Sysdiff.exe with Unattended Setup and Windows NT 4.0


Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
r_boucherAuthor Commented:
Many thanks to Merete for being the only person to respond and provide some useful assistance.
thank you r_boucher yes I see not one other comment.
Well I sure am happy I was able to assist you in some way.
Best wishes
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Windows XP

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.