Related to a recent discussion on security in public computers and what
system was better: 2K or XP, I would like to draw your attention to the
problem below copied from Symantec's website.
In yonder discussion I pointed out that system restore created unnecessary
overhead in the system and that it should always be disabled.
I still think that 2K + 3rd. party utilities will beat XP in public
computers anytime on speed and security.
This is particularly interesting now that people who don't take adequate
precautions are being attacked by worms and other nasties.
Comments are welcome, try to keep it professional (you know who you are).

1. Disabling System Restore (Windows Me/XP)
If you are running Windows Me or Windows XP, we recommend that you
temporarily turn off System Restore. Windows Me/XP uses this feature, which
is enabled by default, to restore the files on your computer in case they
become damaged. If a virus, worm, or Trojan infects a computer, System
Restore may back up the virus, worm, or Trojan on the computer.

Windows prevents outside programs, including antivirus programs, from
modifying System Restore. Therefore, antivirus programs or tools cannot
remove threats in the System Restore folder. As a result, System Restore has
the potential of restoring an infected file on your computer, even after you
have cleaned the infected files from all the other locations.

Also, a virus scan may detect a threat in the System Restore folder even
though you have removed the threat.

For instructions on how to turn off System Restore, read your Windows
documentation, or one of the following articles:
a.. "How to disable or enable Windows Me System Restore"
b.. "How to turn off or turn on Windows XP System Restore"

For additional information, and an alternative to disabling Windows Me
System Restore, see the Microsoft Knowledge Base article, "Antivirus Tools
Cannot Clean Infected Files in the _Restore Folder," Article ID: Q263455.

Report this post to a moderator

"Pikoro" <pikoro@comcast.net> wrote in
news:qemdnfePBbTdT6OiU-KYvw@comcast.com:

> Related to a recent discussion on security in public computers and
> what system was better: 2K or XP, I would like to draw your
> attention to the problem below copied from Symantec's website.
> In yonder discussion I pointed out that system restore created
> unnecessary overhead in the system and that it should always be
> disabled. I still think that 2K + 3rd. party utilities will beat
> XP in public computers anytime on speed and security.

I think you are wrong. I just setup a Windows Server 2003 (based on
XP code) at home for my MCSE classes later this year. Terminal
Services (Remote Desktop) is disabled by default (over 2000 server).
Also, Internet Explorer is set to high security as a default so you
cannot go to any untrusted web sites. And for some stupid reason,
the audio is disabled by default and can only be re-enabled by a
system administrator!

So Microsoft is closing all hatches so-to-speak. The built-in
firewall for XP will be turned on by default when you apply SP2 or so
I read. I don't think XP is inherently insecure over Windows 2000:
after all, the first build of it _was_ Windows 2000. It all depends
on who is running that box that makes it insecure.

> 1. Disabling System Restore (Windows Me/XP)
> If you are running Windows Me or Windows XP, we recommend that you
> temporarily turn off System Restore. Windows Me/XP uses this
> feature, which is enabled by default, to restore the files on your
> computer in case they become damaged. If a virus, worm, or Trojan
> infects a computer, System Restore may back up the virus, worm, or
> Trojan on the computer.

I actually went to one of those Microsoft Road Shows where the
presenter was showing off System Restore. I really wanted to ask how
to use it if Windows XP won't boot, but I never got the chance. They
really don't ask questions during those type of shows and that's
probably a good thing.

Disinfecting viruses in Windows was never a good idea anyways, Now
that we have Windows PE coming into play, it really doesn't matter if
System Restore is enabled or not, as you can use an antivirus within
Windows PE to scan all the files on your partition.

Incidentally, I don't see System Restore in Windows Server 2003.
Maybe Microsoft now agrees that System Restore is pretty useless.

Ada

Report this post to a moderator

Yes and no. XP is most certainly OK for public computers if it is set up
correctly. However the article you point to actually is relevant for any
system running restore, whether it is ME/XP with their built in restore or
W9X or W2K using a third party utility such as GoBack or SecondChance. The
problem with all of these is that they will also copy the nasty stuff
(virus, trojan, worm etc.) and will bring it back to life in the event of a
restore. The best practice is to stop the restore utility, disenfect the
system, restart the utility and create a new restore point (I usually label
this SAFE).

