Windows 7 Stripping & Hardening, Part 1: OS Tools

Windows 7 Stripping & Hardening, Part 1

OS Tools

Andrea Covello
von Andrea Covello
Lesezeit: 8 Minuten

Ever tried to install windows 7 in a virtual machine for testing purposes? Well… then you probably know that is a resource consuming task in terms of memory footprint.In test environment you may need to have more than one windows 7 machine running at time and if you like to use a laptop running VMware or Virtualbox or whatever virtualizing tool you may have, it will probably eat all your memory resources with just a few VM instances. This is where the stripping part of this article comes to count.

Out of the box Microsoft enables too many services and delivers all possible set of executable in standard installation. This means that on your hard disk you’ll find programs that you’ll probably never use; this is not only a waste of disk space but also a security concern. As a matter of fact, the more code you’ve installed in your operating system, the more “attack surface” you are presenting to malware events.

It is good practice in security hardening to remove first all part of functionality (executable code) that are not strictly needed inside an operating system as long the function needed are not affected. This is called “stripping” and we’ll talk about it here in the first part of this LAB article.

Using tools

The first approach would be to customize the windows installation making use of the WAIK (Windows Automated Installation Kit) a set of tools and documentation provided by Microsoft to support configuration and deployment of windows operating systems. This process requires manual interventions and a solid knowledge of the windows architecture and modules dependency. Of course the “doing by hand” philosophy provides many goodies and is surely the preferred way for the ones who want to have control of every step of the stripping process, but requires much more skill and time to accomplish.

RT Seven Lite

Here I want to present an easier way to accomplish such complex task with less hassle, and therefore I will introduce RTSe7enLite.

This tool has been developed by Rockers Team to customize windows OS allowing following features to be implemented:

RT 7 Lite is free for personal and commercial usage and capable to customize and strip down Windows client & server versions but has following prerequisites:

How does it work?

 

Step Menu Description
1 Startup During the firts startup RT7lite will ask you to provide the windows source files: a DVD/ISO image or a destination folder with the installation files inside
2 Destination Select a destination folder where the files will be extracted to
3 Version After the file extraction, you’ll be asked to select the windows version to configure
4 Here you’ll select how to proceed the customization: manually or selecting a preconfigured setting
5 This dialog will ask you to provide 3.rd party software (silent installer only) or windows security updates (this is an optional step)
6 Select components to deactivate and/or its related binaries to (optionally) remove
7 Here you may define tons of configuration customization (like services, security, desktop, system or custom registry settings)
8 Here you can select all default settings to make your installation running in silent mode providing license, usernames, system name, RunOnce settings and much more
9 Now may define your themes, wallpapers, logon screen, gadgets, … to personalize your installation
10 When all your settings are done, click on the [APPLY] button
11 Now the LOG dialog will be diplayed and you’re ready to create the system image
12 start the procedure by clicking on the [COMMIT] button

Please beware that this process may take 60 to 90 minutes and MAY freeze your system until the image generation is done. So take your time and don’t panic is the system reacts slowly… But finally you’ll should get this log message:

Now select ISO-Bootable to create a bootable DVD or ISO image.

Once you have your image, do a test installation to see if the system is working as expected. Remember that removing critical system components (marked in red in the feature removal dialog) may create unstable system. With the right stripping configuration you will get 20-60% less memory footprint for the running system, thus helping to run more machines in your virtual environment.

Summary

In this article we covered stripping the OS using tools, next month we’ll focus on the hardening prodcedures, stay tuned.

Über den Autor

Andrea Covello

Andrea Covello ist seit den 1990er Jahren im Bereich der Informationssicherheit tätig. Seine Schwerpunkte liegen traditionell im Engineering, wobei er als Spezialist im Bereich Windows-Sicherheit, Firewalling und Virtualisierung gilt.

Links

Sie wollen die Resistenz Ihres Unternehmens auf Malware prüfen?

Unsere Spezialisten kontaktieren Sie gern!

×
Crypto-Malware

Crypto-Malware

Ahmet Hrnjadovic

TIBER-EU Framework

TIBER-EU Framework

Dominik Altermatt

Vertrauen und KI

Vertrauen und KI

Marisa Tschopp

Datenverschlüsselung in der Cloud

Datenverschlüsselung in der Cloud

Tomaso Vasella

Sie wollen mehr?

Weitere Artikel im Archiv

Sie brauchen Unterstützung bei einem solchen Projekt?

Unsere Spezialisten kontaktieren Sie gern!

Sie wollen mehr?

Weitere Artikel im Archiv