«

Our school has just recently taken delivery of a number of Dell PCs
(1.7 GHZ, 40GB HDD, 256 RAM) that are going to be running WINDOWS 2000
NT NOS. Our system is set up so that our student users don't have
right-mouse outside of applications such as MS-Office. Students have no
right to alter "c:\".

We are going to ghost a machine and use that clone the image to the
remaining 20 systems.

Students have access to the web (with some restrictions imposed by the
requyired filtering systems) but our principle problems are spyware,
and of course the ususal viruses, trojans and so forth. We are running
Symantec with live upadates for these latter, but we still get a lot of
problems with unwanted plug-ins (eg "whenusearch" attaching to
Explorer).

A couple of questions come to mind.

I'm considering installing Adaware, and Spybot S&D on the original
machine from which the ghost will be created. Are these the most
time-efficient, user-friendly and effective Malware products?

Is reghosting from a pristine or defragged machine an adequate
maintenance alternative to defragmenting and disk clean up or are there
good reasons for going around and deleting unnecessary programs and
temp files before running scandisk and defrag better in some measurable
way?

I'm trying to ensure I spend as little time fiddling as possible,
because, in practice time comes to us teachers in bits and pieces and
getting half way through a task and having to do something else is
quite common.

Not sure why you added the Win98 group to this, but here's my answer:

1. While Ad-Aware and Spybot are excellent apps, I don't recommend using
them except as after-the-fact scanners. Any of their options that
include real-time protection *may* cause problems. And Spybot's
"Immunize" and other features besides simple scanning are also known to
be potentially problematic. Whether your systems encounter these
problems or not is pretty much a toss of the dice. What keeps *my*
system clean is SpywareBlaster, along with the MVPS HOSTS file. You
should also add CWShredder to your arsenal of scanners. For more info
and links, see the Security article in my sig.

2. The amount of time required to restore an image is probably more,
overall, than performing maintenance procedures. But the amount of
"hands-on" time is much less. Restoring an image, you have a single
operation to perform, and then you leave it until it's done. Running
maintenance means running several operations that take anywhere from a
few minutes to an hour or more, and while some things can be scripted,
there are still a number of moments when operator input is required. And
even then, you do not have a "known state". Assuming that you have no
need to preserve anything that was added to the system after
installation, the imaging method is the simplest and surest method of
maintaining your lab machines.

--
Gary S. Terhune
MS MVP Shell/User
http://www.grystmill.com/articles/cleanboot.htm
http://www.grystmill.com/articles/security.htm

"FRAN" <> wrote in message
news: oups.com...
> Our school has just recently taken delivery of a number of Dell PCs
> (1.7 GHZ, 40GB HDD, 256 RAM) that are going to be running WINDOWS 2000
> NT NOS. Our system is set up so that our student users don't have
> right-mouse outside of applications such as MS-Office. Students have
no
> right to alter "c:\".
>
> We are going to ghost a machine and use that clone the image to the
> remaining 20 systems.
>
> Students have access to the web (with some restrictions imposed by the
> requyired filtering systems) but our principle problems are spyware,
> and of course the ususal viruses, trojans and so forth. We are running
> Symantec with live upadates for these latter, but we still get a lot
of
> problems with unwanted plug-ins (eg "whenusearch" attaching to
> Explorer).
>
> A couple of questions come to mind.
>
> I'm considering installing Adaware, and Spybot S&D on the original
> machine from which the ghost will be created. Are these the most
> time-efficient, user-friendly and effective Malware products?
>
> Is reghosting from a pristine or defragged machine an adequate
> maintenance alternative to defragmenting and disk clean up or are
there
> good reasons for going around and deleting unnecessary programs and
> temp files before running scandisk and defrag better in some
measurable
> way?
>
> I'm trying to ensure I spend as little time fiddling as possible,
> because, in practice time comes to us teachers in bits and pieces and
> getting half way through a task and having to do something else is
> quite common.
>

I forget the name of the software product, but it allows you to set the
machine up, so any changes made to the base image are lost after a reboot.
Therefore, if a machine gets infected with spyware, just reboot it, and it's
gone.

