"OSSS" (Online Solutions Security Suite) 0.8 Beta
http://www.online-solutions.ru/en/common/images/osss/osss_scr01.png

-{ Quote: ""OSSS" (Online Solutions Security Suite) is a complex protection software, that includes:

* Proactive Defense (OSPD) - new generation proactive defence system
* Personal Firewall (OSPF) - extremely powerful personal firewall

"OSSS" provides a complete computer protection against newest hacker attacks, malicious code and rootkits.
" }-

-{ Quote: "The "OSPD" (Online Solutions Proactive Defense) proactive security system provides the integrity of software environment and blocks the activity of known and unknown malicious code in advance.

The security core comprises several technological approaches: HIPS, SandBox, AntiRootkit, AntiSpyware and an antivirus.

The "OSPD" system protects the user's computer from unknown viruses and "Trojan horses" using the advantages of the behavioral analysis technology, but is not limited to it. The behavioral method is based on the analysis of what specifically applications do in the system: some actions may be legitimate and harmless, but their combination in a certain sequence can explicitly point to malicious intentions.

Functional capabilities:

* The "OSPD" kernel is loaded before all other system drivers and takes control of the system from the very start.

* The combination of a behavioral analysis unit with an anti-virus core supporting heuristic analysis and supplied with a large signature base of modern viruses, network and email worms, trojan horses, adware, spyware, dialers and rootkits, allows you to prevent known (or similar to known) malicious code from appearing and being executed on the user's system.

* The solution interacts with the operating system on the lowest level. Malicious code can be hooked on several levels to prevent it from bypassing parts of the defense system.

* Permanent analysis of CPU tables and the structures of the OS kernel. Control of integrity of kernel-mode system modules. Suppression of low-level hooking attempts used in rootkits. Detection and prevention of kernel-mode code execution by undocumented methods.

* Monitoring of installation and usage of system services and drivers. Constant monitoring of process and system drivers hiding.

* Application rules and their flexible configuration options allow you to explicitly restrict the abilities of each program both in terms of interprocess communication and interaction with the operating system. You can create a new rule or a set of rules and assign them to any action. Interprocess communication is monitored and controlled in over 10 different aspects: access to the memory of another process, thread generation in the address space of another process, injection of a new dynamic library, etc.

See also >> integration with a firewall (full control over the system's network activity).

* Control of integrity of all applications that have rules assigned to them. Automatic scanning of suspicious applications for known viruses.

* "OSPD" provides extensive monitoring capabilities and allows you to change the OS parameters that relate to the operation (explicit and implicit) of malicious code. That is why the treatment of an infected computer is possible both in automatic and manual modes (using an expert's help) if the system was infected before proactive defense was installed.

* Control over registry-related operations: autorun, system parameters and security policies.

* Control over the installation and use of ActiveX-objects and browser extensions (BHO).

* Warnings about sites with unwanted content and their blocking during web browsing.

* Prevention of known malicious activities: modification of executable files, saving of network-based virus loaders, DNS changes, modification of Internet Explorer parameters.

* Scanning of your hard drive, memory and any objects (upon user's request) for known viruses. Analysis of suspicious objects in the system.

* Control over own kernel integrity and access to it and all of its components. Protection of internal data structures and communication between their separate parts.

* Event logging system. The system allows you to analyze the actions of specific applications in the system.

Compatibility:

* Microsoft Windows 2000
* Microsoft Windows XP
* Microsoft Windows XP x64
* Microsoft Windows 2003
* Microsoft Windows 2003 x64
* Microsoft Windows Vista
* Microsoft Windows Vista x64
" }-

More info, download and screens:

http://www.online-solutions.ru/en/osss_security_suite.php
http://www.online-solutions.ru/en/ospd_proactive_defense.php
http://www.online-solutions.ru/en/ospf_personal_firewall.php
http://forum.online-solutions.ru/viewforum.php?f=6

Why is it called a suite, if it only has a firewall and HIPS component ??

Wonder exactly how this is "new generation" I love how someone re invents the wheel, and calls it brand new technology.

looks interesting

It looks very similar to the current firewall solutions like Comodo, Online Armor and others. Nothing special, no innovations.

And it doesn't work with DefenseWall installed. At all.

-{ Quote: "Wonder exactly how this is "new generation" I love how someone re invents the wheel, and calls it brand new technology." }-
:thumb: :thumb: :thumb:

-{ Quote: "It looks very similar to the current firewall solutions like Comodo, Online Armor and others. Nothing special, no innovations." }-
Nothing to comment here. I think you didn't tested it on real-bypass technics used in modern itw-malware (for latest six monthes, for example).

-{ Quote: "And it doesn't work with DefenseWall installed. At all." }-
The reason of the problem - DefenseWall and it manipulation with processes starting (Service is killed by services.exe, if DW is started before). Anyway, today we resolved this problem and you can get new build of installation package.

Thank you for report and other information!

It doesn't install on my XP Pro SP3 updated. It says that the kernel of my system is not compatible with OSSS. I tried to install OSSS after I uninstalled my security softwares and cleaned the system. May be that the problem is Vista Inspirat BricoPacks ? But BricoPacks runs with every other HIPS and security suite...

