Slipstreaming Or: Installing, patching, securing, and tweaking a new windows installation in one (mostly) easy step
Why For? 0-Infected: Faster than a Ferrari –Honeynet project: Firewalls?! Distribution costs
The Challenge Install where you can’t be attacked Patch without being attacked Finish configuring without being attacked
Secure Install Methods Offline install –CDs, USB keys, external drives, etc Filtered access –Software firewall, hardware firewall Drive Imaging –Universal Imagining UtilityUniversal Imagining Utility
Slipstreaming Techniques Patching –Patches install files Unattended installs –Tweaking –Add-ons
Slipstreaming Methods Manual –Based on command-line Automatic –Totally tool driven Semi-auto –Somewhere in between
Manual Patches and SPs have CLI options Chaining Copy cd contents to C:\XP-CD Service Pack 2 Extract: MKDIR c:\XP-SP2 XP-SP2.EXE /U /X:C:\XP-SP2 Apply the SP: C:\XP-SP2\i386\UPDATE\UPDATE.EXE -S:C:\XP-CD
Automatic Free Tools! –XPCREATEXPCREATE –AutoPatcherAutoPatcher –nLitenLite
Semiautomatic Use nLite for automated patch integration, some fixes Manually incorporate other software –Mcafee –Office
nLite Let’s play!
Testing Virtual PC –Free for MSDN subscribers Vmware –$$ BOCHS/Qemu –Free, but unsure of reliability
Potential Issues Licensing –Microsoft Select Agreement –Other software? Keys pre-populated?
Questions? Jordan Wiens Network Security Engineer