As long as the students save their work to a network drive, there shouldn't
be any problems.

Matt Gibson - GSEC


"FRAN" <> wrote in message
news: oups.com...
> Our school has just recently taken delivery of a number of Dell PCs
> (1.7 GHZ, 40GB HDD, 256 RAM) that are going to be running WINDOWS 2000
> NT NOS. Our system is set up so that our student users don't have
> right-mouse outside of applications such as MS-Office. Students have no
> right to alter "c:\".
>
> We are going to ghost a machine and use that clone the image to the
> remaining 20 systems.
>
> Students have access to the web (with some restrictions imposed by the
> requyired filtering systems) but our principle problems are spyware,
> and of course the ususal viruses, trojans and so forth. We are running
> Symantec with live upadates for these latter, but we still get a lot of
> problems with unwanted plug-ins (eg "whenusearch" attaching to
> Explorer).
>
> A couple of questions come to mind.
>
> I'm considering installing Adaware, and Spybot S&D on the original
> machine from which the ghost will be created. Are these the most
> time-efficient, user-friendly and effective Malware products?
>
> Is reghosting from a pristine or defragged machine an adequate
> maintenance alternative to defragmenting and disk clean up or are there
> good reasons for going around and deleting unnecessary programs and
> temp files before running scandisk and defrag better in some measurable
> way?
>
> I'm trying to ensure I spend as little time fiddling as possible,
> because, in practice time comes to us teachers in bits and pieces and
> getting half way through a task and having to do something else is
> quite common.
>

Gary S. Terhune wrote:
> Not sure why you added the Win98 group to this, but here's my answer:
>


Thanks for answering all the same. I wasn't sure where to ask this
question.

> 1. While Ad-Aware and Spybot are excellent apps, I don't recommend
using
> them except as after-the-fact scanners. Any of their options that
> include real-time protection *may* cause problems. And Spybot's
> "Immunize" and other features besides simple scanning are also known
to
> be potentially problematic. Whether your systems encounter these
> problems or not is pretty much a toss of the dice. What keeps *my*
> system clean is SpywareBlaster, along with the MVPS HOSTS file. You
> should also add CWShredder to your arsenal of scanners. For more info
> and links, see the Security article in my sig.
>

Thanks again.

> 2. The amount of time required to restore an image is probably more,
> overall, than performing maintenance procedures. But the amount of
> "hands-on" time is much less. Restoring an image, you have a single
> operation to perform, and then you leave it until it's done. Running
> maintenance means running several operations that take anywhere from
a
> few minutes to an hour or more, and while some things can be
scripted,
> there are still a number of moments when operator input is required.
And
> even then, you do not have a "known state". Assuming that you have no
> need to preserve anything that was added to the system after
> installation, the imaging method is the simplest and surest method of
> maintaining your lab machines.
>
> --

Excellent. We can run stuff overnight when everyone's gone home, so if
that's the only objection, then I think I have my answer.

Fran

Matt Gibson wrote:
> I forget the name of the software product, but it allows you to set
the
> machine up, so any changes made to the base image are lost after a
reboot.
> Therefore, if a machine gets infected with spyware, just reboot it,
and it's
> gone.
>
> As long as the students save their work to a network drive, there
shouldn't
> be any problems.
>
> Matt Gibson - GSEC
>
>

I seem to remember HP making something like this -- one person
demonstrating by deleting system files and then rebooting.

The cost of the licences might kill off this approach though.

