RE: Deep Freeze + workstation security books

From: Petr.Kazil@eap.nl
Date: Sun Feb 12 2006 - 07:29:51 EST

• Next message: Petr.Kazil@eap.nl: "Re: Spyware assessment techniques - hub?"
• Previous message: Mike Gilligan: "pushing exploits through the Firewall"
• In reply to: Mauricio Montenegro: "RE: Deep Freeze"
• Next in thread: Ben Koren: "Re: Deep Freeze"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

> Hi, well I used to manage a small cafe which used Deep Freeze so every
time
> you restart the computer it rollsback into the state you set it on. It
can
> be easely turned off by restarting the computer and removing it from the

> startup on msconfig. Overall for cafes, its a very good program.

A well known hardware solution which has a good press is the "reborn
card":
http://www.reborn.com.au/about.htm

I heard a few rumours that some students were able to bypass the security
by hacking the windows registry, but I never tried it myself. I'm very
curious about any experiences people have with this kind of security. At
the moment I try to read a lot on workstation security, because it's a
rather neglected subject.

Two good books are:

Secrets of Computer Espionage: Tactics and Countermeasures
A very comprehensive book on all kinds of attack techniques.

Cyber Spying: Tracking Your Family's (Sometimes) Secret Online Lives
Some basic, but effective techniques and a few brilliant tips (like
installing a normal webserver as a backdoor, because it gives access to
all files on the PC but is not detected by virus/spyware checkers).
Minus point: a lot of rather boring text on the morals of cyber spying.

If you have more pointers to good information on "workstation hacking"
(with physical access), please post them.

Greetings, Petr Kazil

------------------------------------------------------------------------------
Audit your website security with Acunetix Web Vulnerability Scanner:

Hackers are concentrating their efforts on attacking applications on your
website. Up to 75% of cyber attacks are launched on shopping carts, forms,
login pages, dynamic content etc. Firewalls, SSL and locked-down servers are
futile against web application hacking. Check your website for vulnerabilities
to SQL injection, Cross site scripting and other web attacks before hackers do!
Download Trial at:

http://www.securityfocus.com/sponsor/pen-test_050831
-------------------------------------------------------------------------------

• Next message: Petr.Kazil@eap.nl: "Re: Spyware assessment techniques - hub?"
• Previous message: Mike Gilligan: "pushing exploits through the Firewall"
• In reply to: Mauricio Montenegro: "RE: Deep Freeze"
• Next in thread: Ben Koren: "Re: Deep Freeze"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:55:30 EDT