Faronics DeepFreeze

Discussion in 'sandboxing & virtualization' started by ace55, Apr 10, 2010.

Thread Status:
Not open for further replies.
  1. ace55

    ace55 Registered Member

    Joined:
    Mar 29, 2010
    Posts:
    91
    Hello all,

    I recall reading a thread here at Wilders from a few years ago, claiming that DeepFreeze did not protect the MBR and was thus inferior to other virtualization solutions.

    In addition, some googling turned up this page ( http://www.velocityreviews.com/forums/t307362-faronics-deep-freeze-losing-the-security-war.html ), detailing some previous failings of Faronics to fix vulnerabilities in DeepFreeze in a timely fashion, although presumably all is good now.

    I am curious if anyone has used DeepFreeze lately. I see it is compatible with Windows 7 and 64 bit as well. I gave it a spin on a test machine, and it appeared to work well enough, even if it is a bit simplistic. It also left a .sys device driver on the root of my C: drive, which was visible but restricted from my access. Sloppy of them.

    Any thoughts on its security, or if it uses disk or ram to cache changes during a given "frozen" session?
     
  2. Boost

    Boost Registered Member

    Joined:
    Feb 2, 2007
    Posts:
    1,293
    I've used Deep Freeze and am currently using it and have NEVER had an issue with malware or any other issue with this software :thumb:

    I know a guy who personally ran it for 9 years without any issues ;)
     
  3. Boost

    Boost Registered Member

    Joined:
    Feb 2, 2007
    Posts:
    1,293
  4. SIR****TMG

    SIR****TMG Registered Member

    Joined:
    May 31, 2004
    Posts:
    757
    I have used it for 7 years and no problems
     
  5. Osaban

    Osaban Registered Member

    Joined:
    Apr 11, 2005
    Posts:
    4,213
  6. jmonge

    jmonge Registered Member

    Joined:
    Mar 20, 2008
    Posts:
    12,883
    Location:
    Canada
    is DeepFreeze free software?
     
  7. Boost

    Boost Registered Member

    Joined:
    Feb 2, 2007
    Posts:
    1,293
    No slowdown at all,dont even notice it.
     
  8. Boost

    Boost Registered Member

    Joined:
    Feb 2, 2007
    Posts:
    1,293
  9. Lebowsky

    Lebowsky Registered Member

    Joined:
    Dec 3, 2004
    Posts:
    161
    Hi Boost, that has tweaked my curiosity.
    I have always recommended DeefFreeze to all of my friends for many years, but 6-7 months ago i discovered a couple of rootkits that could bypass it,
    so i migrated to HIPS and Prevx.
    But DeepFreeze has always functioned smoothly on my systems over the years.
    This MBR protecting program , that + DeepFreeze will be almost bulletproof, right?!
     
  10. jmonge

    jmonge Registered Member

    Joined:
    Mar 20, 2008
    Posts:
    12,883
    Location:
    Canada
    thanks boost;)
     
  11. Lebowsky

    Lebowsky Registered Member

    Joined:
    Dec 3, 2004
    Posts:
    161
    http://www.faronics.com/en/DownloadEvaluationEditions.aspx
     
  12. Boost

    Boost Registered Member

    Joined:
    Feb 2, 2007
    Posts:
    1,293
    Hey,the program protects the MBR,so all a person can do is try it out :D

    I've had no issues with anything,so I'd say give it a go guys :thumb:
     
  13. icr

    icr Registered Member

    Joined:
    Sep 6, 2008
    Posts:
    1,588
    Location:
    Mumbai
    Yeah you are right I once while trying to uninstall DF, it didn't went smoothly and after that I wasn't allowed to installed DF again(installer popped and notified that I had DF already installed on my system:ouch: ).

    From then my system would always be in virtualized mode:blink: o_O So I had to reinstall my OS:cautious:
     
  14. Lebowsky

    Lebowsky Registered Member

    Joined:
    Dec 3, 2004
    Posts:
    161
    Is MBRguard freeware?
     