-{ Quote: "It doesn't install on my XP Pro SP3 updated. It says that the kernel of my system is not compatible with OSSS. I tried to install OSSS after I uninstalled my security softwares and cleaned the system. May be that the problem is Vista Inspirat BricoPacks ? But BricoPacks runs with every other HIPS and security suite..." }-
Navy, if you already uploaded your kernels following this manual (http://www.online-solutions.ru/en/kernels.php), then you need to get a new build of installation package (where your kernels are taken into account). We uploaded a new build of installation package today (19.03.2009) to our site at 20:50 (GMT+03). Please check it and say how it is. Thank you!

nice GUI i like it

-{ Quote: "I think you didn't tested it on real-bypass technics used in modern itw-malware (for latest six monthes, for example)" }-
No, I didn't. You see, I was talking not about bypass techniques, I was talking about basic architecture. It's outdated.

And, from the user's point of view, there is no difference between Comodo and OSSS. Stop to think as a developer.

-{ Quote: "Navy, if you already uploaded your kernels following this manual (http://www.online-solutions.ru/en/kernels.php), then you need to get a new build of installation package (where your kernels are taken into account). We uploaded a new build of installation package today (19.03.2009) to our site at 20:50 (GMT+03). Please check it and say how it is. Thank you!" }-


interesting ! I follow steps and done ! Kernetchecker said OSSS supported now ! And then downloaded the lastest version but still not working for my system ???? >:( WHY ????? :dry:

Compatibility is actually as follows:

-{ Quote: "Compatibility:
Microsoft Windows XP
Microsoft Windows 2003

The company is currently working on providing full support of these operating systems:
Microsoft Windows 2000
Microsoft Windows XP x64
Microsoft Windows 2003 x64
Microsoft Windows Vista x86/x64
Microsoft Windows 2008 x86/x64
Microsoft Windows 7 x86/x64 " }-

-{ Quote: "You see, I was talking not about bypass techniques, I was talking about basic architecture. It's outdated." }-
How you can talk "about basic architecture" if you didn't see anything regarding software? (Excepting installation process, of course).

-{ Quote: "And, from the user's point of view, there is no difference between Comodo and OSSS. Stop to think as a developer." }-
There is a very big difference between OSSS and Comodo (just for example; from your quote), and tests on ITW will say more for you. It's "just" a powerful kernel for future work. What you will add later to this basis - it's not important, if you have a good basis. But if you have a bad basis, there is no difference what kind of "roof" you will try to attach. This building will collapse.

As user's point -- I know about what you talking -- you don't know a plans and feature list of OS company to know exactly what we do and what we will release in near future (for users, who don't want to know WHAT is going on their computers, just want to be PROTECTED, and don't be bothered).

Future will say who was right. ;)

-{ Quote: "interesting ! I follow steps and done ! Kernetchecker said OSSS supported now ! And then downloaded the lastest version but still not working for my system ???? >:( WHY ????? :dry:" }-
It's very strange, we need to analyze this case. (Probably, there is some desynchronization between KernelChecker's data and data put into installation package).

Could you send to us by attach by mail (or upload to any free web-service) two files from your OS?
%SystemRoot%\system32\win32k.sys
%SystemRoot%\system32\ntoskrnl.exe

E-mail: tsdep@online-solutions.ru

Thank you for you report!

Hi,

I've taken a look at when OSAM was advertised on Sysinternals board last year (in Russian), and i it appeared to me that these soft were promising (as often "with made in Russia" softwares).
I concede to be quite disappointed by hostile welcome comments.
The presentation of the soft on the web site is honest (like Softsphere, Sandboxie etc), and there is no pretentious/bling bling marketing, or worse, non honest marketing as it is the case with PrevX (as said the song of Simple Minds: " promise me a miracle... la la la " ).
Of course it would be a joke to talk about new kind of product and technology: such product (System Expert HIPS is the pro terminology for behavioural based HIPS like OSSS) exist since the early 2000's (and even before if we take into consideration Invircible).
I suggest to take a look at my old blog via a google search: http://www.google.de/search?client=firefox-a&rls=org.mozilla%3Aen-US%3Aofficial&channel=s&hl=de&q=KARELDJAG+HIPS&meta=&btnG=Google-Suche
And for more information the overview done for Kaspersky by Alicia : http://www.viruslist.com/en/analysis?pubid=204791972

