1. Slipstreaming Or: Installing, patching, securing, and tweaking a new windows installation in one (mostly) easy step

2. Why For? 0-Infected: Faster than a Ferrari –Honeynet project: www.honeynet.orgwww.honeynet.org Firewalls?! Distribution costs

3. The Challenge Install where you can’t be attacked Patch without being attacked Finish configuring without being attacked

4. Secure Install Methods Offline install –CDs, USB keys, external drives, etc Filtered access –Software firewall, hardware firewall Drive Imaging –Universal Imagining UtilityUniversal Imagining Utility

5. Slipstreaming Techniques Patching –Patches install files Unattended installs –Tweaking –Add-ons

6. Slipstreaming Methods Manual –Based on command-line Automatic –Totally tool driven Semi-auto –Somewhere in between

7. Manual Patches and SPs have CLI options Chaining Copy cd contents to C:\XP-CD Service Pack 2 Extract: MKDIR c:\XP-SP2 XP-SP2.EXE /U /X:C:\XP-SP2 Apply the SP: C:\XP-SP2\i386\UPDATE\UPDATE.EXE -S:C:\XP-CD

8. Automatic Free Tools! –XPCREATEXPCREATE –AutoPatcherAutoPatcher –nLitenLite

9. Semiautomatic Use nLite for automated patch integration, some fixes Manually incorporate other software –Mcafee –Office

10. nLite Let’s play!

11. Testing Virtual PC –Free for MSDN subscribers Vmware –$$ BOCHS/Qemu –Free, but unsure of reliability

12. Potential Issues Licensing –Microsoft Select Agreement –Other software? Keys pre-populated?

13. Questions? Jordan Wiens Network Security Engineer 352-392-2061 ufirt@ufl.edu http://infosec.ufl.edu/