Deep Freeze and Sandboxie

Discussion in 'sandboxing & virtualization' started by Chuck57, Jan 23, 2008.

Thread Status:
Not open for further replies.
  1. Chuck57

    Chuck57 Registered Member

    Joined:
    Sep 2, 2002
    Posts:
    1,770
    Location:
    New Mexico, USA
    It seems I just can't stay satisfied. I love fd-isr and have it, but a week and a half ago or so, I got the insane urge to try DEEP FREEZE. I spent a few days reading all the current info I could find about it here and elsewhere and was impressed.

    I first booted into the clean snapshot of fd-isr which effectively got rid of just about all the useless programs I had on this computer, downloaded DF and removed fd-isr (maybe temporarily, maybe longer) and cleaned out what very few files it left behind. Deep Freeze took no time to set up other than setting a good, strong password and it's been running flawlessly for the past week and a half. An added plus is that my computer seems to like the combination, and runs faster - although the few fractions of a second here and there and a few seconds faster boot are irrelevant to me.

    To add a bit more safety and security, I installed Sandboxie prior to freezing. Between the security of Sandboxie and Deep Freeze, I'm quite happy so far, to the point that I might have to buy this thing before the 30 day trial ends.

    I'm a very low risk surfer, so haven't done a single thing to test the above against any malware or anything else and don't intend to. What it boils down to, I guess, is that I'm constantly in search of the most security with the least impact and/or number of programs and intrusion.
     
  2. waldovanlaeken

    waldovanlaeken Registered Member

    Joined:
    Jul 11, 2007
    Posts:
    36
    Location:
    Belgium
    I had DeepFreeze standard (latest version) for a few months.

    Overall result : I was very happy with it.

    I trew A LOT of malware at it, and after rebooting none of that took place.

    It just seems that it cannot be broken.

    It's also very stable. I never experienced any problem with it.

    I also ran Sandboxie & Opera with it.

    Pc was also much faster than with any AV / AT / HIPS i ran in the past.

    I would still be running it , but very recently i changed Deepfreeze with Shadow Defender Version: 1.0.0.130

    Why ?

    I just don't know really o_O I seems that when my system is finally configured
    "perfect" for me...after a while I found it boring.

    Shadow Defender does (for me) it's just just as good as Deepfreeze.

    Only rebooting with ShadowD takes much more time before shutdown.
     
  3. Perman

    Perman Registered Member

    Joined:
    Nov 23, 2005
    Posts:
    2,161
    Hi, Chuck57:

    Welcome aboard DF.

    You will enjoy its pleasant company. During its freezing mode, you will be fully(I still think so) protected while surfing-because all evils will be erased after reboot.

    With the addition of Sandboxie or its rivals such as DefenseWall(Ilya prefers it to be called HIPS),or GeSWall, you will be protected to its full strength( I am not quite sure to what extent) during DF's thawed state. In other words, you are protected Both way. I prefer to have FD-ISR work with DF, but never got them liking each other.

    Good luck with your new toys. Trust me you will get bored after a while, just because DF works so smoothly, seldom troubles you.
     
  4. Chuck57

    Chuck57 Registered Member

    Joined:
    Sep 2, 2002
    Posts:
    1,770
    Location:
    New Mexico, USA
    Both of you mention my problem. I get my computer just the way I like it and within a couple of weeks I'm bored at having nothing to do. I will admit that this combination, DF and Sandboxie seems to be one of the nicest I've run into in a long while. Maybe the fact that my computer seems to like it will convince to me stay with it longer.

    I had the Opera browser but it disappeared when I reverted to the old snapshot in fd-isr. I use K-Meleon now and like the ability to block referrers and change the info in User Agent, both of which come with Kmeleon.
     
  5. Threedog

    Threedog Registered Member

    Joined:
    Mar 20, 2005
    Posts:
    1,125
    Location:
    Nova Scotia, Canada
    I haven't tried Deep Freeze yet. I am currently running Returnil with Sandboxie and running Firefox as my browser and all was working nicely...then I got bored so added Avira to the mix to see if anything was hitting me....then I got bored and added SAS Pro but only on demand to see if anything was hitting me...then I got bored and added Prevx today to see if anything is getting by Avira and SAS or No Script and out of Sandboxie or by Returnil. I might stick with this set up for a while....unless.....I get bored. :D :D :D
     
  6. Long View

    Long View Registered Member

    Joined:
    Apr 30, 2004
    Posts:
    2,295
    Location:
    Cromwell Country
    I've tried Sandboxie and FD-ISR ( people keep raving about them) a number of times but found too many issues with both. DeepFreeze on the other hand does exactly what I want with no measurable overhead.
     