There's no need to test it against recent "in the wild malware": i have no doubt that it passes minimum 80% of the benchmark test methodology done for DefenseWall.
But like most antimalwares (HIPS, AV, Antimalware Suite), it might be vulnerable to doc format malwares, browser based malwares (client/server side like web worms for instance), and of course non-OS dependent "malwares"/threats (boot/vm/bios/firmware rootkit, hardware keylogger for instance.
But the main problem as i said in the viruslist article is still the user.
There is not the user on a side and the computer/line defense on the other side: both are involved in the same security process.
The AV industry has understood since a long time that it's better to release very easy to use soft, even with colander like/ineffective protection; in order to reach a viable and profitable business model (the black list and signature/pattern file concept require the need of a new license every year).
More than any other security soft, firewall included, System Expert HIPS like OSSS (or Antihook, OA, MD, Micropoint and co) rely to the configuration and final cut/decision (answer to pop up alerts) of the user.
Unfortunately, the average user is ready to make efforts in learning the abc of Emule and P2P, but not to learn the abc of the registry and malware's behaviours.
Therefore, the efficiency of system expert HIPS is user's knowledge and experience dependent.
And power/advanced/expert users may represent only 5% of internet users.
Even if this kind of HIPS has some future in the corporate environment (Landesk seems to be a sucess : http://www.landesk.com/products/securitysuite/index.aspx ), i really doubt of it in the home environment.
The knowledge required to use it, the pop up fatigue, the possible evolution of Windows to kernel virtualization (Midori), and the cemetery of discontinued HIPS like Viguard or SSM...all these arguments let me quite pessimistic about the future of system expert HIPS in general and OSSS in particular.
More than white list HIPS which are only suited in restrictive environments, i am convinced that Sandbox/virtualisation HIPS have the best chance to continue their life-cycle.
And Ilya, Tzuk and co can find a confirmation that they have taken the right approach (well balanced with ease of use and efficiency) with the introduction of some leaders in such "technology":
Microsoft OS and future browser: http://www.osnews.com/story/20349/Microsoft_Unveils_Windows_Cloud_Confirms_Midori
http://www.osnews.com/story/21120/Microsoft_s_Next_Browser_To_Be_Based_on_Gazelle_
Symantec: http://www.csoonline.com/article/476317/Symantec_Gets_Good_Vibes_from_Virtual_Browser

But there is also reasons for HOPE: the success of Comodo prove that it is possible, the evolution of PrevX to an hybrid technology (+ in the cloud approach) prove that there is other ways to follow, and most of all...LADA is still alive isn't it!
In all case best wishes for OSSS.

ps: Ilya: there's no need to use DW with OSSS or any other HIPS: its effectiveness makes it highly sufficient by itself!

Rgds

The problem with almost all the security software nowadays is not the technology they use but the fact that they display informations that have no sense for a great % of the pc users. The greatest technology that they can invent will be the one that will trigger pop ups when necessary and will explain
the danger to the user in a way that can make the right decision without the need of experience or knowledge. This is what we need...
So if a hips can make its language understandable to the common person I don't see why should not be a valid solution in the future.

The quoted statement below demonstrates that the guys that have created OSSS seem to go almost to the right direction...and yes future will always tell the truth. So for me as a consumer...having another option for my security can be only positive.

-{ Quote: "
As user's point -- I know about what you talking -- you don't know a plans and feature list of OS company to know exactly what we do and what we will release in near future (for users, who don't want to know WHAT is going on their computers, just want to be PROTECTED, and don't be bothered).

Future will say who was right. ;)" }-

cool coments:thumb:

-{ Quote: "ps: Ilya: there's no need to use DW with OSSS or any other HIPS: its effectiveness makes it highly sufficient by itself!" }-
Yes, I know, I just installed it on my test virtual computer where I usually test malicious modules under sandbox restrictions and had the issue. Usually, I always report about problems in security software to its vendors they could improve their products.

Problem of desynchronization between KernelChecker and installation package is fixed. We have renewed the installation package (updated: 20.03.2009 13:15 GMT+03). All guys, who got the message "Kernel is not compatible" while installing software, but KernelChecker wrote that "kernel is compatible", now can use fixed installation package.

Also, please do not send kernel files directly to us by e-mail, please use KernelChecker instead (http://www.online-solutions.ru/en/kernels.php). (Now all will be OK).

Thanks for reports!

UPDATE. New kernels added. Installation package is updated:20.03.2009 14:20 (GMT+03).

-{ Quote: "Navy, if you already uploaded your kernels following this manual (http://www.online-solutions.ru/en/kernels.php), then you need to get a new build of installation package (where your kernels are taken into account). We uploaded a new build of installation package today (19.03.2009) to our site at 20:50 (GMT+03). Please check it and say how it is. Thank you!" }-

" please recheck for OSSS installation package update in several hours.

For guys, who already installed OSSS (today build only; previous builds are OK), it's recommened to re-install (uninstall previoud build and install a new one). We fixed one problem with resources that may affect on several descriptions and messages (in the previous build they can appear as empty strings, empty descriptions or some of messages were mixed and so on).

Sorry.

New build: 20.03.2009 17:00 GMT+03

P.S. This update is only for resources bug-fix, no new kernels added. Working on.

-{ Quote: "please recheck for OSSS installation package update in several hours." }-
If you uploaded kernels some hours ago, please check new installation package from the site. Your kernel must be added already. Please say how it is - success or not. Thank you.

