Didn't see any other responses, so thought I'd answer some of your questions. The DeepFreeze program works by creating a hidden image on the computer, and restores itself upon reboot. As for security, there are a few hacks out there for it, most of which allow either the user Local Admin privileges, or allow modification of the hidden image. The question I had posted here before was what people in the security industry thought of the way it was implemented in a lot of schools. A large number of admins believe that since it is restored upon each reboot, they don't need any security policies, virus protection, etc... Personally, I think there is a risk by implementing it that way, but it is a minor one. The biggest drawback I see is that a lot of them set it up so that everyone runs using the Administrator account, and all records of activity get wiped out upon reboot. With a normal XP computer, you can trace everything a particular user does on a computer, but with it wiped out each time you lose any evidence of abuse... -----Original Message----- From: Thor (Hammer of God) [mailto:thor@xxxxxxxxxxxxxxx] Sent: Friday, February 10, 2006 2:05 PM To: [ISAserver.org Discussion List] Cc: sbrown@xxxxxxxxxxxxxxxxxx Subject: [isalist] Fw: Deep Freeze http://www.ISAserver.org Hey guys-- this was posted to the pen-test group. I know there are people here using Deep Freeze, so I thought I would post it along to see if anyone could help him out. I've CC'd him on the email as well. He's not on the ISA List to my knowledge. t ----- "I don't want their respect, I want their obedience." Dr. Thomas W. Shinder, M.D. ----- Original Message ----- From: "Steve Brown" <sbrown@xxxxxxxxxxxxxxxxxx> To: <pen-test@xxxxxxxxxxxxxxxxx>; <security-basics@xxxxxxxxxxxxxxxxx> Sent: Thursday, February 09, 2006 6:50 PM Subject: Deep Freeze Hi all, Has anyone had any experience with a product called "Deep Freeze"? I'm looking at using it to secure some machines, but i was interested to know if anyone knows anything about, or has broken, the security on it? much appreciated Steve ------------------------------------------------------------------------ ------ Audit your website security with Acunetix Web Vulnerability Scanner: Hackers are concentrating their efforts on attacking applications on your website. Up to 75% of cyber attacks are launched on shopping carts, forms, login pages, dynamic content etc. Firewalls, SSL and locked-down servers are futile against web application hacking. Check your website for vulnerabilities to SQL injection, Cross site scripting and other web attacks before hackers do! Download Trial at: http://www.securityfocus.com/sponsor/pen-test_050831 ------------------------------------------------------------------------ ------- ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Visit TechGenix.com for more information about our other sites: http://www.techgenix.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: dball@xxxxxxxxxxx To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist Report abuse to listadmin@xxxxxxxxxxxxx