I found the best way to protect a PC…and I have set up over 20 so far like this:
First I install a second hard drive. Then I set up BIOS to use this new hard drive as HDD0
Next I install the operating system on this new drive…(I favor XP Professional)
Then I disable all the services which are not needed, ESPECIALLY those which are
well known security risks, like Remote desktop, Remote Registry, Telnet just quoting a few.
Then I install some useful software (Freeware) like Comodo, Quickstart,Autorun etc.
Using Quickstart I disable all auto starts with windows EXCEPT Comodo, set my Fire wall
rules and reboot. Then I install the rest of my software, do my registry hacks as outlined
in my post: closing ports 135 137 445 and shut down nbname using regedit
Last not least I download a (Free) program called XXCLONE from http://www.xxclone.com
Next I use my admin options and quick format my second hard drive HDD1
Then I use XXCLONE and make a bootable clone of HDD1
After that HDD0 WILL NEVER SEE THE INTERNET AGAIN!
I reboot, enter BIOS and make HDD1 my boot up drive and download whatever I want,
Trial software, Trojans, Viruses, whatever…just to see what methods they employ.
When I had my fill I simply change my boot up with BIOS back to HDD0 and wipe out
the entire hard drive HDD1, reclone it and 12 minutes later I am back on the Internet
with HDD1 as a brand new lean and mean Internet machine…
I have no need for any anti this and anti that software. The Comodo Fire wall however
is GREAT in finding out how this malware tries to hijack a PC and as far as I am concerned
it is by itself ALREADY the BEST Malware detection system as long as you save your
logs and pay attention to what the Fire wall tells you about connection attempts.
I also use this system to hack the Windows registry, dll and exe files with inpunity.
You would be amazed to see how much junk like Windows tour etc is in the System 32
folder. Windows XP can be trimmed down SIGNIFICANTLY and then work LIGHTNING
fast. After all my axing is done I use 4 different free Registry Cleaners to clean up and
then System Internal`s Registry defrag function to compact the Registry.
So I really have no worries whatsoever about worms,viruses,trojans,adware or malware
of any shape or form. I do use Spybots and Adaware just to get rid of the junk
that comes with Windows out of the box…after that just to amuse myself.
Note: Title changed and post moved by mod to reflect content
How do you have HDD0 setup so HDD1 cannot access it, hence making it not able to get infected once HDD1 is?
If you go to My Computer and “HDD0” can be seen, and is not protected, then malware can infect the image on that drive and destroy it.
While your overall concept is valid (second physical disk holding an image of the boot disk and cloning when necessary), you’ve missed one point that would tick a lot of people off. If your O/S and apps are on one hard drive, and the other hard drive is “uncontactable” and therefore protected, I assume your users are saving their data onto the disk the system is booting from. If so, aren’t they goling to lose their data when the disk is reimaged.
Wouldn’t it be better, rather than cloning the boot disk to the second hard drive, to create an image file of the boot disk and save this to the second hard disk. “My Documents” could be redirected to the second hard disk and your backup strategy could backup your email data to the second hard disk. This way, IF your boot disk gets munted, you could restore from the image file on the second hard disk AND your user hasn’t lost all their work as it is on the second hard disk.
I know that’s the type of solution my users would look for.
Ewen 
P.S. Get a REAL imaging solution!
Bernhard has left us, Therefore, This thread’s purpose has ended.
Thread Closed.
Cheers,
Josh