-{ Quote: "If you uploaded kernels some hours ago, please check new installation package from the site. Your kernel must be added already. Please say how it is - success or not. Thank you." }-

yeah , new package is working on my XP sp3 , didnt try on my vista SP1, another question Proactive Defense setting just can choice learning mode or allow all , no other choice & why ?

thanks

-{ Quote: "If you uploaded kernels some hours ago, please check new installation package from the site. Your kernel must be added already. Please say how it is - success or not. Thank you." }-

I checked a quarter before posting the result. I'll wait for next update. ;)

-{ Quote: "I checked a quarter before posting the result. I'll wait for next update. ;)" }-

Same result.;)

Hi Erreale, I believe to know you. May be we met somewhere else in the Web ? :)

-{ Quote: "didnt try on my vista SP1," }-
It will not work on Vista yet. We working on supporting other operating systems.

-{ Quote: "another question Proactive Defense setting just can choice learning mode or allow all , no other choice & why ?" }-
Hmm, what other modes do you want for proactive defense? (Disabling all events seems is not possible - your system will not work).

blacknight, erreale,
we uploaded new build of installation package (kernels updated). Try now! :-)
20.03.2009 20:00 GMT+03

-{ Quote: "It will not work on Vista yet. We working on supporting other operating systems.


Hmm, what other modes do you want for proactive defense? (Disabling all events seems is not possible - your system will not work)." }-

HI , i want to ask where can i found the help file about OSSS ?

The 2nd question ) when i set proactive defense to allow all , it's meaning what ? Ignore all my rules or what ? I havent idea about this "allow all" meaning ?! what's different between learning mode & allow all ? Can you explain pls !

The 3rd question ) what is "Integrity" ?

P.S. i need Help file

I sense alot of tension in this thread. My thought's are that we should welcome Mihail Fradkov and try to help him w/ his project instead of giving him a hard time and cold shoulder.

Just my feeling, not based on facts. If I'm wrong, ...sorry.


...screamer

-{ Quote: "I sense alot of tension in this thread. My thought's are that we should welcome Mihail Fradkov and try to help him w/ his project instead of giving him a hard time and cold shoulder.

Just my feeling, not based on facts. If I'm wrong, ...sorry.


...screamer" }-


It's sort of like getting the stamp of approval from the Wilders forum ;D
Sometimes that happens with a new program, it's happend before but I agree, better to give the person the benefit of the doubt first.

Sorry if I sound rude but the kernel update over update seems stupid to me. How many updates they will release if so many people satrt using it and uploading their kernels in case of troubles.

Never saw this sort of thing before. After all there are so many other HIPS too, they never did like this.

-{ Quote: "Sorry if I sound rude but the kernel update over update seems stupid to me. How many updates they will release if so many people satrt using it and uploading their kernels in case of troubles.

Never saw this sort of thing before. After all there are so many other HIPS too, they never did like this." }-
It's because of OSSS uses very deep integration into the operating system (a lot of low-level hooks of non-exported internal functions and so on).

Process of "collecting" kernels will stop soon, when most part of used configurations will be submitted.

To other members. Please sorry for not answering on your posts with opinions and other reports. I'll try to do this as soon as possible, just have no time at this moment (first release time...)

Thank you all guys!

-{ Quote: "I sense alot of tension in this thread. My thought's are that we should welcome Mihail Fradkov and try to help him w/ his project instead of giving him a hard time and cold shoulder.

Just my feeling, not based on facts. If I'm wrong, ...sorry.


...screamer" }-

I agree. My previous post was almost about what you said. But you did it in a much cleaner way. My congrats. :thumb:

-{ Quote: "It's because of OSSS uses very deep integration into the operating system (a lot of low-level hooks of non-exported internal functions and so on).

Process of "collecting" kernels will stop soon, when most part of used configurations will be submitted.

To other members. Please sorry for not answering on your posts with opinions and other reports. I'll try to do this as soon as possible, just have no time at this moment (first release time...)

Thank you all guys!" }-
Hmm... Ok thanks. Lets, wait n see. Another HIPS to try.

-{ Quote: "There is a very big difference between OSSS and Comodo " }-

Can you please explain to me what this "very big" difference is? How does your solution compare to let's say Comodo Internet Security, Which has a Firewall, Defense+ and Antivirus?

More importantly I am interested in your protection compared to Defense+ in Comodo.

Cheers,
Josh

-{ Quote: "Can you please explain to me what this "very big" difference is? How does your solution compare to let's say Comodo Internet Security, Which has a Firewall, Defense+ and Antivirus?

More importantly I am interested in your protection compared to Defense+ in Comodo.

Cheers,
Josh" }-

After a fast digging...

Quotes from official page - http://www.online-solutions.ru/en/ospd_proactive_defense.php

-{ Quote: "The security core comprises several technological approaches: HIPS, SandBox, AntiRootkit, AntiSpyware and an antivirus. " }-

Well, so far I see it provides sandbox. COMODO's doesn't.

-{ Quote: "Warnings about sites with unwanted content and their blocking during web browsing " }-

COMODO's doesnt.

I didn't read it all with much detail, so I don't know what else it has to offer, and if COMODO's doesnt.

And, I don't understand why comparing it, strictly, to COMODO. Perhaps, because you're a moderator over there?

By the way it acts, I'd say is more like Outpost. Speaking of what I've used, and know what one does and the other doesn't.

I don't think it's fair to the developers of this "new" tool, that we compare it to other tools and say they don't bring nothing new, etc, before we actually try it in it's full power.

