|May the source be with you, but remember the KISS principle ;-)|
|Contents||Bulletin||Scripting in shell and Perl||Network troubleshooting||History||Humor|
|News||Recommended Books||Recommended Links||Recommended Papers||Fighting spyware||Disk Backup|
|Integrity checking||Registry security||Internet Scams||Creating baseline||Creating Norton Ghost based baseline images||Integrity checkers||Windows Process Viewers||Hardening||Etc|
An ounce of prevention is worth a pound of cure.
Microsoft's free tool, Windows SteadyState allow to control the programs access to the drive, internet, system and installed software. Windows SteadyState includes Windows Disk Protection feature that will cache changes on windows partition. Behind the scene, WDP creates and reserves a large (2 GB as a minimum) cache file to save all changes to the Operating System and program files. It needs at least 4 GB of unallocated space on your Windows partition to create its cache file, but the default size used is approximately 50% of the available disk space (40 GB as a maximum).
If Windows Disk Protection is installed and enabled, you can choose it to:
Windows SteadyState is not compatible on a 64-bit computer. If Windows Disk Protection
is enabled, it will use 50% of available disk space as ‘cache’. Users can change
manage the disk space that Windows Disk Protection will use. The minimum storage
space to be use by Windows Disk Protection is 2GB. Disabling Windows Disk
Protection will clear the cache and removes the Windows Disk Protection’s driver.
In using any of the above programs, you can perform any operations in your system without putting your PC at risk. There is also no need to use another desktop or server as testing environment before applying in a production system or computers that you cannot afford to lose. Malware infections, unusable system state and software update impacts are never an issue to organizations and individuals that take advantage of Try&Decide feature in Acronis True Image, ShadowMode feature of StorageCraft’s ShadowSurfer or ShadowUser and the Windows Disk Protection feature of Microsoft’s Windows SteadyState.
Chapter 6 Windows Disk Protection (Microsoft Shared Computer Toolkit for Windows XP Handbook )
September 16, 2005
The Windows Disk Protection tool protects the Windows operating system and program files from being permanently changed on a Windows partition. During a session, a user can make changes as necessary within the bounds of any restrictions placed on the user. When the computer restarts, Windows Disk Protection returns the Windows partition to its original condition, discarding any changes made during the user session.
This tool helps protect computers from users who might attempt to damage the operating system, and it also prevents malware and spyware from tampering with the computer.
Malicious software, which includes viruses, worms, and Trojan horses, that is designed to harm a computer operating system.
Potentially unwanted software that may collect personal information and is inappropriate for shared computers.
Each time the computer restarts, Windows Disk Protection returns the partition that holds the Windows and program files (called the Windows partition) to its original state. This provides the next user with a standard and reliable experience.
Before you turn on Windows Disk Protection, be sure that you have correctly prepared the disk and created, customized, and restricted the required user profiles as discussed in the previous chapters.
On This Page
Turn On Windows Disk Protection
Save Changes When Windows Disk Protection Is On
Retain Changes When Windows Disk Protection Is On
Retain Changes Indefinitely When Windows Disk Protection Is On
Improve the Performance of Windows Disk Protection
Manage the Protection Partition
Turn On Windows Disk Protection
The default behavior of Windows Disk Protection is to clear disk changes made to the Windows partition with each computer restart, thereby protecting the disk from unwanted changes. Operators can at any time choose to save changes made to the disk. Operators can also schedule Windows Disk Protection to download, install, and save critical updates to disk automatically while the computer is not in use.
For best disk performance, defragment your Windows partition prior to turning on Windows Disk Protection. Do not defragment the disk when Windows Disk Protection is on.
To turn on Windows Disk Protection and schedule critical updates
- Click Start, point to All Programs, point to Microsoft Shared Computer Toolkit, and then click Windows Disk Protection. Restart the computer if requested and then start Windows Disk Protection again.
- In the Restart Action section, click Keep On. If this is the first time you have used the Shared Computer Toolkit, Windows Disk Protection creates the protection partition. The computer requires a restart to complete the initialization process.
- After the restart, return to Windows Disk Protection to complete the configuration.
- If Windows Disk Protection identifies antivirus software it knows how to update, it displays a dialog box to this effect. If you see this dialog box, click OK.
- If Windows Disk Protection did not detect your antivirus software, click Set to specify an antivirus script you have created. You can configure other update scripts as needed to manage updates for third-party programs.