  7. Peter2150

    Peter2150 Global Moderator

    Joined:
    Sep 20, 2003
    Posts:
    20,590
    They are two strong combo's. My preference was also to SD due to flexibilty and living with FDISR. Sandboxie is almost good enough by itself, so the addition of Deep Freeze is excellent.

    Pete
     
  8. Chuck57

    Chuck57 Registered Member

    Joined:
    Sep 2, 2002
    Posts:
    1,770
    Location:
    New Mexico, USA
    I had a problem with an older version of Sandoxie. That was on my previous computer that died almost a year ago. I tried the next version of Sandobxie and no problems whatever, and none with the current which I really like.

    Deep Freeze has had me curious for a while but I just never got around to looking at it until recently. The 30 day evaluation period is what decided me. That's plenty of time to be able to play with it and make a decision. So far, it is exactly what I want. It just sits there and works. The unfreeze is much faster than fd-isr and starting up in the morning is much quicker. FD-ISR has some advantages and Deep Freeze has others such as perhaps being more secure. I like both, but they don't seem to like each other on this computer. So, I chose Deep Freeze at least for the trial period. I think I'll be buying it, though.
     
  9. EASTER

    EASTER Registered Member

    Joined:
    Jul 28, 2007
    Posts:
    11,126
    Location:
    U.S.A. (South)
    My newest set up exactly. Was surprised to find this topic too. Nice timing. I also employ SandboxIE within the DEEP FREEZE (Standard) FROZEN and thats just for additional safety measures. With this in place and having tried BOTH EQSecure (HIPS) + Anti-Executable, another great Faronic's Powered App, i now feel i got a very lean but well secured system for a change.

    Indeed!

    With DEEP FREEZE, the one reboot to clean state, theres absolutely no delay, so that's a great bonus i take great satisfaction in.

    You'll be glad you added it Chuck57, it's a very well and strong program and best of all unlike some apps, doesn't prohibit or interfere in any way with normal performance and just like you said, runs faster!
     
  10. Chuck57

    Chuck57 Registered Member

    Joined:
    Sep 2, 2002
    Posts:
    1,770
    Location:
    New Mexico, USA
    It's done been bought as of a few minutes ago. My boss (wife) said it was okay. I just make the money......she controls it, which is probably a good thing or I'd have licenses for every piece of software out there.
     
  11. QQ2595

    QQ2595 Registered Member

    Joined:
    Jan 6, 2008
    Posts:
    159
    The single Deepfreeze can not prevent the low level disk access attack.

    DeepFreeze + Anti-Executable or DeepFreeze + Sandboxie will be very nice. :)
     
  12. Perman

    Perman Registered Member

    Joined:
    Nov 23, 2005
    Posts:
    2,161
    Hi,

    Can you elaborate it, pls take DF standard v.6.3 as an example.

    Thanks.
     
  13. EASTER

    EASTER Registered Member

    Joined:
    Jul 28, 2007
    Posts:
    11,126
    Location:
    U.S.A. (South)
    As an added bonus i routinely like to use RESTORATION to overwrite already so-called deleted files/folders, something EAZ-FIX prevents me from doing, so after i clear those away from disk in THAW and set it to FROZEN, it remains clean and debris free. Nice to return to a perfectly preforming disk every time without clutter. Call me obsessed with total neatness when it comes to the disk, mainly because the default XP system regularly drops gobs of that sort of discarded data over time, with DF set in FROZEN, no more.

    Reboots are incredibly normal, identical in fact to regular resets. I didn't expect that, but then i didn't expect that in Power Shadow either. LoL
     
  14. Peter2150

    Peter2150 Global Moderator

    Joined:
    Sep 20, 2003
    Posts:
    20,590
    Now that is security in action.:D :D :D
     
  15. Peter2150

    Peter2150 Global Moderator

    Joined:
    Sep 20, 2003
    Posts:
    20,590
    Some of the exploits discussed here overwrite things like the mbr and partition table. Deep Freeze doesn't handle them well. (wasn't designed to do that) I believe it has been reported to Faronics.

    Pete
     
  16. Chuck57

    Chuck57 Registered Member

    Joined:
    Sep 2, 2002
    Posts:
    1,770
    Location:
    New Mexico, USA
    I read that somewhere, which is why I also employed Sandboxie. I *think* or hope Sandboxie covers those problems.
     
  17. QQ2595

    QQ2595 Registered Member

    Joined:
    Jan 6, 2008
    Posts:
    159
    I just made a short test in VMWare 6.

    Test 1:
    1)Install DP 6.3 Standard in XP SP2 and restart as recommended.
    2)Create some files in desktop and restart.
    3)Files lost after restart, DF works well..
    4)Copy Robot Dog(download from forums of Winzheng.com) and run it in freeze mode. restart.
    5)Check userinit.exe/explorer.exe/iexplorer.exe, all get infected. System become very slow and Windows firewall shut down.

    Test 2:
    1)Install DP 6.3 Standard in XP SP2 and restart as recommended.
    2)Create some files in desktop and restart .
    3)Files lost after reboot, DF works well.
    4)Copy CleanMBR and run it in freeze mode. Get BSOD.
    5)Hard restart and dos error in screen: Operation System is not found.

    Hope this will be helpful.
     
    Last edited: Jan 24, 2008
  18. Perman

    Perman Registered Member

    Joined:
    Nov 23, 2005
    Posts:
    2,161
    Hi,, QQ2595:

    Thanks for the quick testing.

    The results are horrifying and alarming. I thought DF is nearly bullet-proof.

    Any short-term remedy to this situation ?

    Adding sandbox, such as Sandboxie, DefenseWall, BufferZone or

    HIPS, such as SSM, ESQuire... or

    Behaviour Blocker, such as ThreatFire, PRSC, Antibot ?

    Can you conduct these apps with DF on your VMware ? Thanks.
     
  19. EASTER

    EASTER Registered Member

    Joined:
    Jul 28, 2007
    Posts:
    11,126
    Location:
    U.S.A. (South)
    Hence............................additional measures. Mine include HIPS.
     
  20. EASTER

    EASTER Registered Member

    Joined:
    Jul 28, 2007
    Posts:
    11,126
    Location:
    U.S.A. (South)
    How on earth do you even get registered there. I used Google, is there a better interpreter for all this garble?

     
  21. Chuck57

    Chuck57 Registered Member

    Joined:
    Sep 2, 2002
    Posts:
    1,770
    Location:
    New Mexico, USA
    I could be way wrong on this, but doesn't Sandboxie stop this thing? If I managed to pick it up without realizing it, it would be contained in Sandboxie, and vanish when I closed my browser. As for downloads, I won't download from anyplace but the maker if possible, or Snapfiles on occasion.
     
  22. EASTER

    EASTER Registered Member

    Joined:
    Jul 28, 2007
    Posts:
    11,126
    Location:
    U.S.A. (South)
    I just like to run it thru my set up to determine just where it gets held up at and i have a couple of extra drives to let it ride thru to monitor it's behavior. These type destructive codes are interesting to pit against various set ups/security apps to see if they can get thru or not.
     
  23. Chuck57

    Chuck57 Registered Member

    Joined:
    Sep 2, 2002
    Posts:
    1,770
    Location:
    New Mexico, USA
    Whatever you find out, let us know. I don't have that kind of courage. I'm going to have to find some old, used computer somewhere to play with these things. Regardless, I trust the Sandboxie DeepFreeze combination as being secure for me. Some day, I'll even learn how to run a download in the sandbox. Right now, I only use it to shield my browser.

    *edit* Never mind. I just figured it out using a word processor exe on my other drive. Loaded it sandboxed, typed a few words, closed it and its gone. That's easier than working with Altiris.
     
  24. DasFox

    DasFox Registered Member

    Joined:
    May 5, 2006
    Posts:
    1,825

    Winzheng.com is Chinese, LOL

    I'd like to get this Robot Dog and test DF in Vmware and see, where can I get it besides this site?

    Also what do you mean in Test 2 #4 'Copy CleanMBR'?

    At this point in time all I can say is DF is certainly simple, doing it's own thing, but I've only been running it less then a day, so not sure about it's stability and safety to do a good job, I hope it does...
     
  25. Chuck57

    Chuck57 Registered Member

    Joined:
    Sep 2, 2002
    Posts:
    1,770
    Location:
    New Mexico, USA
    I've been running it for over a week, with Sandboxie when I'm online. So far, absolutely no complaints. In fact, I've been so impressed that I bought it rather than run it for the full length of the trial. I'm reasonably convinced that anything that might affect Deep Freeze, Sandboxie will stop. Then, it's up to me to not allow those things on my hard drive.
     
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.