Soon, this will be nothing but a thread about this is better than that, etc...

I just hope a version fully supporting Windows Vista comes out soon. I'll give it a ride.
But, if what is mentioned at the official site is true, then, all I can do, is give the benefit of the doubt.
If it turns out to be all that, and if, with time, easier for everyone, including people who just want to be protected without the hassle of popups, then is more than welcome.


Regards

-{ Quote: "I sense alot of tension in this thread. My thought's are that we should welcome Mihail Fradkov and try to help him w/ his project instead of giving him a hard time and cold shoulder.
Just my feeling, not based on facts. If I'm wrong, ...sorry." }-
screamer, thank you for your supporting and kindness!

-{ Quote: "screamer, thank you for your supporting and kindness!" }-

Mihail, I'm not supporting you, as in the literal term. I don't like to see anyone throne to the lions. I've been the gladiator before; the Emperor remained seated.

I do in fact wish you all the luck on your project. I have great respect for someone who develops anything that will help the masses.

...screamer <-- trying to be a good neighbor

-{ Quote: "After a fast digging...

Quotes from official page - http://www.online-solutions.ru/en/ospd_proactive_defense.php



Well, so far I see it provides sandbox. COMODO's doesn't.



COMODO's doesnt.

I didn't read it all with much detail, so I don't know what else it has to offer, and if COMODO's doesnt.

And, I don't understand why comparing it, strictly, to COMODO. Perhaps, because you're a moderator over there?

By the way it acts, I'd say is more like Outpost. Speaking of what I've used, and know what one does and the other doesn't.

I don't think it's fair to the developers of this "new" tool, that we compare it to other tools and say they don't bring nothing new, etc, before we actually try it in it's full power.

Soon, this will be nothing but a thread about this is better than that, etc...

I just hope a version fully supporting Windows Vista comes out soon. I'll give it a ride.
But, if what is mentioned at the official site is true, then, all I can do, is give the benefit of the doubt.
If it turns out to be all that, and if, with time, easier for everyone, including people who just want to be protected without the hassle of popups, then is more than welcome.


Regards" }-

That's all I needed to know... Thanks. And Mihail, I do wish you goodluck and its good to see other companies providing protection for end users.

All the best! :)

Cheers,
Josh

Looking forward to seeing where this one goes! Im on Windows 7 at the time so i cant use it,hopefully support for "7" will be added very soon! Thanks for another hips program,ill be following the thread

-{ Quote: "Hi,

I've taken a look at when OSAM was advertised on Sysinternals board last year (in Russian), and i it appeared to me that these soft were promising (as often "with made in Russia" softwares). " }-

Kareldjag giving comments since a long time. Any plans on picking up your blogs again?

Cheers Kees

Without going off-topic, the other programs they offer, such as the autorun manager which is free, is a simple but quality program. Offers an analysis, scan of all the startup files, and gives a rating for each file.

Look forward to seeing what these guys develop.

Hi. i want to try this security programme but i received "kernel compatibility failed" message. What is this ??? i m using Xp pro - sp3 turkish language.

Edit: oops. i ran kernelchecker.exe and i have to wait for fix :S

-{ Quote: "Edit: oops. i ran kernelchecker.exe and i have to wait for fix :S" }-
Yes, you are right.

New update is uploaded. Added support of new kernels.
Update: 23.03.2009 14:40 GMT+03
You can download it here (http://www.online-solutions.ru/en/osss_security_suite.php)

Hi Mihail,

I've received also "kernel compatibility failed", 24hours ago.
I'm using Windows XP Home Edition SP3, Spanish (from Spain) language.
Checking today with "kernelchecker.exe" shows "wait message".
Must I wait some time, a lot? I'm a bit impatient ;)

Thanks!

New update is uploaded. Added support of new kernels.
Update: 27.03.2009 13:15 GMT+03
You can download it here (http://www.online-solutions.ru/en/osss_security_suite.php)

zen_usuario, you can use it now :-)

-{ Quote: "New update is uploaded. Added support of new kernels.
Update: 27.03.2009 13:15 GMT+03
You can download it here (http://www.online-solutions.ru/en/osss_security_suite.php)

zen_usuario, you can use it now :-)" }-


Hi , i need help files of OSSS , about setting & knowledge , another thing , proactive just have learning mode & allow all , when i am using learning mode , when i got some deny rules , but malware or virus attack any my rules set , OSSS still to learn ? Could you add a normal mode into Proactive Defend ? thanks

p.s. hope you can understand my bad english . lol ;D

-{ Quote: "New update is uploaded. Added support of new kernels.
Update: 27.03.2009 13:15 GMT+03
You can download it here (http://www.online-solutions.ru/en/osss_security_suite.php)

zen_usuario, you can use it now :-)" }-
Thanks, Mihail! :)

Hi,
Kees, this kind of question is more suited by PM, but i wil try to answer by staying on the topic.
There is more than ten reasons for stopping blogging. And one of them is that i am convinced of the emptiness of comparative testing for the desktop security soft market (av, HIPS, firewall).
But as Castlecops is dead, and as i am not satisfied with the Wikipedia article on HIPS (focus on hardware), i may write a page and update the list of current product and antimalwares evolution.