- In the Critical Updates section, configure the day and time at which Windows Disk Protection should download and install critical updates.
- For Microsoft Updates, Click Enabled to enable critical Microsoft updates.
- Click OK.
- Windows Disk Protection displays a message that states that the computer must be restarted for the changes to take effect. Click Yes to restart the computer.
Do not attempt to change any partition after Windows Disk Protection is turned on because it tracks physical disk and partition numbers and they must not change. If you must change partitions, turn off Windows Disk Protection and delete the protection partition before making any partition changes.
The default setting for Windows Disk Protection is to Clear changes with each restart. This option ensures that untrusted users and malware cannot save any disk changes to the Windows partition of the computer. When the computer restarts, all disk changes that were made are removed, and the computer returns to its previous state.
The Restart Option will not become available to change until after the computer has been restarted with Windows Disk Protection turned on. This ensures that Windows Disk Protection is started with the default settings.
Services, such as event logging, that usually write to the Windows partition will not be able to permanently record log entries because new entries will be lost when changes are cleared. To keep event logs, consider moving them to a persistent volume. This process is covered in the “Improve the Performance of Windows Disk Protection” section later in this chapter.
Hibernation and Windows Disk Protection
If hibernation is enabled on your system when you turn on Windows Disk Protection, you will receive a message that indicates that hibernation does not work with Windows Disk Protection.
When a system hibernates, it writes the contents of the system RAM to a file on the disk. Because modifications to the Windows partition are cleared when Windows Disk Protection is on and set to Clear changes with each restart, hibernation will fail.
To disable hibernation, open Control Panel, double-click Power Options, click the Hibernate tab, and then clear the Enable hibernation check box.
Windows Disk Protection Status
When Windows Disk Protection is on and Getting Started is not configured to run automatically, a popup called Disk Protection Is On will appear when you log on as the Toolkit administrator. This popup provides a convenient way to open Windows Disk Protection when you have to save changes to disk.
If you want to stop this popup from appearing, delete the Check Windows Disk Protection shortcut from the Toolkit administrator’s Startup folder.
When you turn on Windows Disk Protection, it will continue to install Microsoft critical updates using the Automatic Updates schedule you may have configured previously. It will use Microsoft Update, Windows Update, or Windows Server Update Services, depending on which of these is currently used by Windows. (Software Update Services is not supported.) You can enable or disable Microsoft Updates and set the schedule to suit your needs when you turn on Windows Disk Protection.
When Windows Disk Protection downloads and installs critical updates, it will log off the active user, restart the computer to clear disk changes, and temporarily disable local user accounts to prevent unapproved disk changes from being saved at the same time. After downloading and installing the updates, it will set Windows Disk Protection to Save changes with next restart and then restart the computer.
In addition to being able to save Microsoft critical updates automatically, Windows Disk Protection allows a script you select to save antivirus updates and updates for other programs.
Alternatively, you can schedule antivirus updates through the graphical interface your antivirus product provides. Schedule the updates to occur at the exact same hour and day(s) as the schedule you select for critical updates in the Windows Disk Protection tool. The Windows Disk Protection critical updates process will wait at least 10 minutes for other updates to be completed concurrently before it restarts the computer to save disk changes.
Windows Disk Protection will offer to perform antivirus updates automatically as part of the critical updates process if it detects an antivirus product it knows how to update. The Toolkit currently detects and includes scripts for updating the following antivirus products:
If you have another antivirus product, you might want to prepare a signature update script for it as described in your antivirus software manual. Look for sections that describe the command-line tools that perform signature updates.
Check the Microsoft Windows Shared Access newsgroup to see if anyone else has already created a signature update script for the antivirus software you have.
For more information about the Windows Disk Protection critical updates process, see Appendix A, “Technical Primer.”
Other Updates from Microsoft
Windows Disk Protection only automates critical updates from Microsoft—it does not automatically install recommended updates, optional updates, driver updates, or special updates that may have their own license agreements. Review the updates available on Microsoft Update periodically, download and install the ones you want, and then use the Windows Disk Protection tool to save changes to disk.
Undo your worries with Windows Disk Protection
Windows Disk Protection keeps everything on the Windows disk partition from being permanently changed by users. This means every change made during a user session can easily be undone and the computer returned to its original state.
