In the spirit of Business Continuity Awareness Week, here is my plan for home computing disaster readiness. As most are aware, I am seeking my next success, and cannot afford to have downtime at this critical employment junction. My primary means of initial contact for procuring a position remains email and online. The kids and now the grandkids seem to dominate the cordless telephone, and hunting it down in the labyrinth that is our multi-level home is a monumental task, even with the handy “locator beacon” from the charging station. I go on that mission only when I really have to.
Over the weekend, I completed the tasks involved in upgrading my computer hard drives, and clean installing my operating system. I replaced the small IDE boot drive with a 2TB SATA drive, maxing out all 4 SATA connections, and eliminating the IDE bottleneck. The IDE interface is considerably slower, and now there is once again, room for data to grow. And it will…
While I was at it, I took the time to try Comodo’s Time Machine (CMT) product. It can be thought of as Windows Restore Point on steroids. It provides the user with the ability to create images or snapshots of their system at various stages of installation, protecting the system from corruption, degradation, and malware infection by allowing the user to rollback at any time to a previously good configuration. Here is how it rolled out for me:
- First, I downloaded all of the major updates I would need before disconnecting the network cable, and moved all of the important information from my C: drive to the space available on the other drives in my system. This included archiving my email and contacts, moving the My Documents folder, copying my browser Favorites, and unread PDFs that were sitting on my desktop.
- Next, I removed the C: drive and one of the smaller drives (after migrating the data elsewhere) and replaced it with the much larger 2TB drive. It was auto-detected by the BIOS at next boot up. I placed my Operating System CD in the DVD drive, and proceeded to format and install to the new drive, making it C: . I immediately installed Service Pack-1 and 2 for Vista, rebooted the system several times and ran the basic functions to ensure all was working correctly, installed CTM, and created my first image (this is the “baseline”). I now had a reliable installation and could make changes with minimal risk.
- I then installed my personal firewall and integrity checking program. This is a requirement before going online to get further updates. In my own experiments and those of others, an unprotected system will last about 15 minutes on the internet before being discovered, and once discovered, it will generally be probed for vulnerabilities within another 20 minutes. Shortly after that, it will be attacked, and most likely compromised before the first hour has elapsed.
- Next, I re-installed my network cable, and rebooted again, to get a clean internet connection, identify the “trusted” network, and get any updates for the firewall, IDS, and A/V software. One thing that I did not note beforehand was that the integrity checker returned to aggressive mode during the update process, setting itself to block all changes to system files silently. As I went about initiating windows update, the integrity checker was reversing some of the changes being made. This caused a corruption of several O/S files, including MMC (used to view system log files among other things), licensing services, and the anti-virus software. I got a LOT of errors.
- Since the O/S was now unstable and unreliable, I had two choices. Spend another 3 hours redoing everything that I had just done, or rollback to the baseline snapshot. Rolling back took all of about 10 minutes, and allowed me to start again, at the 2 hour in spot. NICE! I repeated the process, this time disabling the integrity checker temporarily. After the operating system and installed applications were completely updated, the integrity checker was restarted and set to the appropriate level.
- Another snapshot was taken at this point after verifying that everything was stable. I could now roll back to 2 points in my systems rejuvenated history at a moment’s notice. I now began to install the essential applications; Office Suite, PDF reader, and sidebar widgets. Once they were in place and tested, another snapshot was taken before again pursuing updates. Word and Outlook became problematic after one particular update. Running the Office Diagnostics Tool fixed that, saving me from another rollback. It was there if I had needed it, though. Cool comfort.
- At the end of the exercise, I had seven snapshots available. I decided to roll the baseline up to the point where I had the OS installed and fully patched, and then picked 2 other key points that I wanted to maintain, then selected to “lock” those snapshots. Locking them prevents them from being accidentally deleted. I now looked to reduce the space that these snapshots were taking up on my hidden partition by deleting the unneeded ones and compressing those that remain.
I selected the option to have TCM create a tiny snapshot of the system at every reboot. In the event of a problem, be it malware, bad installation or system instability, I have at my disposal a method of restoring my system to its last known good configuration, as well as several known good configs from its original installation. Not bad at all.