Only trust what you made urself
Recently I came across this app called nLite, which is a free app to help you customise and build custom slipstreamed unattended WinXP install discs. It's a pretty nifty tool, allowing you to select hotfixes and SP2 to integrate into your existing WinXP SP0 disc, remove built-in apps/services, auto-configure things like computer name, user accounts, even the CD key!
It can also go in and add new drivers for you to be included in setup, no more F6 for RAID!
I tried it, from a 550MB WinXP SP0, I slipstreamed SP2 and ran nLite. The resulting unattended WinXP SP2 install disc size? 300+MB. Impressive.
Only 1 problem. How can you trust that nLite didn't add something special into your WinXP install? Afterall u keyed in ur cdkey and it is obviously able to add new services, apps even drivers into your WinXP cab files. So, what is stopping it from installing a customised callback?
Answer: nothing. This comes back to the free app + embedded trojan trick I said b4.
In the end, only trust what you made yourself. Slipstream the SP2, slipstream the hotfix. But stop there and burn it. If it's too big, search the net to remove the extra stuff like SUPPORT and LANG and VALUEADD, etc. Or just burn into DVD since nowadays all DVD-ROM anyway.
It can also go in and add new drivers for you to be included in setup, no more F6 for RAID!
I tried it, from a 550MB WinXP SP0, I slipstreamed SP2 and ran nLite. The resulting unattended WinXP SP2 install disc size? 300+MB. Impressive.
Only 1 problem. How can you trust that nLite didn't add something special into your WinXP install? Afterall u keyed in ur cdkey and it is obviously able to add new services, apps even drivers into your WinXP cab files. So, what is stopping it from installing a customised callback?
Answer: nothing. This comes back to the free app + embedded trojan trick I said b4.
In the end, only trust what you made yourself. Slipstream the SP2, slipstream the hotfix. But stop there and burn it. If it's too big, search the net to remove the extra stuff like SUPPORT and LANG and VALUEADD, etc. Or just burn into DVD since nowadays all DVD-ROM anyway.
posted by Beng Hacks at 7:09 PM
6 Comments:
hi beng hacks, interesting blogs u had.
Presume that users had monitoring software that is running? Eg: Wireshark aka Ethereal
ethereal? wat has tt got 2 do wif slipstreaming or hiding something? if the trojan is a gd 1 ethereal wont detect much. or wont even c nething.
the idea of slipstreaming is solid man. maybe use a dvd instead for all the stuff? i wonder if all hotfixes can b downloaded at 1 go into a single file. i bet alot of ppl wld download. much easier than downloading 1 by 1.
Wireshark can be useful to check if got illegal traffic. That combined with a good firewall can block any naughty activity if nLite put anything in it.
Combine that with ProcessViewer and you can find the culprit.
Got such thing as combined hotfix lor... it's called service pack =P
having said that, u need to develop your own compiler, because you don't know what Microsoft/Borland or gcc add into their compilers.
GCC is ok, cuz there is source code and GCC has been around for a long long time with the community hving done code review.
Borland/M$ suspicious yes.
Post a Comment
<< Home