Re: Deep Freeze



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

As far as I have tested, there is no performance loss. Pretty much all I
did was compare timings with a simple stopwatch. It wasn't a very
high-tech operation, but suffice to say, I wouldn't worry about the
performance.

Neil wrote:
Any performance issues?

On 2/11/2006 12:54 AM, Ben Koren wrote:
Yes, I have had plenty of experience with Deep Freeze, myself. All
around, it is a very good program. But if you wish to hear about how
great program it is, go to their web site.

As far as the not-so-great things, I have 2 things:

I have broken the security of older versions of Deep Freeze. This is
simply done with any kind of boot disk that can write to an NTFS
filesystem. I believe they fixed that problem in the latest version, so
I wouldn't consider this an issue if you are purchasing the latest version.

The 2nd, more serious, problem that I am currently in the middle of is
it's dislike for a domain environment. When a computer is frozen and the
domain trust password for a computer is reset, it not allow domain users
to log in until the problem has been fixed. A temporary solution is to
re-add the computer to the domain, logging in as a local administrator.
By default in my domain, for example, the password has a maximum age of
30 days. For me, that means that I have to go every workstation that I
have Deep Freeze on and re-add it to the domain (at an interval of no
more than 30 days). The workaround that Faronics (Deep Freeze) is
currently providing me is a reconfiguration of the domain controller.
This reconfiguration makes it so that the password of the workstations
doesn't get reset for x amount of days, where they recommend x is
somewhere above a few thousand days. Obviously this is a huge security
problem.

I am currently (the last 3 months) in communication with Faronics
concerning this problem. As of now, the have not given me a solution. I
am not saying don't purchase it because I cannot say that you will have
this same problem, but I do recommend that you discuss the issue with a
representative from Faronics before you make a purchase.

If you are not in a domain environment, forget all of what I said and
buy it - works great for that!

Ben

Steve Brown wrote:
Hi all,

Has anyone had any experience with a product called "Deep Freeze"?

I'm looking at using it to secure some machines, but i was interested to
know if anyone knows anything about, or has broken, the security on it?

much appreciated

Steve

------------------------------------------------------------------------------
Audit your website security with Acunetix Web Vulnerability Scanner:

Hackers are concentrating their efforts on attacking applications on your
website. Up to 75% of cyber attacks are launched on shopping carts, forms,
login pages, dynamic content etc. Firewalls, SSL and locked-down servers are
futile against web application hacking. Check your website for vulnerabilities
to SQL injection, Cross site scripting and other web attacks before hackers do!
Download Trial at:

http://www.securityfocus.com/sponsor/pen-test_050831
-------------------------------------------------------------------------------



-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.0 (GNU/Linux)

iD8DBQFD74wX/R84JYCsNLMRAkRUAJ9QNMt+rvYxcnwaTly87T37qpf0IQCgzdIb
I833WGmYMWiVG8ItLTj3jkc=
=UHVc
-----END PGP SIGNATURE-----

------------------------------------------------------------------------------
Audit your website security with Acunetix Web Vulnerability Scanner:

Hackers are concentrating their efforts on attacking applications on your
website. Up to 75% of cyber attacks are launched on shopping carts, forms,
login pages, dynamic content etc. Firewalls, SSL and locked-down servers are
futile against web application hacking. Check your website for vulnerabilities
to SQL injection, Cross site scripting and other web attacks before hackers do!
Download Trial at:

http://www.securityfocus.com/sponsor/pen-test_050831
-------------------------------------------------------------------------------



Relevant Pages

  • Re: Hacking to Xp box
    ... > it is because you're the internal security expert AND hacker. ... > Audit your website security with Acunetix Web Vulnerability Scanner: ... > Hackers are concentrating their efforts on attacking applications on ... Up to 75% of cyber attacks are launched on shopping ...
    (Pen-Test)
  • RE: DCOM Security.
    ... Subject: DCOM Security. ... Audit your website security with Acunetix Web Vulnerability Scanner: ... Hackers are concentrating their efforts on attacking applications on ... Up to 75% of cyber attacks are launched on shopping carts, ...
    (Pen-Test)
  • RE: Hacking to Xp box
    ... security, host security or data security heavily or are you referring to ... > Audit your website security with Acunetix Web Vulnerability Scanner: ... > Hackers are concentrating their efforts on attacking applications on your ... Up to 75% of cyber attacks are launched on shopping carts, forms, ...
    (Pen-Test)
  • RE: 3rd party vuln assesment firms
    ... > "We use the same tools hackers bring to bear against your systems. ... >> I'm looking for a firm to conduct annual 3rd party vulnerability ... Up to 75% of cyber attacks are launched on shopping ... >> your website for vulnerabilities to SQL injection, ...
    (Pen-Test)
  • RE: 3rd party vuln assesment firms
    ... with large network organizations you may want to check out Olosec Security ... > Audit your website security with Acunetix Web Vulnerability Scanner: ... > Hackers are concentrating their efforts on attacking ... Up to 75% of cyber attacks are ...
    (Pen-Test)