  15. Boost

    Boost Registered Member

    Joined:
    Feb 2, 2007
    Posts:
    1,293
    Yes :thumb:
     
  16. Noob

    Noob Registered Member

    Joined:
    Nov 6, 2009
    Posts:
    6,468
    My school created a hate on Deep Freeze in me :thumbd: :thumbd:
    Specially because those stupid ~ Snipped as per TOS ~, installed an USB Virus and then added deep freeze on it.

    You know? Deep Freezing a computer with malware so it runs everytime you insert a USB and you cannot delete it because they used Depp Freze :mad: :mad:

    ~ Snipped as per TOS ~ :D Luckily i don't use school USB drives on my machine
     
    Last edited by a moderator: Apr 11, 2010
  17. Lebowsky

    Lebowsky Registered Member

    Joined:
    Dec 3, 2004
    Posts:
    161
    You think somebody did that deliberately?!
     
    Last edited by a moderator: Apr 11, 2010
  18. jmonge

    jmonge Registered Member

    Joined:
    Mar 20, 2008
    Posts:
    12,883
    Location:
    Canada
    thanks boost and Lebowsky for the info:thumb:
     
  19. arran

    arran Registered Member

    Joined:
    Feb 5, 2008
    Posts:
    1,139
    just remember Deep Freeze is only good for a second and final Layer in your security setup it doesn't prevent Malware infections during your actual computer session.
    For example you are online for several hours during this time you get a key logger and you log into online banking before you do a reboot. If I was using deep freeze I would also have an anti executable program. an anti executable
    would also protect your MBR.
     
  20. Boost

    Boost Registered Member

    Joined:
    Feb 2, 2007
    Posts:
    1,293
    Correct :thumb:

    No worries here!
     
  21. Osaban

    Osaban Registered Member

    Joined:
    Apr 11, 2005
    Posts:
    4,213
    Even though some virtualizers will protect the MBR, it doesn't necessarily mean that this protection might be effective against new variants. Boost's suggestion might be something specifically designed to stop anything affecting the MBR, but it is also true that any antivirus will stop any known malware attacking the MBR.

    Luckily malware writers don't seem interested in writing malicious code for virtual systems due to their relative small numbers. Returnil has implemented antivirus protection for this very reason, even Faronics will introduce dedicated antivirus protection to Deepfreeze coming soon in May. Faronics Anti-Executable is also an awesome protection, unfortunately it is a bit fastidious as sometimes it blocks from executing some Windows internal processes, and your are left searching for which process has been blocked by AE (some programs will not run with AE installed).

    So in the end if one is really paranoid, running a good AV with DeepFreeze (or perhaps using Boost's suggestion) should really be more than adequate. My wife has been using ShadowUser Pro (another virtualizer) for 3 years without any active AV. SU doesn't protect against MBR attacks and she has never been infected with anything. I forgot to mention: I have used DeepFreeze on and off for 2 years and it has always worked perfectly; the only reason I stopped using it is that one can't save anything from the frozen session, a feature that would make some of my research work too time consuming.
     
  22. ratwing

    ratwing Guest

    Do Returnil or ShadowDefender protect the MBR?

    thanks,
    Rat
     
  23. Boost

    Boost Registered Member

    Joined:
    Feb 2, 2007
    Posts:
    1,293
  24. Osaban

    Osaban Registered Member

    Joined:
    Apr 11, 2005
    Posts:
    4,213
    Returnil for sure (it has an AV incorporated), Shadow Defender also protects from known MBR malware, but as I mentioned new variants, even though very rare, might be effective. In the rare event that Shadow Defender was bypassed, I would restore an image of my system.
     
  25. ratwing

    ratwing Guest

    Thanks Boost & Osaban!
     
Thread Status:
Not open for further replies.