Report this post to a moderator

Adam

When XP doesn't boot you use several other functions rather than System
restore. usually first up is "Last Known Good Configuration". The other
thing to take into account with your comment "Incidentally, I don't see
System Restore in Windows Server 2003. Maybe Microsoft now agrees that
System Restore is pretty useless." is that you are talking a Server
operating system. Things like System Restore and GoBack are designed for
end user desktop systems and not servers. For a server with a RAID array
system restore just would not work efficiently compared to the usual methods
used by system admin.

Report this post to a moderator

"RussS" <yeah_right@roflmao.com> wrote in
news:cCE%a.118829$JA5.2691022@news.xtra.co.nz:

> Adam
>
> When XP doesn't boot you use several other functions rather than
> System restore. usually first up is "Last Known Good
> Configuration".

Assuming that you have a "Last known good configuation", sure.

The other thing to take into account with your
> comment "Incidentally, I don't see System Restore in Windows
> Server 2003. Maybe Microsoft now agrees that System Restore is
> pretty useless." is that you are talking a Server operating
> system. Things like System Restore and GoBack are designed for
> end user desktop systems and not servers. For a server with a
> RAID array system restore just would not work efficiently compared
> to the usual methods used by system admin.

Mastering Windows Server 2003 by Mark Minasi (Sybex)

"As with some other Windows Server 2003 features, they’re
not exactly new, as they first appeared in XP, but they’re new to
Server. Unfortunately, one of the three, System Restore, apparently
doesn’t come with Server, and that’s puzzling: it’s an XP tool that
lets you roll back the entire state of a system to some time in the
past, undoing the effects of installing some new unreliable program
that’s made your previously reliable system wobbly. I don’t know why
they left it out of Server; perhaps we’ll see it return with a future
version of Server. (Page 16-17).

Adam

Report this post to a moderator

Like I said Adam. System Admin have many ways of rebuilding their systems
after a disaster (well, they should if they are half way competent).
The reason I see System Restore as not being a viable alternative (and I
wonder why an author like Mark didn't consider this) is that firstly most
that I have come across use the systems hard drive to save the restore files
and dang near everywhere I have been just does not have that available
space - actually most places are juggling storage by deleting users 5 year
old mail, MP3 and AVI collections to get a little working space. The other
major issue is that trying every possible tweak I could find I could not get
System Restore to work properly on a RAID array. Actually from my
investigations none of the various System Restore manufacturers recommend
using it on RAID arrays.

Report this post to a moderator

Erm, seems to me that we are mixing apples and oranges here.
I wasn't talking about 2003 Server, I have no experience with it.
Regarding System Restore my experience when working on a tech support help
desk, and that of my colleagues there, has been that System Restore is a
very buggy and unreliable feature, which also slows down the system because
of its continuous monitoring.
Don't forget that Microsoft's strength is in the desktop, not the server
market. With XP they targeted the massive home/small business segment of
inexperienced users and added this ME feature, trying to make the system
"easy" and "cool". XP has never been a server OS, that is why you see System
Restore there.
Microsoft didn't care so much for speed with XP, that is why you see the
cartoonesque interface, System restore and other similar waste of system
resources.
Regarding your quote, I cannot very well see why a Server would miss System
Restore, in what way would it help? Make the system slower and less
reliable? Waste valuable disk space? A basic Server admin has a backup
policy that makes System Restore redundant, supposing this thing even works
as well as a backup.
Of course, you scan your HDD for viruses and nasties previous to any backup,
but that is precisely what System Restore won't do, the user will get
re-infected or have to go through the routine that Microsoft describes in
the KB article. How many will?
If Microsoft decided to bury System Restore with 2003 Server it certainly
won't be a funeral where many people cry.
Regarding the discussion of what system works better on public computers, I
still think that 2K SP4 is faster, more reliable, and, if coupled with
adequate 3rd. party utilities, more secure than XP.
I hope that


