Re: Infecting OEM Images

[Dude VanWinkle <dudevanwinkle () gmail com>]

On 1/19/06, Willy, Andrew <AWilly () esmil net> wrote:
> That restore partition rather than CD caught us by suprise in a Ghost
> deployment fiasco.  I won't bore you with details but will summarize the
> conversation.
>
> Guy A: "Hrm. I guess this image ain't gonna work on these workstations."
>
> Guy B: "Better start over."
>
> Guy A: "Yep.  Let me have the ever handy, really useful, incredibly reliable
> restore CD."
>
> Guy B: "I thought you had it?"


All you need is their drivers, dump the (dell, hp, compaq, toshiba,
ibm, etc) image and create your own, slipstream the patches
(http://unattended.msfn.org) and put your apps in the run_once reg
entries with a reboot set for every one that _requires_ it.

For those apps that dont have command line switches for their
installers, you can use that handy ghost cd to get the best thing off
it: AI Snapshot and AI Builder. It make take two weeks to have your
own winnt.sif file and standard apps, but it is well worth it, plus
you can  put it on a NIS and then just type newpatch.exe
/integrate:\\path_to_NIS_install_files every patch tuesday and viola!

All the standard images have so much fluff, and a lot if that fluff is
or will be a security flaw, not to mention a waste of space and
cycles. Plus with an automated install, you dont have to worry about
driver conflicts.

-JP
"Integrate the SATA drivers last ;-)"
-JP

_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.