| Author |
How Secure is Deep Freeze? |
Twinkee
Member
Posts: 25
Location:
Joined: 07.10.09
Rank: Active User |
|
My school is running Deep Freeze Enterprise 6.6/6.5. It is either the latest or fairly close to the latest version, I do not remember exactly which one.
I'm asking this out of curiosity as someone with a strong interest in security, and also because I don't want to have blind faith in this program if it's easily bypassed; not because I want or need to mess with our computers -- I work at the school as help desk.
I've browsed a bit and all of the threads/articles here on HBH are either inconclusive or outdated. Also, the "Unfreezer" program I read about seems to have stopped development back in 2005/6 and with Deep Freeze version 5.5.
Furthermore, I saw one post that said Deep Freeze could be eliminated merely by using a live CD to remove DF's files. As I do not know how the program itself really works, is this correct? It would make sense to me. If so, the solution was to prevent booting to anything other than the C: drive. I don't believe there's any way to do this other than setting it in the BIOS, and pass-locking it (please inform me if there is) and of course removing all physical options for bootable media. But that's no good of course, since the BIOS password can be cleared via jumper or battery, and removing bootable media is impractical.
So, does anyone know if this a solid program that can be relied upon? |
|
| Author |
RE: How Secure is Deep Freeze? |
fuser
Member
Posts: 959
Location: in front of a computer (duh)
Joined: 05.04.07
Rank: HBH Guru |
|
well, the wikipedia article on Deep Freeze confirms it, but keep in mind that most public access computers are pretty much locked with CMOS disabled, so there's no way the person can do it unless he opens the thing up.
I'm gonna do some reading about this program.
Telling modern Internet users to stop whining is like telling them to stop breathing — it seems unrealistic and inhumane. Paul Lutus
|
|
| Author |
RE: How Secure is Deep Freeze? |
fashizzlepop
Member
Posts: 482
Location: Old folks home.
Joined: 08.04.08
Rank: Uber Elite |
|
Some parts of my school use this program. Luckily most are in a Linux area lab so it would be rather easy to "thaw" the computer. But my teacher would notice I'm sure.
"The definition of insanity is doing the same thing over and over again and expecting different results.”
~Albert Einstein~
 |
|
| Author |
RE: How Secure is Deep Freeze? |
Twinkee
Member
Posts: 25
Location:
Joined: 07.10.09
Rank: Active User |
|
|
Another reason I like this program (and therefore want to know how good it is) is because of its fantastic management console. It's extremely easy to start/restart/freeze/lock/etc masses of computers remotely. |
|
|
| Author |
RE: How Secure is Deep Freeze? |
stealth-
Member
Posts: 998
Location: Eh?
Joined: 10.04.09
Rank: God |
|
|
fashizzlepop wrote:
Some parts of my school use this program. Luckily most are in a Linux area lab so it would be rather easy to "thaw" the computer. But my teacher would notice I'm sure.
How would having linux installed make it any easier to thaw the computer? As long as the BIOS is set up right, and the admins weren't idiots, you wouldn't be able to mount the windows drive or boot any other medium.
I've always thought Deep Freeze to be a brilliant program. One thing I'm surprised hasn't been mentioned yet is how it solves many of the problems with viruses, malware, and rootkits (as they wouldn't be persistent through boots). Yes, the attacking software could still do damage or steal information while the machine was still running, however DeepFreeze still provides a huge advantage compared to having to run malware checks on *all* the computers in the lab.
It is possible to bypass DF. You have to boot into a removable medium and do some registry edits to remove the references to DeepFreeze, making it bypass starting DeepFreeze on boot, and you end up with a normal system.
As for giving mass control over the computers, that's something also implemented very easily in linux.
The irony of man's condition is that the deepest need is to be free of the anxiety of death and annihilation; but it is life itself which awakens it, and so we must shrink from being fully alive.
http://www.stealth-x.com |
|
|
| Author |
RE: How Secure is Deep Freeze? |
fashizzlepop
Member
Posts: 482
Location: Old folks home.
Joined: 08.04.08
Rank: Uber Elite |
|
Sorry, I wasn't clear. The lab machines have windows installed but they are set up so they can be booted into Linux via cd or USB. They are even set up so cd and USB booting has higher priority to harddive boot.
