Kees1958
January 25th, 2009, 03:42 PM
Dear all,
I finally got internet protection working with GeSWall (2.8.3. still dumps when testing Comodo Leak Tests running untrusted).
Pitty the untrusted file control issue is not solved yet. But GW also has advantages.
Currently running GeSWall in high protection, disabled all the warnings, set protection to auto terminate.
Am using Chrome with the following extra rules (GW default rules let Chrome function properly)
D:\ File Read Only [this is my data partition]
D:\Downloads File Allow [this is my download directory withing Chrome]
D:\TEMP File Allow [this is my default Temporary directory withing Windows]
HKEY_CURRENT_USER\ Registry Redirect [virtualise all HKU keys!]
HKEY_CURRENT_USER\Software\Google Registry Allow [to save settings]
Other extra's
C:\WINDOWS\system32\USB001 File Allow [to solve printing problems, beter than redirecting or allowing named pipe lssas]
* Network Allow [to grant Chrome internet Access]
So now I am browsing using Chrome's internal sandbox (of the rendering engine) and I am tightening access to data and registry of Chrome on top of that.
==> Registry is virtualised
==> Only file access allowed to D:\Downloads and temp directory
GeSWall tip
Note (this extra is provided by DefenseWall out of the box):
- I have set my Outlook Express directories containing the (*.dbx files) emails to confidential and allowed Outlook Access full access rights
- same for WAB (Windows Address Book)
==> other untrused processes are not allowed to access my e-mail and addresses
I run this together with Avira (smart list check at write only) and Online Armor (firewall de-installed, because I am behind FW/Router, also the allow when unknow program runs disabled) in Dutch (free version). Oasrv uses a lotmore CPU compared to Malware Defender, but like the way OA dealt with latest worm (thanks to Aigle's post). EDIT, added all those HKU registr entries as confidential (plus added the last one to Outlook Express to allow), entries mentioned in http://www.wilderssecurity.com/showpost.php?p=1392138&postcount=220
Crispy and Safe setup (with only GeSWall and Avira write check)
Cheers
I finally got internet protection working with GeSWall (2.8.3. still dumps when testing Comodo Leak Tests running untrusted).
Pitty the untrusted file control issue is not solved yet. But GW also has advantages.
Currently running GeSWall in high protection, disabled all the warnings, set protection to auto terminate.
Am using Chrome with the following extra rules (GW default rules let Chrome function properly)
D:\ File Read Only [this is my data partition]
D:\Downloads File Allow [this is my download directory withing Chrome]
D:\TEMP File Allow [this is my default Temporary directory withing Windows]
HKEY_CURRENT_USER\ Registry Redirect [virtualise all HKU keys!]
HKEY_CURRENT_USER\Software\Google Registry Allow [to save settings]
Other extra's
C:\WINDOWS\system32\USB001 File Allow [to solve printing problems, beter than redirecting or allowing named pipe lssas]
* Network Allow [to grant Chrome internet Access]
So now I am browsing using Chrome's internal sandbox (of the rendering engine) and I am tightening access to data and registry of Chrome on top of that.
==> Registry is virtualised
==> Only file access allowed to D:\Downloads and temp directory
GeSWall tip
Note (this extra is provided by DefenseWall out of the box):
- I have set my Outlook Express directories containing the (*.dbx files) emails to confidential and allowed Outlook Access full access rights
- same for WAB (Windows Address Book)
==> other untrused processes are not allowed to access my e-mail and addresses
I run this together with Avira (smart list check at write only) and Online Armor (firewall de-installed, because I am behind FW/Router, also the allow when unknow program runs disabled) in Dutch (free version). Oasrv uses a lotmore CPU compared to Malware Defender, but like the way OA dealt with latest worm (thanks to Aigle's post). EDIT, added all those HKU registr entries as confidential (plus added the last one to Outlook Express to allow), entries mentioned in http://www.wilderssecurity.com/showpost.php?p=1392138&postcount=220
Crispy and Safe setup (with only GeSWall and Avira write check)
Cheers