Penetration Testing mailing list archives
Re: Deep Freeze
From: Ben Koren <benkoren () gmail com>
Date: Sun, 12 Feb 2006 13:27:19 -0600
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 As far as I have tested, there is no performance loss. Pretty much all I did was compare timings with a simple stopwatch. It wasn't a very high-tech operation, but suffice to say, I wouldn't worry about the performance. Neil wrote:
Any performance issues? On 2/11/2006 12:54 AM, Ben Koren wrote:Yes, I have had plenty of experience with Deep Freeze, myself. All around, it is a very good program. But if you wish to hear about how great program it is, go to their web site. As far as the not-so-great things, I have 2 things: I have broken the security of older versions of Deep Freeze. This is simply done with any kind of boot disk that can write to an NTFS filesystem. I believe they fixed that problem in the latest version, so I wouldn't consider this an issue if you are purchasing the latest version. The 2nd, more serious, problem that I am currently in the middle of is it's dislike for a domain environment. When a computer is frozen and the domain trust password for a computer is reset, it not allow domain users to log in until the problem has been fixed. A temporary solution is to re-add the computer to the domain, logging in as a local administrator. By default in my domain, for example, the password has a maximum age of 30 days. For me, that means that I have to go every workstation that I have Deep Freeze on and re-add it to the domain (at an interval of no more than 30 days). The workaround that Faronics (Deep Freeze) is currently providing me is a reconfiguration of the domain controller. This reconfiguration makes it so that the password of the workstations doesn't get reset for x amount of days, where they recommend x is somewhere above a few thousand days. Obviously this is a huge security problem. I am currently (the last 3 months) in communication with Faronics concerning this problem. As of now, the have not given me a solution. I am not saying don't purchase it because I cannot say that you will have this same problem, but I do recommend that you discuss the issue with a representative from Faronics before you make a purchase. If you are not in a domain environment, forget all of what I said and buy it - works great for that! Ben Steve Brown wrote:Hi all, Has anyone had any experience with a product called "Deep Freeze"? I'm looking at using it to secure some machines, but i was interested to know if anyone knows anything about, or has broken, the security on it? much appreciated Steve ------------------------------------------------------------------------------ Audit your website security with Acunetix Web Vulnerability Scanner: Hackers are concentrating their efforts on attacking applications on your website. Up to 75% of cyber attacks are launched on shopping carts, forms, login pages, dynamic content etc. Firewalls, SSL and locked-down servers are futile against web application hacking. Check your website for vulnerabilities to SQL injection, Cross site scripting and other web attacks before hackers do! Download Trial at: http://www.securityfocus.com/sponsor/pen-test_050831 -------------------------------------------------------------------------------
-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.0 (GNU/Linux) iD8DBQFD74wX/R84JYCsNLMRAkRUAJ9QNMt+rvYxcnwaTly87T37qpf0IQCgzdIb I833WGmYMWiVG8ItLTj3jkc= =UHVc -----END PGP SIGNATURE----- ------------------------------------------------------------------------------ Audit your website security with Acunetix Web Vulnerability Scanner: Hackers are concentrating their efforts on attacking applications on your website. Up to 75% of cyber attacks are launched on shopping carts, forms, login pages, dynamic content etc. Firewalls, SSL and locked-down servers are futile against web application hacking. Check your website for vulnerabilities to SQL injection, Cross site scripting and other web attacks before hackers do! Download Trial at: http://www.securityfocus.com/sponsor/pen-test_050831 -------------------------------------------------------------------------------
Current thread:
- Deep Freeze Steve Brown (Feb 10)
- Re: Deep Freeze Ben Koren (Feb 10)
- Message not available
- Re: Deep Freeze Ben Koren (Feb 12)
- Message not available
- Re: Deep Freeze Ben Koren (Feb 10)
- Re: Deep Freeze Paul Halliday (Feb 11)
- RE: Deep Freeze Mauricio Montenegro (Feb 11)
- RE: Deep Freeze + workstation security books Petr . Kazil (Feb 12)
- <Possible follow-ups>
- Re: Deep Freeze no-email (Feb 10)