Create a consistent experience
On a shared computer, the goal is to create a consistent, uniform environment for all users. They should not be able to modify or corrupt the system. However, activities performed during a user session cause many changes to the operating system partition. Program files are created, modified, and deleted. The operating system also updates system information as part of its normal operation.
Windows Disk Protection clears all changes to the operating system partition whenever you restart the computer—or at whatever interval you specify.
How Windows Disk Protection works
When disk protection is turned on, it creates a cache file to retain all the modifications to the operating system or program directories. Histories, saved files, and logs are all stored in this cache file which has been created on a special partition of the system drive. At intervals you designate, Windows SteadyState deletes the contents of the cache and restores the system to the state in which disk protection was first turned on.
Set it and forget it
Choose the disk protection level that fits how your computer is used and whether or not your users need to save data for a specific length of time.
Malware infection and unwanted system changes are the biggest concerns by organizations and individuals. It’s easy to be infected nowadays if the anti-virus’ real-time protection failed to detect malicious behavior while a user is surfing or installing unknown programs. It’s also easy to have unusable system if an update or software installation contains bugs or incompatibility with existing applications.
The above problems will be solved by using ShadowMode, Try&Decide or Windows Disk Protection. For screenshots, please refer to below images.
1. ShadowMode feature in ShadowSurfer, ShadowUser and ShadowServer:
StorageCraft’s ShadowServer, ShadowSurfer and ShadowUser include a feature called ShadowMode. ShadowMode will create a virtual volume so you can run your PC or server in a virtual state. Unwanted changes or malware infection will not affect the system if ShadowMode is enabled. If you will install software, updates or make a major change on the system but later realize that it is not what you like or the update has unknown or known issues, you can simply end the ShadowMode session and go back to the previous system state.
ShadowSurfer and ShadowUser are compatible on Windows 2000 and XP systems. Vista system is not supported yet at the time of this writing. ShadowServer will run on 2000 and 2003 editions of Windows Server. You can commit the changes on files, folder or entire system; continue a ShadowMode session across reboots; schedule automatic reset of the computer to previous state and schedule to enable or disable a ShadowMode session if you will use ShadowUser and ShadowServer.
FAIR USE NOTICE This site contains copyrighted material the use of which has not always been specifically authorized by the copyright owner. We are making such material available in our efforts to advance understanding of environmental, political, human rights, economic, democracy, scientific, and social justice issues, etc. We believe this constitutes a 'fair use' of any such copyrighted material as provided for in section 107 of the US Copyright Law. In accordance with Title 17 U.S.C. Section 107, the material on this site is distributed without profit exclusivly for research and educational purposes. If you wish to use copyrighted material from this site for purposes of your own that go beyond 'fair use', you must obtain permission from the copyright owner.
ABUSE: IPs or network segments from which we detect a stream of probes might be blocked for no less then 90 days. Multiple types of probes increase this period.
Groupthink : Two Party System as Polyarchy : Corruption of Regulators : Bureaucracies : Understanding Micromanagers and Control Freaks : Toxic Managers : Harvard Mafia : Diplomatic Communication : Surviving a Bad Performance Review : Insufficient Retirement Funds as Immanent Problem of Neoliberal Regime : PseudoScience : Who Rules America : Neoliberalism : The Iron Law of Oligarchy : Libertarian Philosophy
War and Peace : Skeptical Finance : John Kenneth Galbraith :Talleyrand : Oscar Wilde : Otto Von Bismarck : Keynes : George Carlin : Skeptics : Propaganda : SE quotes : Language Design and Programming Quotes : Random IT-related quotes : Somerset Maugham : Marcus Aurelius : Kurt Vonnegut : Eric Hoffer : Winston Churchill : Napoleon Bonaparte : Ambrose Bierce : Bernard Shaw : Mark Twain Quotes