I' ve checked OSSS for ten minutes for instance, and i am agree with Ilya: stopping thinking as a developer also means making the job/task easier for the user.
And a lot improvements MUST be done in this case, especially the learning mode which needs to be more intuitive (one click-one rule).
Nothing new under the sun regarding rules problems: if the user creates a rule for service.exe after the reboot, then any trojan pakes/spambot/rootkit can for instance install hooks without any alert from OSSS (see my example).
OSSS team may take advantage for instance of what was already been done by Starforce for SafeNSec.
OSSS illustrates a tendency of security softs evolution to antimalwares suite with different modules and approach in the same product: firewall, pattern file detection, behavioral analysis, sandbox...
From a consumerism point of view, i hope that users will have the choice to get the HIPS and the firewall as single product, not only the choice of which module to install or not.
For any paranoiac users, putting all his security in one product is like putting all his money on one wall street value/agency (Maddock!) or one horse: a kind of Russian roulette, if we consider that a simple flaw in the driver implementation and all the security can be compromised.
Mixing different approaches (sandbox, white/black list, behavioural analysis etc), different product from different vendors makes the jobe of the attacker or malware more difficult.
TKS for OSAM which is integrated in my USB security suite since months.

Rgds

Please can anyone advise if they have the updated beta (22nd April) running on XP Pro SP2 and what experiences/issues they have had with this software.

Thanks.

Kareldjag,

Thanks, I will be interested in a new HIPS update.

Regards Kees

Hmmm... I think he said already that he is not interested.

-{ Quote: "
But as Castlecops is dead, and as i am not satisfied with the Wikipedia article on HIPS (focus on hardware), i may write a page and update the list of current product and antimalwares evolution
" }-

I did interpretate this as an possible update

Hmm... list not the tests IMO.

Tests need a lot of time n effort.

The second public beta-version OSSS v0.9 Beta was released at 09-May-2009 06:50.

Shortly:
- new feature: Installer Mode
- improved: events requests windows (more usable for beginners; just one step of large improvement task)
- improved: presets
- dns cache enabled (improvement on firewall rules creation and matching)
- WAN support added, now it works with ADSL modems (partially - not tested with ISDN)
- bugfixes

Full changelog will be published tomorrow, sorry.

Download page: http://www.online-solutions.ru/en/products/osss-security-suite.html
General advices and help on the use of Online Solutions Security Suite (http://translate.google.com/translate?prev=hp&hl=en&js=n&u=http%3A%2F%2Fforum.online-solutions.ru%2Fviewtopic.php%3Ft%3D203&sl=ru&tl=en)

I'll try to answer on all messages soon.

Beta-testers are welcome!

is your program vista ready?thanks

-{ Quote: "is your program vista ready?" }-
Not yet, sorry. Vista support will be provided in next betas.
(OSPD supports Vista, but it doesn't splitted from OSSS currently. This will be done soon).

Well, I'm trying it. It seems to have some issue to launch other partitions than C in my HD: I have one partition primary and active and three data partitions, logic on a SATA HD. Anyway, some notes for the HIPS features:

- OSSS is a very complex software, ok, but it need to set better the Learning Mode: OSSS try to check and to learn all i nthe same time, and the pc sometimes freezes: it's my third reboot, but OSSS freezes again my system.

- in Protection <Application rules it seems impossible to modify the application rules for every single application; it's possible only for category ( trusted, programs, browsers...): is it ? I wish to can edit single rules for single applications.

- in Protection < Protections settings, the " integrity control " is unpracticable: the frequency and the numbers of the alerts are so high that it's impossible to run the system. I don't know if it's only because of the first phase of learning, but I had to disable the integrity control.

This so far. I also 'm learning... ;)

-{ Quote: "Not yet, sorry. Vista support will be provided in next betas.
(OSPD supports Vista, but it doesn't splitted from OSSS currently. This will be done soon)." }-ok thanks

-{ Quote: "Well, I'm trying it. It seems to have some issue to launch other partitions than C in my HD: I have one partition primary and active and three data partitions, logic on a SATA HD. Anyway, some notes for the HIPS features:

" }-

The problem seems to exist with Explorer.exe because my pc slows also if I open a JPG. file in C: Documents.

i experience this when running 2 hips;) yes i did for testing purpose:)

-{ Quote: "


- in Protection <Application rules it seems impossible to modify the application rules for every single application; it's possible only for category ( trusted, programs, browsers...): is it ? I wish to can edit single rules for single applications.


" }-


After a new reboot I see on the right window in Protection <Application rules the rules of some single application, but only for few applications.

The firewall:if I understand, may be today I'm a bit sleepily :D , but I can't find a mode between " Learning Mode ", that asks to me for every site and every local port, and " Block most " that blocks every site except these I previous allowed.

Ehm....I hoped to have some answer...

-{ Quote: "Ehm....I hoped to have some answer..." }-
Our technical support has answered on your questions on Online Solutions' forum (partially answer). I really hope we will have some time after the next beta-release to answer on all questions/messages/posts here (a lot of and a difficult) and on our forum. Sorry.
Please be patient. Thank you.