"Adam Leinss" <aleinss@toughguy.net> wrote in message
news:Xns93DA885B44F5Daleinssto
ughguynet@toughguy.net...
> "RussS" <yeah_right@roflmao.com> wrote in
> news:cCE%a.118829$JA5.2691022@news.xtra.co.nz:
>
> > Adam
> >
> > When XP doesn't boot you use several other functions rather than
> > System restore. usually first up is "Last Known Good
> > Configuration".
>
> Assuming that you have a "Last known good configuation", sure.
>
> The other thing to take into account with your
> > comment "Incidentally, I don't see System Restore in Windows
> > Server 2003. Maybe Microsoft now agrees that System Restore is
> > pretty useless." is that you are talking a Server operating
> > system. Things like System Restore and GoBack are designed for
> > end user desktop systems and not servers. For a server with a
> > RAID array system restore just would not work efficiently compared
> > to the usual methods used by system admin.
>
> Mastering Windows Server 2003 by Mark Minasi (Sybex)
>
> "As with some other Windows Server 2003 features, they're
> not exactly new, as they first appeared in XP, but they're new to
> Server. Unfortunately, one of the three, System Restore, apparently
> doesn't come with Server, and that's puzzling: it's an XP tool that
> lets you roll back the entire state of a system to some time in the
> past, undoing the effects of installing some new unreliable program
> that's made your previously reliable system wobbly. I don't know why
> they left it out of Server; perhaps we'll see it return with a future
> version of Server. (Page 16-17).
>
> Adam

Report this post to a moderator

OOps, this one shot away without letting me finish it.
Sleep made mis fingers trip and hit the key combination.
Should've ended like so:
I hope that 2003 Server will eventually outperform 2K but it won't certainly
be via a "popular" development like XP and it's dreadful System Restore.

"Pikoro" <pikoro@comcast.net> wrote in message
news:8x6dndh9FYwTwdyiXTWJjw@co
mcast.com...
> Erm, seems to me that we are mixing apples and oranges here.
> I wasn't talking about 2003 Server, I have no experience with it.
> Regarding System Restore my experience when working on a tech support help
> desk, and that of my colleagues there, has been that System Restore is a
> very buggy and unreliable feature, which also slows down the system
because
> of its continuous monitoring.
> Don't forget that Microsoft's strength is in the desktop, not the server
> market. With XP they targeted the massive home/small business segment of
> inexperienced users and added this ME feature, trying to make the system
> "easy" and "cool". XP has never been a server OS, that is why you see
System
> Restore there.
> Microsoft didn't care so much for speed with XP, that is why you see the
> cartoonesque interface, System restore and other similar waste of system
> resources.
> Regarding your quote, I cannot very well see why a Server would miss
System
> Restore, in what way would it help? Make the system slower and less
> reliable? Waste valuable disk space? A basic Server admin has a backup
> policy that makes System Restore redundant, supposing this thing even
works
> as well as a backup.
> Of course, you scan your HDD for viruses and nasties previous to any
backup,
> but that is precisely what System Restore won't do, the user will get
> re-infected or have to go through the routine that Microsoft describes in
> the KB article. How many will?
> If Microsoft decided to bury System Restore with 2003 Server it certainly
> won't be a funeral where many people cry.
> Regarding the discussion of what system works better on public computers,
I
> still think that 2K SP4 is faster, more reliable, and, if coupled with
> adequate 3rd. party utilities, more secure than XP.
> I hope that
>
>
> "Adam Leinss" <aleinss@toughguy.net> wrote in message
> news:Xns93DA885B44F5Daleinssto
ughguynet@toughguy.net...
> > "RussS" <yeah_right@roflmao.com> wrote in
> > news:cCE%a.118829$JA5.2691022@news.xtra.co.nz:
> >
> > > Adam
> > >
> > > When XP doesn't boot you use several other functions rather than
> > > System restore. usually first up is "Last Known Good
> > > Configuration".
> >
> > Assuming that you have a "Last known good configuation", sure.
> >
> > The other thing to take into account with your
> > > comment "Incidentally, I don't see System Restore in Windows
> > > Server 2003. Maybe Microsoft now agrees that System Restore is
> > > pretty useless." is that you are talking a Server operating
> > > system. Things like System Restore and GoBack are designed for
> > > end user desktop systems and not servers. For a server with a
> > > RAID array system restore just would not work efficiently compared
> > > to the usual methods used by system admin.
> >
> > Mastering Windows Server 2003 by Mark Minasi (Sybex)
> >
> > "As with some other Windows Server 2003 features, they're
> > not exactly new, as they first appeared in XP, but they're new to
> > Server. Unfortunately, one of the three, System Restore, apparently
> > doesn't come with Server, and that's puzzling: it's an XP tool that
> > lets you roll back the entire state of a system to some time in the
> > past, undoing the effects of installing some new unreliable program
> > that's made your previously reliable system wobbly. I don't know why
> > they left it out of Server; perhaps we'll see it return with a future
> > version of Server. (Page 16-17).
> >
> > Adam
>
>

Report this post to a moderator