Lenovo ThinkPad R50p User Manual
Page 132
finally
restore
networking.
A
single
message
might
be
used
to
perform
all
of
these
functions
through
the
use
of
flag
files
and
the
RETRYONERROR
command.
1.
Lockdown
phase
To
accomplish
lockdown
phase,
inform
the
user
what
is
about
to
happen.
If
the
attack
is
not
extremely
serious,
the
administrator
can
give
the
user
the
option
to
defer
the
fix
until
later.
In
the
most
conservative
case,
this
phase
would
be
used
to
disable
networking
and
provide
a
short
window,
such
as
15
minutes,
for
the
user
to
save
work
in
progress.
The
RETRYONERROR
command
is
used
to
keep
the
script
running
and
then
the
machine
can
be
rebooted
into
the
Rescue
and
Recovery
environment.
2.
Code
distribution
phase
an
repair
phase
Now
that
the
threat
of
infection
has
been
removed
by
disabling
the
network
and
rebooting
to
Rescue
and
Recovery,
additional
code
can
be
retrieved
and
repairs
accomplished.
The
network
can
be
enabled
or
only
certain
addresses
can
be
permitted
for
the
time
required
to
retrieve
additional
files.
While
in
Rescue
and
Recovery,
virus
files
can
be
removed
and
the
registry
can
be
cleaned
up.
Unfortunately,
installing
new
software
or
patches
is
not
possible
because
the
patches
assume
that
Windows
XP
is
running.
With
networking
still
disabled
and
all
virus
code
removed,
it
is
safe
to
reboot
to
Windows
XP
to
complete
repairs.
A
tag
file
written
at
this
time
directs
the
script
to
the
patch
section
after
the
reboot.
124
Rescue
and
Recovery
4.2
Deployment
Guide
- ThinkPad X40 ThinkPad X41 Tablet ThinkPad R61e ThinkPad R61i ThinkPad R51e 3000 C100 All-In-One THINKPAD X60 ThinkPad R52 THINKPAD X61 ThinkPad X60 Tablet THINKPAD T61 ThinkPad Z61e ThinkPad R50e ThinkPad X300 ThinkPad R51 ThinkPad T60 ThinkPad R61 ThinkPad X61 Tablet THINKPAD Z60M ThinkPad T61p ThinkPad X61s