Change list for OSSS: Security Suite v0.9 Beta (09-May-2009)

The set of predefined rules is improved.
ADSL modem (WAN devices) support is included, PPPoE connections are working now. (ISDN WAN devices have not been tested).
DNS cache is included.
Process memory protection is improved.
“Installer Mode” for comfortable programs installation is added.
Windows of event requests became more user friendly and easy to use (it’s the first step of the huge intention to improve appearance and usability).
Added applications icons into request windows, active processes list, network connections list and other places.
Now it is possible to move process to any group from a request window.
Position and size of request windows are automatically saved now.
Behavior of the tray icon commands is improved.
Added “Settings” tab.
Amount of closed sessions in “Network Connections” tab is limited now.
Fixed BSODs:

on the computers with network card drivers that use old NDIS v3.x/v4.x interface (not used on modern computers in practice)
while virtual drive image mounting using ISODrive (UltraISO)
in some rare cases when “Startup and Recovery” settings were written to the registry.
Fixed:

the dynamic changes of drive letters were not handled
policy settings changed by the system tray were not saved in configuration file (reverting to previous value after system restart).
Download OSSS v0.9 Beta... (http://www.online-solutions.ru/en/products/downloads.html)

List of the known issues and functions, not included in this release (http://www.online-solutions.ru/en/products/osss-security-suite/osss-known-issues.html) (v0.8; not updated yet)

-{ Quote: "Our technical support has answered on your questions on Online Solutions' forum (partially answer). I really hope we will have some time after the next beta-release to answer on all questions/messages/posts here (a lot of and a difficult) and on our forum. Sorry.
Please be patient. Thank you." }-

I agree. Damn folks, give them a chance. What are we doing if all we do is protect the old and scare the new. Think about it. Mihail, look forward to seeing more of you here and working with members to only help improve your product.

Geez.

Yes, I know all this, and I'm thankful to all the developers that create and spread new security softwares. Sometimes the haste depends from the enthusiasm for the new product. That's all so far. ;)

CAn some one post some screenshots of it, especially the pop ups alerts?

I've been asking in the OS forum and direct to St. Petersburg about the intended or not commercial status for this software without response.

Can anyone answer if they know that this will remain as freeware or if they'll do a 'Panda' and start charging for the program itself and/or updates once the beta testings finished?

Thanks

-{ Quote: "CAn some one post some screenshots of it, especially the pop ups alerts?" }-


In his site you can see some screeenshots.

Updated: 25-May-2009 16:20
Support of new kernels added.

-{ Quote: "I've been asking in the OS forum and direct to St. Petersburg about the intended or not commercial status for this software without response.

Can anyone answer if they know that this will remain as freeware or if they'll do a 'Panda' and start charging for the program itself and/or updates once the beta testings finished?

Thanks" }-

Panda won't do that - they just haven't updated their Online Help for some reason.

-{ Quote: "Can anyone answer if they know that this will remain as freeware or if they'll do a 'Panda' and start charging for the program itself and/or updates once the beta testings finished?" }-
Please sorry for the delay in answering on this question.

OSSS: Free and commercial versions with the same protection

We could prove that we will provide two using ways of OSSS package (Security Suite) and the products, included to it at this moment - OSPD (Proactive Defense), OSPF (Personal Firewall).

One of the way - absolutely free, i.e. freeware. The second one - commercial licensing with a differently types and renewal periods of licenses.

Question: Will there be any restrictions on computer protection of the free version of OSSS?
Answer: No. Actually, it will be the same application as a commercial. It will have a full set of protection functions, that can be configured and used. In other words a free version will have absolutely the same protection set as a commercial, and does not ceding it.

Question: What is the difference between free and commercial versions of OSSS?
Answer: Commercial version will have an additional mode of the automatical rules creation, based on our special service.

Also:
Commercial version will be available as trial for all users.
Beta-testers, and some of the communities, and/or individual members will have a special "personal" licenses to use commercial versions for free.Automatical rules creation mode will be gradually introduced in the next 1-3 beta releases. In parallel with this, we are improving design and usability of the interface.

does the hips part of this prgram protect the whole regitry?thanks

http://www.online-solutions.ru/common/images/osss/osss_scr03.png - see here: http://www.online-solutions.ru/en/products/osss-security-suite.html . It's again in Beta, not all the features are fully functional, but this is the structure.

-{ Quote: "does the hips part of this prgram protect the whole regitry?thanks" }-
Ofcourse, it protects whole registry. :-)
It controls binary operations with registry (hives operations) also.

I would like to know a few things about the Firewall module:

1. How it is on CPU Usage?
2. It is light using heavy traffic, like P2P?
3. Can I use only the Firewall without Proactive Defense module?
4. Can I use only the inbound protection?

Thanks

-{ Quote: "I would like to know a few things about the Firewall module:
1. How it is on CPU Usage?" }-
Very low. It seems like you working on fresh system.

-{ Quote: "2. It is light using heavy traffic, like P2P?" }-
There is no decrease of speed with UDP-based protocols, P2P.

