RE: Fw: Deep Freeze
- From: "Ball, Dan" <DBall@xxxxxxxxxxx>
- To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
- Date: Sun, 12 Feb 2006 19:50:11 -0500
Didn't see any other responses, so thought I'd answer some of your
questions. The DeepFreeze program works by creating a hidden image on
the computer, and restores itself upon reboot.
As for security, there are a few hacks out there for it, most of which
allow either the user Local Admin privileges, or allow modification of
the hidden image.
The question I had posted here before was what people in the security
industry thought of the way it was implemented in a lot of schools. A
large number of admins believe that since it is restored upon each
reboot, they don't need any security policies, virus protection, etc...
Personally, I think there is a risk by implementing it that way, but it
is a minor one. The biggest drawback I see is that a lot of them set it
up so that everyone runs using the Administrator account, and all
records of activity get wiped out upon reboot. With a normal XP
computer, you can trace everything a particular user does on a computer,
but with it wiped out each time you lose any evidence of abuse...
-----Original Message-----
From: Thor (Hammer of God) [mailto:thor@xxxxxxxxxxxxxxx]
Sent: Friday, February 10, 2006 2:05 PM
To: [ISAserver.org Discussion List]
Cc: sbrown@xxxxxxxxxxxxxxxxxx
Subject: [isalist] Fw: Deep Freeze
http://www.ISAserver.org
Hey guys-- this was posted to the pen-test group. I know there are
people
here using Deep Freeze, so I thought I would post it along to see if
anyone
could help him out. I've CC'd him on the email as well. He's not on
the
ISA List to my knowledge.
t
-----
"I don't want their respect, I want their obedience."
Dr. Thomas W. Shinder, M.D.
----- Original Message -----
From: "Steve Brown" <sbrown@xxxxxxxxxxxxxxxxxx>
To: <pen-test@xxxxxxxxxxxxxxxxx>; <security-basics@xxxxxxxxxxxxxxxxx>
Sent: Thursday, February 09, 2006 6:50 PM
Subject: Deep Freeze
Hi all,
Has anyone had any experience with a product called "Deep Freeze"?
I'm looking at using it to secure some machines, but i was interested to
know if anyone knows anything about, or has broken, the security on it?
much appreciated
Steve
------------------------------------------------------------------------
------
Audit your website security with Acunetix Web Vulnerability Scanner:
Hackers are concentrating their efforts on attacking applications on
your
website. Up to 75% of cyber attacks are launched on shopping carts,
forms,
login pages, dynamic content etc. Firewalls, SSL and locked-down servers
are
futile against web application hacking. Check your website for
vulnerabilities
to SQL injection, Cross site scripting and other web attacks before
hackers
do!
Download Trial at:
http://www.securityfocus.com/sponsor/pen-test_050831
------------------------------------------------------------------------
-------
------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Visit TechGenix.com for more information about our other sites:
http://www.techgenix.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
dball@xxxxxxxxxxx
To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist
Report abuse to listadmin@xxxxxxxxxxxxx
Other related posts:
