Educause Security Discussion mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Deepfreeze - Why not?

From: "Schoenefeld, Keith P." <Keith_Schoenefeld () BAYLOR EDU>
Date: Thu, 17 Nov 2011 17:35:48 -0600
Kevin,

If the system(s) are configured to log remotely, or if the authentications to a remote (centralized) server are logged, 
one could still identify the credentials that were used to log on to a system protected with DeepFreeze.  That is to 
say: You're right, a conversation is necessary so that appropriate controls can be put in place to mitigate the risks 
presented by this software (just like any other piece of software).

You make a perfectly valid point, and shouldn't apologize to anyone (in my opinion),

-- KS

Keith Schoenefeld
Information Security Analyst
Baylor University

From: The EDUCAUSE Security Constituent Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of 
Mclaughlin, Kevin (mclaugkl)
Sent: Thursday, November 17, 2011 5:16 PM
To: SECURITY () LISTSERV EDUCAUSE EDU
Subject: Re: [SECURITY] Deepfreeze - Why not?

Hi Again Everyone:

Not trying to be a pain here, really I'm not,  I do understand all the benefits that can be obtained through this type 
of technology but this is a security forum so I'm just going to have to say this.  Apologies up-front to anyone I may 
offend or upset - that is not my intent.....

IMO - Products like DeepFreeze, from a Security point of view, basically allow a smart attacker an anonymous attack 
vector into your organization that bypasses most of your perimeter defenses.  I'm not saying that is a show stopper but 
for our world it should definitely be something that is considered and discussed in detail.  I can do what I want,  
launch my attack, pull the plug on the machine, plug it back in and restart it,  exit stage left....   Or am I missing 
something obvious that prevents this from happening?



- Kevin


Kevin L. McLaughlin,  CISM, CISSP, GIAC-GSLC, CRISC, PMP, ITIL Master Certified
Assistant Vice President, Information Security & Special Projects
University of Cincinnati
513-556-9177

The University of Cincinnati is one of America's top public research institutions and the region's largest employer, 
with a student population of more than 41,000.

[cid:image001.gif@01CCA54F.57BAEF90]

From: The EDUCAUSE Security Constituent Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE 
EDU]<mailto:[mailto:SECURITY () LISTSERV EDUCAUSE EDU]> On Behalf Of Rob Whalen
Sent: Thursday, November 17, 2011 6:10 PM
To: SECURITY () LISTSERV EDUCAUSE EDU<mailto:SECURITY () LISTSERV EDUCAUSE EDU>
Subject: Re: [SECURITY] Deepfreeze - Why not?

Putting Deep freeze on our mac labs reduced support by 80%
Rob Whalen
Network Analyst, St. Mary's College

From: The EDUCAUSE Security Constituent Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Sarazen, 
Daniel
Sent: Thursday, November 17, 2011 1:05 PM
To: SECURITY () LISTSERV EDUCAUSE EDU<mailto:SECURITY () LISTSERV EDUCAUSE EDU>
Subject: [SECURITY] Deepfreeze - Why not?

Hi All,

We have some folks who'd like to see Deepfreeze installed on all lab PCs, but the IT department is balking. What do 
people think is the best reason to not install deepfreeze? Is there one?

Thanks,

Dan

Previous By Date Next
Previous By Thread Next

Current thread: