Deep Freeze

Discussion in 'sandboxing & virtualization' started by Vikorr, Jun 5, 2005.

Thread Status:
Not open for further replies.
  1. Vikorr

    Vikorr Registered Member

    Joined:
    May 1, 2005
    Posts:
    662
    Hi, saw a mention about Deep Freeze in another thread.


    Just looking for user opinion on it. Also, how easy is it to use, and how easy is it to add a new program to the 'frozen computer' image (or whatever they call it)
     
  2. Acadia

    Acadia Registered Member

    Joined:
    Sep 8, 2002
    Posts:
    4,048
    Location:
    SouthCentral PA
    Hi, Vikorr. If you are interested in DeepFreeze, which I have no experience with, I recommend that you also check out GoBack and FirstDefense-ISR, two programs that I am very familiar with; several other folks in these forums also use either one of those two programs. Take care.

    Acadia
     
  3. snowboard

    snowboard Registered Member

    Joined:
    May 25, 2005
    Posts:
    160
    I have Goback and it is a very easy program to locate things on it ;)

    Regards,

    snowboard
     
  4. Vikorr

    Vikorr Registered Member

    Joined:
    May 1, 2005
    Posts:
    662
    Thing that caught my interest about DeepFreeze is that it restores your system settings every reboot...which seems a very easy way to keep your system clean and running smoothly.

    Just don't know how easy it is to add new programs, or change settings that you may want to change down the track.

    Had a quick look at the other two, which seemed more of a 'choose your last restore point/favoured restore point'...which seems a little more complicated <but less of a problem with adding new software I suppose>
     
  5. Acadia

    Acadia Registered Member

    Joined:
    Sep 8, 2002
    Posts:
    4,048
    Location:
    SouthCentral PA
    Yes, if you want "simplicity", then stay away from FirstDefense. It is not a "set-and-forget" type of program, whereas GoBack basically is. I enjoy the flexibility and options that FD gives me, but it does take some thinking and planning ahead.

    Acadia
     
  6. Rmus

    Rmus Exploit Analyst

    Joined:
    Mar 16, 2005
    Posts:
    3,943
    Location:
    California
    Hello Vikorr,

    I use Deep Freeze. It's not an anti-________ program, ie, it doesn't check or stop anything from getting into the system, it just restores the system to it's last reboot state. Any changes made to the system will be not be around on reboot. I avoid using the term remove, or erase, because that implies the program works in a virtual image, or snap shot, which it doesn't. Another program which does use that technique is ShadowUser.

    I would do a lot of reading on both Deep Freeze and ShadowUser before deciding.

    Deep Freeze was designed for institutions - schools, libraries, etc, so that no one could alter the system. No matter what you do, the system reboots to its previous state. Great for computer labs where students like to try and trash the computer - modify files in Windows, etc. No matter, it always restores to previous state on reboot. If a virus or trojan gets by your anti-_________ product, DF will restore it w/o those attacks.

    To add software, you put Deep Freeze into its thawed state, install, reboot, then put back into Frozen state. It's not as flexible as ShadowUser, where you can commit/discard changes in the "virtual image" you are working in.

    DF doesn't allow any of that, so this is something to consider. But you can see why, since it's used in schools, etc, and needs to have tighter control.

    With DF you need at least two partitions - one that will be in thawed state for your data files. C:\ will be frozen to protect the OS.

    As such, if you use folders like My Documents, etc they will have to be remapped to a thawed partition. Not a big problem with TweakUI.

    It's a bit of a hassle for home use, but you can see how it's ideal for institutional use where few changes are made to C:\

    If the home user doesn't do a lot of installing of programs, etc - which is my case - then it's not such a hassle.

    I first saw it in action at the community college where I work and was thorougly impressed. I spent about a week figuring out on paper how I would set things up. I also considered SU, but ended up with DF because I think it's more bulletproof.

    That or SU are great as the last line in the defense.

    Search these forums for Deep Freeze and ShadowUser - There is a long thread on DF from a while back, and you'll get lots of different opinions. Also, I would go to the web sites for those products and read about them - both products have technical white papers you can download.

    For ShadowUser- ShadowStor is the parent company:
    http://www.shadowstor.com/ServiceSupport/ProductResources/
    http://www.shadowstor.net/activekb/

    For Deep Freeze, Faronics is the parent company:
    http://www.faronics.com/html/library.asp
    http://www.faronics.net/faq/index.php?sid=&lang=en&action=show&cat=382256

    They are not for the faint-of-heart. They need a lot of study and consideration, but well worth the effort, IMHO.

    regards,

    -rich
     
  7. JerryM

    JerryM Registered Member

    Joined:
    Aug 31, 2003
    Posts:
    4,221
    As for restoring a system to a previous state, what is wrong with the XP Restore?

    Thanks,
    Jerry
     
  8. Rmus

    Rmus Exploit Analyst

    Joined:
    Mar 16, 2005
    Posts:
    3,943
    Location:
    California
    I don't know how that works. If you deleted a bunch of windows system files, would they be restored via the XP restore?

    Thanks,

    -rich
     
  9. SpikeyB

    SpikeyB Registered Member

    Joined:
    Mar 20, 2005
    Posts:
    478
    I use Deep Freeze too. Rmus has covered most of the stuff about it. One extra thing I like about it is that you can install a program and give it a try out. If you don't like it or it screws up the machine, you just reboot and it's gone. No registry entries or other spurious files are left behind. If you want to keep it, reboot (thaw), install, reboot (freeze).

    My daughter plays a few games. These need to be installed on a partition that you do not freeze, otherwise you can't save where you are up to. It's also a bit of a pain undating AV's because you need to remember to reboot (thaw), update, reboot (freeze).

    They do a trial version so you can see if the pain is too much. The trial will uninstall if you follow their instructions.
     
  10. Acadia

    Acadia Registered Member

    Joined:
    Sep 8, 2002
    Posts:
    4,048
    Location:
    SouthCentral PA
    Windows Restore only restores certain files and the Registry. Programs like GoBack, FirstDefense, RestoreIt, DeepFreeze, etc. restore the ENTIRE hard drive, EVERY sector or file.

    Acadia
     
  11. Vikorr

    Vikorr Registered Member

    Joined:
    May 1, 2005
    Posts:
    662
    I was thinking of just leaving a USB drive in one of the USB ports and downloading things to there.

    I realise it might be a bit of a hassle for email though. I'll have a look at shadowuser as well. I don't install too much on my computer, but a number of my products get updated about every 2 weeks or so.

    Anyway, I've installed the trial version of it and will see how that goes. Although any info on comparative programs are more than welcome.

    Thanks for the info already posted :)
     
  12. JerryM

    JerryM Registered Member

    Joined:
    Aug 31, 2003
    Posts:
    4,221
    Acadia,
    Thanks. Evidently Go Back and similar programs are not the same as Ghost or TI. Both of those programs seem to be complicated enough that I read of some problrms. I have not had the "courage" to try them.

    Maybe something like Firstdefense or Goback might be easier. I guess a major difference is that FD and GB programs remain on the computer, and if the hard drive crashes they also crash. Is that the case?
    But it would be useful to have something that would restore everything if something had made a mess of the computer.

    Thanks,
    Jerry
     
  13. Acadia

    Acadia Registered Member

    Joined:
    Sep 8, 2002
    Posts:
    4,048
    Location:
    SouthCentral PA
    That is correct. The ONLY thing that GoBack and FirstDefense would not be able to save you from would be if your hard drive broke. Rumor has it that the next version of FirstDefense will have the option to store its history bins on another hard drive which means, in theory, it should be able to save you from everything, we shall see. And yes, GoBack and FD are more reliable and easier to use than Ghost or TrueImage but to repeat myself, cannot save you from a total hard drive breakage, which Ghost and TrueImage can. Good luck.

    Acadia
     
  14. Rmus

    Rmus Exploit Analyst

    Joined:
    Mar 16, 2005
    Posts:
    3,943
    Location:
    California
    If you are referring to IE and OE which install (by default) into C:\Prog... these can now be easily remapped to another partition right in the Options of the programs (IE cache; OE mail store folders)

    -rich
     
  15. Rmus

    Rmus Exploit Analyst

    Joined:
    Mar 16, 2005
    Posts:
    3,943
    Location:
    California
    Only problem here is if the program requires a reboot before it will work... can't do that while in the frozen state :(

    -rich
     
  16. Wake2

    Wake2 Registered Member

    Joined:
    Apr 30, 2005
    Posts:
    205
    Thanks for posting about DeepFreeze
    after reading Rmus post I have been
    curious about it, and even more so
    now after reading this thread.

    Wake
     
  17. pvsurfer

    pvsurfer Registered Member

    Joined:
    Sep 1, 2004
    Posts:
    1,400
    Location:
    California - USA
    As both a (past) GoBack user and a (current) True Image user, I would agree, but with one addition... GoBack can not save you from itself! That is to say that GoBack (and other similar programs) modify the HDD's MBR, so if GoBack somehow gets corrupted (and it happened to me!), you either need a previous image or a partition-fixer to restore the drive! While System Restore is more limited in it's recovery capability, it does not modify the MBR and is therefore much safer to use...

    The bottom-line is that I now totally (and only) rely on True Image in the event of disaster-emergency recovery. ;)

    ~pv
     
    Last edited: Jun 6, 2005
  18. SpikeyB

    SpikeyB Registered Member

    Joined:
    Mar 20, 2005
    Posts:
    478
    You can normally get a program to run without a reboot. If it has installed a service, start the service. Check what startup entries it has added, then run those files manually.
     
  19. Rmus

    Rmus Exploit Analyst

    Joined:
    Mar 16, 2005
    Posts:
    3,943
    Location:
    California
    Thanks! That's good to know.

    -rich
     
  20. Acadia

    Acadia Registered Member

    Joined:
    Sep 8, 2002
    Posts:
    4,048
    Location:
    SouthCentral PA
    True, and this is why FirstDefense has a special way of addressing this issue just incase the MBR ever gets corrupted (mine never has).

    Acadia
     
  21. pvsurfer

    pvsurfer Registered Member

    Joined:
    Sep 1, 2004
    Posts:
    1,400
    Location:
    California - USA
    Acadia~ Would you please explain how FirstDefense addresses that issue? ...also, what version of FD are you using?

    Thanks, ~pv
     
  22. Acadia

    Acadia Registered Member

    Joined:
    Sep 8, 2002
    Posts:
    4,048
    Location:
    SouthCentral PA
    Version 2.14, Build 122.

    This is from the Users Guide:

    "Creating an MBR Backup Floppy
    The MBR (Master Boot Record) is a single point of failure for your file system. If the MBR becomes damaged, the computer will be unbootable and you could lose your entire file system.
    FirstDefense-ISR addresses this weakness by creating a MBR Backup Floppy that you can use to restore a damaged MBR.
    To create or update your MBR Backup Floppy, choose Tools>Update MBR Floppy from the menu:
    The MBR Backup Wizard will be launched:
    Click Next to proceed:
    Usually you will want to backup the MBR onto a floppy but if you have multiple computers you may want to store the MBR data for all the computers in a central location on the network.
    Insert a formatted floppy into drive A: and click Next to proceed:
    Click Backup to copy the files to the backup floppy. The instructions on how to use the floppy are in a ReadMe file on the floppy (since you will not have access to this document when you need it).
    See Also:
    MBR Backup Options
    Page 23"
     
  23. Rmus

    Rmus Exploit Analyst

    Joined:
    Mar 16, 2005
    Posts:
    3,943
    Location:
    California
    Since this thread started out about Deep Freeze, I'll add this from their FAQ and literature:

    ---------------------------------
    Deep Freeze fully protects the MBR

    Deep Freeze does prevent hacking/hashing programs that attempt to retrieve the BIOS password that you setup

    Deep Freeze also fully protects the BIOS so that programs such as KILLCMOS.exe have no effect.
    ----------------------------------

    regards,

    -rich
     
  24. controler

    controler Guest

    I have been running both for about two weeks now.

    Shadowuser on my desktop & Deepfreeze on my laptop.

    Deep freeze is cheaper. Deepfreeze has a version with features similar to shadowuser but is not avaliable in single user LIC. I hope that changes.
    Deepfreeze has a 60 day trial. Shadowuser Pro has only 15 day trial.
    Shadowsurfer is similar to deepfreeze standard , which is the single home user LIC.
    Shadowuser Pro costs about 70 bucks, Deepfreeze about 29 bucks, Shadowsurfer is 29 bucks also.

    I use Shadowuser Pro with Processguard.

    You could use Deepfreeze with PG also but they make their own program. Used to be called FreezeX is something like Anti-Executable, which saves you during thawed state.

    I tried Shadowsurfer & didn't like being limited to only being in or out of shadowmode. I do not like the limitations of Deepfreeze standard either, which are either frozen or thawed.

    Untill they offer the Single User Pro version of Deepfreeze, I will stay with Shadowuser.

    Some say Deepfreeze works at a lower level then Shadowuser.

    I have not heard any hacking of Shadowuser as of yet.

    You could try DriveVaccine. I have not tried that one yet.

    I do know the DriveVaccine makers also make a computer monitoring program, with all the goodies such as keylogger.

    Like everything else it boils down to user preferences.

    You can shut either down with DSC's process mangler.


    controler
     
  25. Vikorr

    Vikorr Registered Member

    Joined:
    May 1, 2005
    Posts:
    662
    With Deepfreeze, how do you partition a drive, so that you can move your mail etc to there ?
     
Thread Status:
Not open for further replies.