Fran
> "FRAN" <> wrote in message
> news: oups.com...
> > Our school has just recently taken delivery of a number of Dell PCs
> > (1.7 GHZ, 40GB HDD, 256 RAM) that are going to be running WINDOWS
2000
> > NT NOS. Our system is set up so that our student users don't have
> > right-mouse outside of applications such as MS-Office. Students
have no
> > right to alter "c:\".
> >
> > We are going to ghost a machine and use that clone the image to the
> > remaining 20 systems.
> >
> > Students have access to the web (with some restrictions imposed by
the
> > requyired filtering systems) but our principle problems are
spyware,
> > and of course the ususal viruses, trojans and so forth. We are
running
> > Symantec with live upadates for these latter, but we still get a
lot of
> > problems with unwanted plug-ins (eg "whenusearch" attaching to
> > Explorer).
> >
> > A couple of questions come to mind.
> >
> > I'm considering installing Adaware, and Spybot S&D on the original
> > machine from which the ghost will be created. Are these the most
> > time-efficient, user-friendly and effective Malware products?
> >
> > Is reghosting from a pristine or defragged machine an adequate
> > maintenance alternative to defragmenting and disk clean up or are
there
> > good reasons for going around and deleting unnecessary programs and
> > temp files before running scandisk and defrag better in some
measurable
> > way?
> >
> > I'm trying to ensure I spend as little time fiddling as possible,
> > because, in practice time comes to us teachers in bits and pieces
and
> > getting half way through a task and having to do something else is
> > quite common.
> >

FRAN wrote:
> Our school has just recently taken delivery of a number of Dell PCs
> (1.7 GHZ, 40GB HDD, 256 RAM) that are going to be running WINDOWS
2000
> NT NOS. Our system is set up so that our student users don't have
> right-mouse outside of applications such as MS-Office. Students have
no
> right to alter "c:\".
>
> We are going to ghost a machine and use that clone the image to the
> remaining 20 systems.
>
> Students have access to the web (with some restrictions imposed by
the
> requyired filtering systems) but our principle problems are spyware,
> and of course the ususal viruses, trojans and so forth. We are
running
> Symantec with live upadates for these latter, but we still get a lot
of
> problems with unwanted plug-ins (eg "whenusearch" attaching to
> Explorer)

BHODemon can help you weed out unwanted "browser helper objects". Of
course you could adopt the unpopular (among the students) policy to
block all java and activeX activity with the firewall unless there is
some very good reason that they must be available.

>
> A couple of questions come to mind.
>
> I'm considering installing Adaware, and Spybot S&D on the original
> machine from which the ghost will be created. Are these the most
> time-efficient, user-friendly and effective Malware products?
>
> Is reghosting from a pristine or defragged machine an adequate
> maintenance alternative to defragmenting and disk clean up or are
there
> good reasons for going around and deleting unnecessary programs and
> temp files before running scandisk and defrag better in some
measurable
> way?
>
> I'm trying to ensure I spend as little time fiddling as possible,
> because, in practice time comes to us teachers in bits and pieces and
> getting half way through a task and having to do something else is
> quite common.

"Matt Gibson" <> wrote in message
news:...
>I forget the name of the software product, but it allows you to set the
>machine up, so any changes made to the base image are lost after a reboot.
>Therefore, if a machine gets infected with spyware, just reboot it, and
>it's gone.
>
> As long as the students save their work to a network drive, there
> shouldn't be any problems.
>
> Matt Gibson - GSEC

I'm pretty sure my school has a program like this. It might be some sort of
extention for Ghost.