And yes, the whole virus protection is very good. Except when trusted programs show up as infected and you have o clear it with the av program evey boot. Lol.
"The definition of insanity is doing the same thing over and over again and expecting different results.”
~Albert Einstein~
|
|
|
| Author |
RE: How Secure is Deep Freeze? |
stealth-
Member
Posts: 998
Location: Eh?
Joined: 10.04.09
Rank: God |
|
Ah, I was thinking it was like my school. We have a linux network boot and a harddrive windows install with deepfreeze on most machines. BIOS is then locked down and the computers have locks on them. The up side to having half decent network tech's is it becomes a lot more fun to snoop around the school network, though. 
The irony of man's condition is that the deepest need is to be free of the anxiety of death and annihilation; but it is life itself which awakens it, and so we must shrink from being fully alive.
http://www.stealth-x.com |
|
|
| Author |
RE: How Secure is Deep Freeze? |
cyb3rl0rd1867
Member
Posts: 143
Location: U.S
Joined: 07.07.06
Rank: Hacker Level 1 |
|
Thishttp://forum.tuts4you.com/index.php?showtopic=20507 may be of help
 |
|
|
| Author |
RE: How Secure is Deep Freeze? |
stealth-
Member
Posts: 998
Location: Eh?
Joined: 10.04.09
Rank: God |
|
......
First of all: You know you can delete and edit posts, right?
Secondly: The link doesn't even work.
The irony of man's condition is that the deepest need is to be free of the anxiety of death and annihilation; but it is life itself which awakens it, and so we must shrink from being fully alive.
http://www.stealth-x.com |
|
|
| Author |
RE: How Secure is Deep Freeze? |
cyb3rl0rd1867
Member
Posts: 143
Location: U.S
Joined: 07.07.06
Rank: Hacker Level 1 |
|
Oops, sorry about that. The second link should work fine .
|
|
|
| Author |
RE: How Secure is Deep Freeze? |
fashizzlepop
Member
Posts: 482
Location: Old folks home.
Joined: 08.04.08
Rank: Uber Elite |
|
"Should" doesn't mean "does."
in other words, it doesn't.
"The definition of insanity is doing the same thing over and over again and expecting different results.”
~Albert Einstein~
|
|
|
| Author |
RE: How Secure is Deep Freeze? |
cyb3rl0rd1867
Member
Posts: 143
Location: U.S
Joined: 07.07.06
Rank: Hacker Level 1 |
|
Their server is having issues. Hopefully it will be up and running soon.
Edit: It's now up and running. I realized that you may have to have an account to view it...
Edited by cyb3rl0rd1867 on 01-06-10 15:53 |
|
|
| Author |
RE: Floppy drive |
onejerlo
Member
Posts: 145
Location:
Joined: 02.11.08
Rank: Elite |
|
You could use an external floppy drive with an NTFS reading/writing o.s.
(I envy the cheap prices at which hardware is available in U.S./U.K.)
Since most BIOS prefer Floppy before all others,this should work.then,Use:
http://www.governmentsecurity.org/forum/index.php?showtopic=123
Or,if you want something else:
[url]http://www.ethicalhacker.net/component/option,com_smf/Itemid,54/topic,658.msg1826/#msg1826[/url]
Both should work with all versions of DeepFreeze(as far as I know).
Edited by onejerlo on 01-06-10 10:52 |
|
|
| Author |
RE: How Secure is Deep Freeze? |
onejerlo
Member
Posts: 145
Location:
Joined: 02.11.08
Rank: Elite |
|
Also,I don't believe in Restricting access or preventing the user from doing ANYTHING...
The policy used by my school for test tubes,I believe,is the best.
Allot each student one,Do whatever the heck you want with it.
(Except in lab periods,when you could kill someone by doing something wrong)
If the test tube breaks,ask the fellow to pay for the damages(Use a logging software to see if he actually destroyed it or not)
Or,make REALLY cheap laptops with little RAM,Only USB,etc,and give each student one(for school/home use). |
|
|
| Author |
RE: How Secure is Deep Freeze? |
cyb3rl0rd1867
Member
Posts: 143
Location: U.S
Joined: 07.07.06
Rank: Hacker Level 1 |
|
This was just updated for 6.6 http://hotfile.com/dl/46156474/746165d/ADF_0.3.rar.html. Enjoy!
|
|
|
Main:
