Back in December 2005, I wrote about how to make a thumb drive virus scanner using datapol’s NTFS4DOS, a Kool Tekkie Tool that allows you to read and write NTFS volumes from a DOS command line interface. Now, the good folks at datapol have come up with another winner: CIA DRiVE.net, a very cool remote recovery and offline antivirus utility that no IT pro should be without. There’s a free (read-only) demo available as well as Professional and Enterprise editions. I’m testing the Enterprise edition.
CIA DRiVE.net is the fastest and easiest method to access the drives of a remote computer over the network or the internet. Whether you simply want to transfer data from one PC to another (even in the case that the remote computer doesn’t boot Windows any more), backup or restore data over the network without a working Windows installation or whether you want to be able to perform an offline anti-virus check…with CIA DRiVE.net you get a full-blown solution for managing and recovering remote computers that is nearly…a perfect way to exchange data between computers that don’t belong to the same domain or workgroup.
This isn’t hype; it does everything they say it does. It works over TCP/IP and there’s no need to worry about domain names and workgroups, nor even which subnet you happen to be on; if you know the IP address of the computer you want to connect to, and it’s booted with the CIA DRiVE.net server, you’re good to go. I’ve tried it three ways: with an ethernet crossover cable (much better than a null modem cable); over the LAN in my office; and — this is really slick — over the Internet (you have to open port 45751 in your firewall). No matter how you hook it up, you can do anything to the remote PC that you can do on a local hard drive.
The other techs in my office thought it was pretty cool when I mapped the hard drive on my home computer to my laptop over the Internet and kicked off a full virus scan. Impressive. But there’s more. For those PCs that support it, you can wake them up with a magic packet or force a shutdown or restart. There’s also a user manager that in the Enterprise edition allows you to reset lost WinNT/Win2k/XP passwords that are stored in the SAM and in the Active Directory of Windows Server 2000/2003. If your network card on the remote PC is PXE-capable, you don’t even have to build boot media; the CIA DRiVE.net client has a built-in PXE server and will automatically upload the software to the remote machine.
The boot media maker allows you to make floppies or CDs and also create bootdisk image files: .img for floppies; .iso for CDs. Using an image, you should be able to make a bootable thumb drive, but I haven’t tried this yet. You can make the images available for download, or you can email them easily because they are quite small (less than 2MB).
The free version of CIA DRiVE.net is read-only, but will allow you to see how it works; the Professional version sells for $179 and allows up to 25 remote connections; the Enterprise edition sells for $299 and allows unlimited connections. Obviously, this isn’t a tool for casual use, but it can pay for itself quickly. For instance, saving just one client from major data loss by recovering data from an unbootable hard drive justifies the cost. It might even work on systems where the hard drive isn’t recognized by the BIOS. I haven’t tried it, but if you use the “direct disk access (bypass the BIOS)” option to make a boot disk, it should work in all but the most desperate circumstances.
If you got the feeling that I’m sold on this Kool Tekkie Tool, you’d be right. Check it out.