Application Security Testing: An Integral Part of DevOps
Windows Shared Computer Toolkit
This FREE Windows Utility works on both XP Home and XP Pro and XP Tablet PC editions; other versions of XP and windows are not supported. Basically, you can read the documentation for in-depth information but I will do my best to explain the advantages and disadvantages I have found using and installing this for clients as well as helping others use this at home.
The very first thing that needs to be explained is that this is an excellent tool even for home use. The documentation makes it seems like only very public systems like a library or school can benefit by the use of this tool; this is not really true. The core of this tool is the Windows disk protection that requires 1 Gb ("Or 10 percent of actual disk or partition size, whichever is greater") of use in unallocated disk space. What this unallocated area does is keep two disk images ("one to revert back to, much like one would use a system restore point for") in the event of problems, or change of mind on a modified setting.
If needed, you can set a multitude of user restrictions based on user ID; however, you could just run as you are now and even with having Admin privileges once you restart your Windows drive is as it was before you logged on. This is because any changes of any kind are actually cached and not really written to your Windows partition unless you authorize it.
So, you can do anything as Admin and have peace of mind that no matter what malware you encounter or accidental changes or deletions are done, you will be as you were before whatever happened happened. Say, you want to add software, because it would not normally be saved after the next restart ("Using this tool"), it is as simple as changing the Windows Disk Protection to "Save Changes at Next Restart." Now, say you go "OMG what I installed had malware, I never noticed." Not a problem because you can always revert back to one disk image prior, by using F8.
If you have extensive tests or changes to do for new software that may require multiple restarts, you can set "Retain Changes Indefinitely." The restrictions on a per-user basis are extensive and very selective. You are not required to use them, but you may have need them.
So far, I have seen nothing easier to use that protects a system with rock-solid logic of not allowing anything to change anything on the drive that Windows is installed on, without permission. Because any and all changes to the Windows drive during any logon are cached once the system is restarted, there is no overhead. The only overhead of this beside the 1 Gb ("or 10 Percent rule") initial overhead is when you save changes.
Persistence of user data can be done by selectively keeping user profiles on a disk or partition that is not located where Windows is installed. This allows the entire drive or partition where Windows is located to remain protected while allowing users to retain changes and without the need to save changes at restart. This could cause malware to be placed on that partition or drive; however, because it has no launch ability it would remain dormant. I of course would still suggest using an A/V to be safe. Users also can be allowed to run and install programs outside of the protected area where Windows is located and even if they installed malware by doing this, Windows would still remain protected for all other users because said malware could never embed anywhere for other users.
I have installed this in many client sites, and also for friends and family, and all I can say is there is nothing more user friendly and protective that provides this kind of flexibility. I would like to keep this thread going for people who would like to take a crack at installing this and trying it. I will answer any questions and may be able to save some others some time in configuring and using this.
- Complete protection of the entire partition or disk where Windows is located. It's like doing a total system restore in two seconds every restart, back to a known clean image of an entire partition or drive.
- Awesome per user restrictions if needed—too many to list here.
- A Malware tester's dream, you can go anywhere, even as Admin, and have no fear. Because the entire partition or disk where Windows is located is copied to an un-allocated area on disk, it would be very hard to infect.
- Can be easily changed, including user changes as well as other features.
- Lets you basically install anything, test it, and if you decide you don't want it, re-boot, and it's gone.
- Even if you screw up and save an image, you can revert back to one image prior, so there is some forgiveness on that.
- System Restore can still be used, but you will need to do a "Save changes on next re-boot." The saved image retains your changes.
- The required disk space of 1 Gb ("or 10 percent of the disk size where Windows is located") is hard to stomach at first. Even if one decided not to keep using this toolkit, you can always reclaim that space back. But, it is a large chunk of disk for some. If you are a DVD/CD burner kind of person, you would want to increase this space to about 2 Gb larger if you store Lots of CD or DVD data.
- When you change an image, it takes about 20 seconds to complete. This can be even longer if you don't move the Windows paging file to a partition or disk other than the one Windows is located on.
- Any time you make a change of any kind to Windows, or install new software ("A/V Updates are handled automatically, and you can add scripts to handle other updates if needed"), you will need to remember to set Windows Disk Protection to "Save Changes On Next Restart." Otherwise, any changes will not stick after restarts.
- The documentation at times can be confusing. However, the User Interface is very easy to use.
If anyone has any questions or needs help with setting this up just shout if you want a FREE bulletproof way to fortify your XP Home or XP Pro system, or need very selective user restrictions this rocks, both for corporate and home use. Instant recovery without even a mouse click, it all goes back as it was on the next re-boot. Don't let the Public places documentation on this fool you. It's a great protection method—period—and it's free!
For more documentation about the toolkit, please go here: Click Here For More Information.