Vol 25, No.12 (December, 2013) Rational Fools vs. Efficient Crooks The efficient markets hypothesis : Political Skeptic Bulletin, 2013 : Unemployment Bulletin, 2010 : Vol 23, No.10 (October, 2011) An observation about corporate security departments : Slightly Skeptical Euromaydan Chronicles, June 2014 : Greenspan legacy bulletin, 2008 : Vol 25, No.10 (October, 2013) Cryptolocker Trojan (Win32/Crilock.A) : Vol 25, No.08 (August, 2013) Cloud providers as intelligence collection hubs : Financial Humor Bulletin, 2010 : Inequality Bulletin, 2009 : Financial Humor Bulletin, 2008 : Copyleft Problems Bulletin, 2004 : Financial Humor Bulletin, 2011 : Energy Bulletin, 2010 : Malware Protection Bulletin, 2010 : Vol 26, No.1 (January, 2013) Object-Oriented Cult : Political Skeptic Bulletin, 2011 : Vol 23, No.11 (November, 2011) Softpanorama classification of sysadmin horror stories : Vol 25, No.05 (May, 2013) Corporate bullshit as a communication method : Vol 25, No.06 (June, 2013) A Note on the Relationship of Brooks Law and Conway Law
Fifty glorious years (1950-2000): the triumph of the US computer engineering : Donald Knuth : TAoCP and its Influence of Computer Science : Richard Stallman : Linus Torvalds : Larry Wall : John K. Ousterhout : CTSS : Multix OS Unix History : Unix shell history : VI editor : History of pipes concept : Solaris : MS DOS : Programming Languages History : PL/1 : Simula 67 : C : History of GCC development : Scripting Languages : Perl history : OS History : Mail : DNS : SSH : CPU Instruction Sets : SPARC systems 1987-2006 : Norton Commander : Norton Utilities : Norton Ghost : Frontpage history : Malware Defense History : GNU Screen : OSS early history
The Peter Principle : Parkinson Law : 1984 : The Mythical Man-Month : How to Solve It by George Polya : The Art of Computer Programming : The Elements of Programming Style : The Unix Hater’s Handbook : The Jargon file : The True Believer : Programming Pearls : The Good Soldier Svejk : The Power Elite
Most popular humor pages:
Manifest of the Softpanorama IT Slacker Society : Ten Commandments of the IT Slackers Society : Computer Humor Collection : BSD Logo Story : The Cuckoo's Egg : IT Slang : C++ Humor : ARE YOU A BBS ADDICT? : The Perl Purity Test : Object oriented programmers of all nations : Financial Humor : Financial Humor Bulletin, 2008 : Financial Humor Bulletin, 2010 : The Most Comprehensive Collection of Editor-related Humor : Programming Language Humor : Goldman Sachs related humor : Greenspan humor : C Humor : Scripting Humor : Real Programmers Humor : Web Humor : GPL-related Humor : OFM Humor : Politically Incorrect Humor : IDS Humor : "Linux Sucks" Humor : Russian Musical Humor : Best Russian Programmer Humor : Microsoft plans to buy Catholic Church : Richard Stallman Related Humor : Admin Humor : Perl-related Humor : Linus Torvalds Related humor : PseudoScience Related Humor : Networking Humor : Shell Humor : Financial Humor Bulletin, 2011 : Financial Humor Bulletin, 2012 : Financial Humor Bulletin, 2013 : Java Humor : Software Engineering Humor : Sun Solaris Related Humor : Education Humor : IBM Humor : Assembler-related Humor : VIM Humor : Computer Viruses Humor : Bright tomorrow is rescheduled to a day after tomorrow : Classic Computer Humor
The Last but not Least
Copyright © 1996-2016 by Dr. Nikolai Bezroukov. www.softpanorama.org was created as a service to the UN Sustainable Development Networking Programme (SDNP) in the author free time. This document is an industrial compilation designed and created exclusively for educational use and is distributed under the Softpanorama Content License.
Original materials copyright belong to respective owners. Quotes are made for educational purposes only in compliance with the fair use doctrine.
FAIR USE NOTICE This site contains copyrighted material the use of which has not always been specifically authorized by the copyright owner. We are making such material available to advance understanding of computer science, IT technology, economic, scientific, and social issues. We believe this constitutes a 'fair use' of any such copyrighted material as provided by section 107 of the US Copyright Law according to which such material can be distributed without profit exclusively for research and educational purposes.
This is a Spartan WHYFF (We Help You For Free) site written by people for whom English is not a native language. Grammar and spelling errors should be expected. The site contain some broken links as it develops like a living tree...
|You can use PayPal to make a contribution, supporting development of this site and speed up access. In case softpanorama.org is down you can use the at softpanorama.info|
The statements, views and opinions presented on this web page are those of the author (or referenced source) and are not endorsed by, nor do they necessarily reflect, the opinions of the author present and former employers, SDNP or any other organization the author may be associated with. We do not warrant the correctness of the information provided or its fitness for any purpose.
Last modified: July 22, 2012