Hi,

Anyone heard of this or even tried it?

http://www.privacyware.com/dynamic_security_agent.html

They say :
Signature-less, Zero-hour Desktop and Server Defense!

For the ones who stick with AV and nevertheless want to have a proactive protection, could it be an apropriate answer?

http://www.wilderssecurity.com/showthread.php?t=134114&highlight=dynamic+security+agent

Sorry, I should have checked first.

Anyway cheers mate

According to the message thread, the program will work alongside other firewalls and AV without problems and also serve as outbound protection if you retained the Windows XP firewall alongside it. So this Intrustion/Detection program has some firewall functionality included and the leaktest results appear promising.

-{ Quote: "According to the message thread, the program will work alongside other firewalls and AV without problems and also serve as outbound protection if you retained the Windows XP firewall alongside it. So this Intrustion/Detection program has some firewall functionality included and the leaktest results appear promising." }-


hi ccsito,where can i see the result on leaktests.i'm trialling alongside with SSM free.so far they work well together.i use them together to see which prog respond faster.but DSA had a outbound protection.one thing is there are not much for users to configure or play with.

sorry,btw what is the pfsvc.exe for?do i need to start it with DSA

-{ Quote: "sorry,btw what is the pfsvc.exe for?do i need to start it with DSA" }-


Is this it? http://www.fbmsoftware.com/spyware-net/process/pfsvc_exe/2956/

-{ Quote: "Is this it? http://www.fbmsoftware.com/spyware-net/process/pfsvc_exe/2956/" }-


Omniquad??? i do not have this software installed.the 'pfsvc.exe' file came with the installation of DSA.it should be part of it.is it a updater or what.as it shut itself down after a few sec when i try to exe it to see what happen

-{ Quote: "hi ccsito,where can i see the result on leaktests.i'm trialling alongside with SSM free.so far they work well together.i use them together to see which prog respond faster.but DSA had a outbound protection.one thing is there are not much for users to configure or play with." }-

Another tester said the program passed many leak tests (the poster was thatman). See message number 46 in this thread.

http://www.wilderssecurity.com/showthread.php?t=134114

From another thread in that same post.

-{ Quote: "Installed it on xp home and no problems so far. DSA.exe running at 13,140k + pfsvc using another 4,456k." }-

There are two componets of DSA. If you have any questions, I would refer them to the Privacyware.com help website.

so what does the pfsvc.exe in DSA do?can anyone answer this?does it need to be running.it just start to runn for afew second and closed down itself when i double click it.

I don't use the program so cannot reply to your question regarding pfsvc.exe. My guess is that pfsvc stands for personal firewall service. The program has elements of a firewall as part of the overall HIPS features. For the definitive answer, you should direct the question to

Chris Iannicello
Privacyware - DSA Product Manager

who is the representative for the software company. You should be able to email him through their support forum:

http://www.privacyware.com/support_ticket.html

Here is an excerpt from the DSA representative on DSA.

-{ Quote: "While DSA is "an ideal complement to conventional virus and spyware scanning software as well as personal and server firewall applications", it does also include many of the core features that one would associate with a typical client firewall. If you have a personal firewall that you prefer, DSA will likely work alongside it without conflict. There are two exceptions that we have recently addressed; Panda AV/Anti-Spyware 5.x and Agnitum Outpost Firewall 3.5x. With the latest DSA release, we have introduced a fix that enables these applications, plus any others that we may not be aware of, co-exist in the same environment. If during installation, DSA detects a firewall application for which it conflicts, DSA will install all components except the conflicting driver. Therefore, whatever personal firewall you had installed originally (and presumably prefer), will provide such capabilities. DSA will enhance that firewall with the anomaly detection and process monitoring layers. If you are not married to any particular personal firewall, we suggest Privacyware Privatefirewall 5.0 in which DSA will be fully integrated and available in the coming several weeks.

In addition to its behavioral layers of security, DSA also includes inbound/outbound packet filtering as well as port protection so it can be considered a firewall. That is why Windows XP Security Center detects it as such. However, DSA does have limited configuration capability compared to traditional client firewalls, including our own Privatefirewall 4.0. So despite the possibility of some functionality overlap, DSA is designed to either work with client firewalls and av/as scanners, or as a stand-alone behavioral/ips defense layer" }-

thanks ccsito,

now i know why it just shut itself down as i had comodo installed on my pc.

Thx all,

I was looking for a low pop-up not noisy application /out-bound firewall.

I have disabled the system detection and email anomoly. I agree with previous posters it does not make much sence. I have told Antivir to accept the psfscv (it rates it as malware).

Pro's: Easy to train application monitor (because of the defaults it detects)
Con's: For some one like me who think usibility is important, I had to do too much fiddling with SSA and Antivir.

Antivir + CyberHawk + DSA + DefenseWall work well on my wife's PC without throwing any pop-ups. So there is a reasonable security protection with no user intervention (except when exceptions/anomolies occur, but she knows to choose block/do not allow).

From useability/user freindlines aspect DSA is just a bit too fuzzy (own components are recognised as malware by other aps), but all and all I will give it try.

Some tests:

- TrojanDemo (BufferZone) = pass
- TrojanSimulator = pass
- Comodo leak test = pass
- WalBreaker = pass
- MBtest = pass
- Jumper = pass
- DNStester = fail the DNS round test, passed to prevent the test result to be shown

Not bad, considering that most respected firewalls have problems with these tests.

