<div dir="ltr">I just stumbled across this page from Faronics. It was relevant to this thread.<div><br></div><div>The first item on the list was an obvious one that I hadn't really thought much about, but it totally makes sense! It's probably worth it to go around to each computer and delete the restore points.<br>
<div><br></div><div><a href="http://support.faronics.com/Knowledgebase/Article/View/327/8/what-are-the-best-practices-for-securing-a-workstation-with-deep-freeze">http://support.faronics.com/Knowledgebase/Article/View/327/8/what-are-the-best-practices-for-securing-a-workstation-with-deep-freeze</a><br>
</div><div><br></div></div></div><div class="gmail_extra"><br clear="all"><div>______________________________<br><b>Chad Neeper</b><br><font size="1">Senior Systems Engineer</font><br><br><b>Level 9 Networks</b><br><font size="1">740-548-8070 (voice)<br>
866-214-6607 (fax)</font><br><br><font size="1"><i>Full LAN/WAN consulting services -- Specialized in libraries and schools</i></font><br></div>
<br><br><div class="gmail_quote">On Wed, Nov 20, 2013 at 1:11 PM, Ed Liddle <span dir="ltr"><<a href="mailto:eliddle@marysvillelib.org" target="_blank">eliddle@marysvillelib.org</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
<div lang="EN-US" link="#0563C1" vlink="#954F72">
<div style="direction:ltr;font-size:10pt;font-family:Tahoma"><br>
<div>Here is the link.<br>
<a href="http://blogs.computerworld.com/the_down_side_of_hard_drive_passwords" target="_blank">http://blogs.computerworld.com/the_down_side_of_hard_drive_passwords</a>
<br><div class="im">
<div style="font-family:Tahoma;font-size:13px">
<div><font>
<div>-Ed Liddle <br>
<br>
Marysville Public Library<br>
<a href="http://marysvillelib.org" target="_blank">http://marysvillelib.org</a> </div>
</font></div>
</div>
</div></div>
<div style="font-size:16px;font-family:Times New Roman">
<hr>
<div style="direction:ltr"><font color="#000000" face="Tahoma"><b>From:</b> Ed Liddle<br>
<b>Sent:</b> Wednesday, November 20, 2013 1:10 PM<br>
<b>To:</b> Mike Hensel; <a href="mailto:oplintech@lists.oplin.org" target="_blank">oplintech@lists.oplin.org</a><div class="im"><br>
<b>Subject:</b> RE: [OPLINTECH] Potential Computer Vandalism<br>
</div></font><br>
</div><div><div class="h5">
<div></div>
<div>
<div style="direction:ltr;font-size:10pt;font-family:Tahoma">There isn't much that can be done with a hard drive when a password is set on it unless you know the password. I did find some more detailed information about it here that may be
useful. Its an older post but I suspect the info is still relevant. <br>
<br>
<div><br>
<div style="font-family:Tahoma;font-size:13px">
<div><font>
<div>-Ed Liddle <br>
<br>
Marysville Public Library<br>
<a href="http://marysvillelib.org" target="_blank">http://marysvillelib.org</a> </div>
</font></div>
</div>
</div>
<div style="font-size:16px;font-family:Times New Roman">
<hr>
<div style="direction:ltr"><font color="#000000" face="Tahoma"><b>From:</b> <a href="mailto:oplintech-bounces@lists.oplin.org" target="_blank">oplintech-bounces@lists.oplin.org</a> [<a href="mailto:oplintech-bounces@lists.oplin.org" target="_blank">oplintech-bounces@lists.oplin.org</a>] on behalf of Mike Hensel [<a href="mailto:henselmi@oplin.org" target="_blank">henselmi@oplin.org</a>]<br>
<b>Sent:</b> Wednesday, November 20, 2013 9:20 AM<br>
<b>To:</b> <a href="mailto:oplintech@lists.oplin.org" target="_blank">oplintech@lists.oplin.org</a><br>
<b>Subject:</b> [OPLINTECH] Potential Computer Vandalism<br>
</font><br>
</div>
<div></div>
<div>
<div>
<p class="MsoNormal">OPLINTech Libraries:</p>
<p class="MsoNormal"> </p>
<p class="MsoNormal">I’ve got a situation where one of my patron computers last week booted up with a Security Manager Screen that basically needed a password to boot from the hard drive. We run DeepFreeze on all of the computers. I eventually had to get
another hard drive sent from Dell. Last night 5 more computers displayed the same message. We lock the computers down with policies as well. I have not seen any virus alerts pop up in Symantec. We run Symantec Endpoint. I don’t believe we had the bios
locked down so the only thing I can think of is someone logged into the bios and setup an password on access to the HD which is leaving our machines dead.
</p>
<p class="MsoNormal"> </p>
<p class="MsoNormal">Has anyone run across this scenario and is there any easy fixes besides getting a new hard drive and rebuilding the machine. I’m trying to determine if it was a local hack (patron at each machine) or virus.</p>
<p class="MsoNormal"> </p>
<p class="MsoNormal">Any help would be appreciated.</p>
<p class="MsoNormal"> </p>
<p class="MsoNormal">Mike Hensel</p>
<p class="MsoNormal">Director, MLIS</p>
<p class="MsoNormal">London Public Library</p>
<p class="MsoNormal">20 E. First Street</p>
<p class="MsoNormal">London, OH 43140</p>
<p class="MsoNormal"><a href="http://UrlBlockedError.aspx" target="_blank">www.mylondonlibrary.org</a></p>
<p class="MsoNormal"><a href="tel:740-852-9543" value="+17408529543" target="_blank">740-852-9543</a></p>
<p class="MsoNormal">Mobile <a href="tel:614-325-1429" value="+16143251429" target="_blank">614-325-1429</a></p>
<p class="MsoNormal"> </p>
</div>
</div>
</div>
</div>
</div>
</div></div></div>
</div>
</div>
<br>_______________________________________________<br>
OPLINTECH mailing list<br>
<a href="mailto:OPLINTECH@lists.oplin.org">OPLINTECH@lists.oplin.org</a><br>
<a href="http://lists.oplin.org/mailman/listinfo/oplintech" target="_blank">http://lists.oplin.org/mailman/listinfo/oplintech</a><br>
Search: <a href="http://oplin.org/techsearch" target="_blank">http://oplin.org/techsearch</a><br>
<br></blockquote></div><br></div>