[Okta Webinar] Learn how to a build a cloud-first strategyRegister Now

x
?
Solved

application and Internet Explorer snapshotting

Posted on 2006-04-04
5
Medium Priority
?
273 Views
Last Modified: 2012-05-05
Greetings,

I have been asked to provide an analysis of security risks associated with permitting access to applications within our environment via a SSL VPN gateway, in particular what things change on the system as part of an inital deployment of an application (ie. there may be registry keys that need to change), as well as what our exposure may be by means of sensitive data left on the pc after a connection has been terminated.

This data may be in the form of cookies, temporary web pages, etc.

I am after a tool that can do a before-and-after evaluation and comparisson.  I have read a few articles that refer to sysdiff (but have been unable to locate it as M$ have removed the link from their site), but is there any other applications that may do a similar function ?

We do not run ZENworks, SMS, ManageSoft, Alteris (or any of the other larger Enterprise s/w management apps).  This is for a once-off (simulate what a home user will experience in order to assess our level of risk).

Thanks in advance.

Reece...
0
Comment
Question by:r_boucher
  • 3
  • 2
5 Comments
 
LVL 70

Expert Comment

by:Merete
ID: 16379441
Hello  r_boucher  hope my little offerings may assist you.
here is an alternative Sysdiff for XP
http://www.computing.net/drivers/wwwboard/forum/3605.html

Computer Services
Stanton/Wilmington Campus
Preparing a computer for sysdiff
http://www.dtcc.edu/cs/admin/nt/notes/sysdiff.html

http://www.checkpoint.com/products/downloads/Connectra_WhitePaper_SSL.pdf

0
 

Author Comment

by:r_boucher
ID: 16389280
Thanks Merete,

The Checkpoint article is brilliant.  Hopefully it will assist in one of my goals (educating management as to the perils and risks associated with RAS).

WinInstallLE seems to be (from the quick view I had) more aimed at application (in particular .MSI) packaging.

The sysdiff article looks good, but I am still left with the need to find a copy of sysdiff.exe.  M$ have removed it from their site.

To recap my requirements...

To be able to track the differences in a pc (files, registry, etc.) when a user accesses an application via SSL for the first time (this may help to 'pre-deliver' some larger components, such as Java, disable Java updates, etc.).
To be able to determine what is left behind after a session is terminated.  This is mainly in terms of cookies, commercially sensitive data, etc.

Once again, thanks.

Reece...
0
 
LVL 70

Accepted Solution

by:
Merete earned 375 total points
ID: 16389908
awe thank you, I even surprise myself sometimes.I  hoped the checkpoint would make up for the other two links if they were no good to you.

I really do not have a lot of experience with keeing a snapshot of regestry /internet etc / and ssl.

But have you considered using the regestry backup this does keep a complete snapshot of the system and the changes.
 the Registry is stored
In Windows 95, 98, and Me, the Registry is contained in two hidden files in your Windows directory, called USER.DAT and SYSTEM.DAT.
In Windows 2000 and Windows XP, the Registry is stored in several Hives, located in the \windows\system32\config and \Documents and Settings\{username} folders.
http://www.softpanorama.org/Unixification/free_registry_tools.shtml

With the sysdiff.exe the xp version or the one recomended for xp "WinINSTALL LE"   is here r/click and save as http://downloads.ondemandsoftware.com/download/installs/Winstall87201/le/wininstallle.exe
pro's and con's
http://www.ltsw.se/knbase/nt40/sysdiff.htp

The other is on the >>
There's also a WinINSTALL LE on the Windows 2000 Server CD at >> E:\VALUEADD\3RDPARTY\MGMT\WINSTLE\SWIADMLE.MSI however, I'd go with the download above (it's free and is a newer version that also works with Windows 2003 Server) instead. Sysdiff was based on this from what a friend who's been in IT for 15+ years told me...it's NICE!

Sysdiff.exe Deployment Tool Is Not Included in Windows XP
This article was previously published under Q298389
SUMMARY
The Sysdiff.exe deployment utility is not included on the Windows XP CD-ROM. This article provides alternative resources you may be able to use to deploy Windows XP.
MORE INFORMATION
As an alternative resource for deploying Windows XP, the following alternative resources may apply to your environment: • For Windows XP custom installations, third-party solutions such as Wininstall provide the ability of repackaging programs into packages that are suitable for distribution with the Windows Installer. Wininstall LE is included on the Microsoft Windows 2000 Server CD-ROM in the>>  \VALUEADD\3dparty\Mgmt\Winstle folder.
• In a Windows 2000 domain environment, you can also deploy Windows 2000 Professional or Windows XP Professional installations with custom programs by using the Remote Install Service (RIS) by Ripreping an image of a custom installation to an RIS server.
For more information about how to deploy Windows XP, please view the OEM Preinstall Kit (OPK), or visit the following Microsoft Web site:
http://www.microsoft.com/oem (http://www.microsoft.com/oem)
The third-party products that are discussed in this article are manufactured by companies that are independent of Microsoft. Microsoft makes no warranty, implied or otherwise, regarding the performance or reliability of these products.

HOWTO: Using Sysdiff.exe with Unattended Setup and Windows NT 4.0
http://support.microsoft.com/kb/q156795/

0
 

Author Comment

by:r_boucher
ID: 16549800
Many thanks to Merete for being the only person to respond and provide some useful assistance.
0
 
LVL 70

Expert Comment

by:Merete
ID: 16550213
thank you r_boucher yes I see not one other comment.
Well I sure am happy I was able to assist you in some way.
Best wishes
Merete
0

Featured Post

What does it mean to be "Always On"?

Is your cloud always on? With an Always On cloud you won't have to worry about downtime for maintenance or software application code updates, ensuring that your bottom line isn't affected.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Are you unable to synchronize your OST (Offline Storage Table) file with Microsoft Exchange Server? Is your OST file exceeding 2 GB size limit? In Microsoft Outlook 2002 and earlier versions, there is a 2 GB size limit for the OST file. If the file …
cPanel is a Unix based web hosting control panel that provides a graphical interface and automation tools designed to simplify the process of hosting a web site. cPanel utilizes a 3 tier structure that provides functionality for administrators, rese…
Two types of users will appreciate AOMEI Backupper Pro: 1 - Those with PCIe drives (and haven't found cloning software that works on them). 2 - Those who want a fast clone of their boot drive (no re-boots needed) and it can clone your drive wh…
When cloud platforms entered the scene, users and companies jumped on board to take advantage of the many benefits, like the ability to work and connect with company information from various locations. What many didn't foresee was the increased risk…
Suggested Courses

834 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question