-{ Quote: "Some tests:

- TrojanDemo (BufferZone) = pass
- TrojanSimulator = pass
- Comodo leak test = pass
- WalBreaker = pass
- MBtest = pass
- Jumper = pass
- DNStester = fail the DNS round test, passed to prevent the test result to be shown

Not bad, considering that most respected firewalls have problems with these tests." }-

Not bad at all, and for free. Going to have to look at this one again.

i'm testing it right now.it less configurable ,it does not show what it protect for example registries keys.at least SSM show you.i think it more of a set and forget.

The program messages don't appear to be as comprehensive as other HIPS programs from what I read on the user manual. I think it was meant to be more of a simpler interface with the user unlike other HIPS programs. It did receive very good opinions from the users at Download.com

Thanks for reminding about this one. I noticed the earlier thread about it here this summer but then forgot about it.
It does run nicely with Prevx1, Drweb, Comodo, Geswall and FDISR. So far I might add, I´ve had it only for a couple of hours. I am intrigued by the "System anomaly detection"

-{ Quote: "i'm testing it right now.it less configurable ,it does not show what it protect for example registries keys.at least SSM show you.i think it more of a set and forget." }-

SSM is a much more granular application.

-{ Quote: "The program messages don't appear to be as comprehensive as other HIPS programs from what I read on the user manual. I think it was meant to be more of a simpler interface with the user unlike other HIPS programs. It did receive very good opinions from the users at Download.com" }-

That is how I see DSA as a simple PG, pictured on a scale from simple to granular:
DSA ------->PG --------> AntiHook -> SSM

-{ Quote: "Thanks for reminding about this one. I noticed the earlier thread about it here this summer but then forgot about it.
It does run nicely with Prevx1, Drweb, Comodo, Geswall and FDISR. So far I might add, I´ve had it only for a couple of hours. I am intrigued by the "System anomaly detection"" }-

Be prepared to throw away a DVD or CD when you first burn one. Because the processor capacity is so taken by this process, DSA thinks something bad is happening. I have disabled this feauture.

DSA is great. I was playing with it a while ago, and for some reason forgot about it.

Yep, Devils's Advocate

But then you have the knowledge to control it. :)

okay i remember why i don't like it.

:thumbd:

From the real Devil's Advocate:

You can look, but can not touch

You can touch, but can not smell

You can smell, but can not taste

You can taste, but can not swallow

So why this sudden change: dit DSA taste bad?

I installed it today and find it very good, light in ressources.
Passed many leaktests. As I am behind a router, the outbound cheking is important.
The only strange thing that happens is that I cannot ping a IP adress outside the LAN. Surfing is OK.
Is a bit annoying.

Just read about this in a current thread on the best realtime malware/antispyware apps and wondered if anyone has tried it lately. Between this and other threads on it, and the website, it seems like a better alternative than Cyberhawk. I was thinking it would be good with AVG ISS as an extra layer of defense, without any conflicts.

Windows Security Center is detecting DSA as a firewall. Still I'm using it with COMODO Free Firewall, Arovax Shield, AVG Anti-Virus/-Spyware 7.5. Everything OK so far.

Best regards,
Firefighter!

Thanks Firefighter. Also, does it have an undo feature like Cyberhawk does in case you make a change you shouldn't have and need to restore it?

-{ Quote: "Windows Security Center is detecting DSA as a firewall. Still I'm using it with COMODO Free Firewall, Arovax Shield, AVG Anti-Virus/-Spyware 7.5. Everything OK so far.

Best regards,
Firefighter!" }-

Is Comodo also listed as a firewall on the Windows Security Center since you are running with both?

-{ Quote: "Thanks Firefighter. Also, does it have an undo feature like Cyberhawk does in case you make a change you shouldn't have and need to restore it?" }-

DSA's configuration doesn't allow you to "Undo" a change per se, but it does allow you to quarantine files or processes, then later take them out of quarantine if you decide the file is legitimate - so, the function basically serves the same purpose. I have used DSA for quite a while, and have found it many times more stable than Cyberhawk, at least on my own system (running alongside NOD32 & Kerio 4.x firewall). I think it is at least as comprehensive as Cyberhawk - and in my opinion (for what it's worth), even more so. It covers a lot of security areas, some of which even PG & SSM don't cover. I know there are many who wish it had more granular controls, but that is one of the purposes of this program - to provide superb protection without all of the prompts and hassles of "noisy" programs. The program itself does more than what is listed on the DSA website. Like I have said in other posts, it boils down to one's personal preference. For me, I like the fact that it sits in the background and does it's job without bugging me about every little thing, yet uses very little resources (runs a little over 3MB on my system). I would heartily recommend the program to anybody who wants great security without all the typical HIPS hassle.

So far, I like this util a lot. However, it's a little quirky in how it applies security settings to internet/file requests. If you open a program like iTunes with the Multiplugin installed, it will ask you if you want to allow access to the plugin:

-{ Quote: "An attempt to access to a protected file object has been detected.
File Path: C:\Program Files\iTunes\Plug-ins\MPlugin.dll " }-

If you select Allow and check "remember this setting", it won't show a popup for the internet requests (program and podcast update.) If you don't check "remember this setting" you will get popups for the internet requests as well. The checkbox should only apply to one type of alert.

I can't get the Privacyware network service to run either. I don't have a firewall installed.

I like it.16MB RAM here and 0-1% CPU (on Athlon x2 3800+).No problems enountered yet and seems to do its job and a bit more silently than usual HIPS.