From: "FRAN" <>

| Our school has just recently taken delivery of a number of Dell PCs
| (1.7 GHZ, 40GB HDD, 256 RAM) that are going to be running WINDOWS 2000
| NT NOS. Our system is set up so that our student users don't have
| right-mouse outside of applications such as MS-Office. Students have no
| right to alter "c:\".
|
| We are going to ghost a machine and use that clone the image to the
| remaining 20 systems.
|
| Students have access to the web (with some restrictions imposed by the
| requyired filtering systems) but our principle problems are spyware,
| and of course the ususal viruses, trojans and so forth. We are running
| Symantec with live upadates for these latter, but we still get a lot of
| problems with unwanted plug-ins (eg "whenusearch" attaching to
| Explorer).
|
| A couple of questions come to mind.
|
| I'm considering installing Adaware, and Spybot S&D on the original
| machine from which the ghost will be created. Are these the most
| time-efficient, user-friendly and effective Malware products?
|
| Is reghosting from a pristine or defragged machine an adequate
| maintenance alternative to defragmenting and disk clean up or are there
| good reasons for going around and deleting unnecessary programs and
| temp files before running scandisk and defrag better in some measurable
| way?
|
| I'm trying to ensure I spend as little time fiddling as possible,
| because, in practice time comes to us teachers in bits and pieces and
| getting half way through a task and having to do something else is
| quite common.

Fran:

All those News Groups and to most, you have posted Off Topic.
What you posted has NOTHING to do with Win98 or FireWalls !
Not one of the News Groups was for a Win2K News Group or a Security News Group !

Ad-aware SE and SpyBot S&D are good choices !

Ghosting a source PC and Ghosting to the other platforms is an excellent idea. I use
Symantec Ghost Enterprise in a corporate environment and it it is highly valuable in
deploying and maintaininmg the platforms.

Before you Ghost the platform, make sure Win2K SP4 is installed, all MS Office Service
Packs are installed and all MS Critical Updates are installed. Install Mozilla FireFox as
the default browser and configure all aspects of software. When done copy the profile to
the Default User profile. Then make your clone. When you get down do, there is no need to
worry about defragging prior to a Ghost image or after restoring a Ghost image. Defragging
is the LEAST of your worries and shouldn't be a consideration at all.


--
Dave

Software that returns a computer to 'original state on a boot is Go-Back
from Symantec.

For cleaning the computers, try Microsoft's AntiSpyware Beta. It runs in
the background and updates automatically.

"FRAN" <> wrote in message
news: oups.com...
> Our school has just recently taken delivery of a number of Dell PCs
> (1.7 GHZ, 40GB HDD, 256 RAM) that are going to be running WINDOWS 2000
> NT NOS. Our system is set up so that our student users don't have
> right-mouse outside of applications such as MS-Office. Students have no
> right to alter "c:\".
>
> We are going to ghost a machine and use that clone the image to the
> remaining 20 systems.
>
> Students have access to the web (with some restrictions imposed by the
> requyired filtering systems) but our principle problems are spyware,
> and of course the ususal viruses, trojans and so forth. We are running
> Symantec with live upadates for these latter, but we still get a lot of
> problems with unwanted plug-ins (eg "whenusearch" attaching to
> Explorer).
>
> A couple of questions come to mind.
>
> I'm considering installing Adaware, and Spybot S&D on the original
> machine from which the ghost will be created. Are these the most
> time-efficient, user-friendly and effective Malware products?
>
> Is reghosting from a pristine or defragged machine an adequate
> maintenance alternative to defragmenting and disk clean up or are there
> good reasons for going around and deleting unnecessary programs and
> temp files before running scandisk and defrag better in some measurable
> way?
>
> I'm trying to ensure I spend as little time fiddling as possible,
> because, in practice time comes to us teachers in bits and pieces and
> getting half way through a task and having to do something else is
> quite common.
>

1) I don't know who or why someone said hands on maintince is eaiser or
takes less time than a image restore, but they are full of crap. I'd
rather reload from an image that try to remove spyware anyday.

2) Create the first OS. get it setup exactly the way you want, then use
sysprep to prepare the image for cloning.

3) There are several products available for cloning discs, Ghost the
most popular, I prefer Acronis True image.

4) The product you really need is Deep Freeze. ANY changes to the OS
and filesystem are lost after a reboot. It is probally somewhat
expensive, BUT, it really saves on the TCO. You will have no need for
any Spyware or AntiVirus software. They also offer an educational
package discount.
http://www.faronics.com/html/edsolutions.asp