-{ Quote: "3. Can I use only the Firewall without Proactive Defense module?" }-
Yes, you can select "Custom" when you will install OSSS and disable "Proactive Defense" module. (You will able to activate it later in any time). If you already installed OSSS, you can select what actions in the system you want to control (if you disable all options, OSPD will be deactivated). Anyway, it is NOT RECOMMENDED to disable OSPD module. Why do you asking? If you afraid about CPU usage or any stability problems - there is no any decrease of computer's performance, and the system is REALLY STABLE. :-)

-{ Quote: "4. Can I use only the inbound protection?" }-
Yes. You will need to create one rule in the "Default rules" group. This rule parameters are: "Allow all outbound connections by any ptorocol to any port". But this is NOT RECOMMENDED. Your system will NOT be protected from modern hackers attacks that are targeted to client-based applications (browsers, image viewers, video players, office software, etc). For example, you will visit some legal site like cnn.com and your system may be hacked by exploiting any client-side application (flash player, browser, acrobat reader and so on). After exploiting your system (because you disabled OSPD module), downloader will be able to make back-connect (because you disabled outbound protection) and do anything with your system (install bot/rootkits, spam, etc). So, it's better to use full protection.

Why do you want to disable outbound protection? Probably, we will advise better scenario for protecting your system.

-{ Quote: "Very low. It seems like you working on fresh system.

There is no decrease of speed with UDP-based protocols, P2P." }-
I'm asking this because some firewalls use a lot a of CPU while using P2P, like Outpost and OnlineArmor, and even when is no traffic in or out...
In this aspect Comodo Firewall is great, but I don't know how effective it is...

-{ Quote: "Yes, you can select "Custom" when you will install OSSS and disable "Proactive Defense" module. (You will able to activate it later in any time). If you already installed OSSS, you can select what actions in the system you want to control (if you disable all options, OSPD will be deactivated). Anyway, it is NOT RECOMMENDED to disable OSPD module. Why do you asking? If you afraid about CPU usage or any stability problems - there is no any decrease of computer's performance, and the system is REALLY STABLE. :-)" }-
The reason why I want to disable the HIPS feature is because I found them all annoying.
I just prefer Behavior Blocker...

-{ Quote: "Yes. You will need to create one rule in the "Default rules" group. This rule parameters are: "Allow all outbound connections by any ptorocol to any port". But this is NOT RECOMMENDED. Your system will NOT be protected from modern hackers attacks that are targeted to client-based applications (browsers, image viewers, video players, office software, etc). For example, you will visit some legal site like cnn.com and your system may be hacked by exploiting any client-side application (flash player, browser, acrobat reader and so on). After exploiting your system (because you disabled OSPD module), downloader will be able to make back-connect (because you disabled outbound protection) and do anything with your system (install bot/rootkits, spam, etc). So, it's better to use full protection.

Why do you want to disable outbound protection? Probably, we will advise better scenario for protecting your system." }-
Also because it is annoying and most time useless...
At least you have a learning process to avoid all the starting alerts?

-{ Quote: "-{ Quote: "-{ Quote: "3. Can I use only the Firewall without Proactive Defense module?" }-
Yes, you can select "Custom" when you will install OSSS and disable "Proactive Defense" module. (You will able to activate it later in any time). If you already installed OSSS, you can select what actions in the system you want to control (if you disable all options, OSPD will be deactivated). Anyway, it is NOT RECOMMENDED to disable OSPD module. Why do you asking? If you afraid about CPU usage or any stability problems - there is no any decrease of computer's performance, and the system is REALLY STABLE. :-)" }-
The reason why I want to disable the HIPS feature is because I found them all annoying.
I just prefer Behavior Blocker..." }-
The next beta will contain first version of "Presets Manager" (technical name), which solve some problems that you described as "annoying questions". Following versions of "Presets Manager" will be improved (we have a very big plans for the future), you'll see soon (1-3 monthes) what we are doing. :wink:

-{ Quote: "-{ Quote: "-{ Quote: "4. Can I use only the inbound protection?" }-
Yes. You will need to create one rule in the "Default rules" group. This rule parameters are: "Allow all outbound connections by any ptorocol to any port". But this is NOT RECOMMENDED. Your system will NOT be protected from modern hackers attacks that are targeted to client-based applications (browsers, image viewers, video players, office software, etc). For example, you will visit some legal site like cnn.com and your system may be hacked by exploiting any client-side application (flash player, browser, acrobat reader and so on). After exploiting your system (because you disabled OSPD module), downloader will be able to make back-connect (because you disabled outbound protection) and do anything with your system (install bot/rootkits, spam, etc). So, it's better to use full protection.

Why do you want to disable outbound protection? Probably, we will advise better scenario for protecting your system." }-
Also because it is annoying and most time useless...
At least you have a learning process to avoid all the starting alerts?" }-
Currently automatical learning mode is not introduced. Moreover, this feature probably will not be introduced, because it is absolutely unsecure. We will solve the "annoying questions" problem in other, more secure and professional way.

Just for information: for example, one of the well-known leading security package contain this feature, it automatically allow to start any driver in the system after running one legit, signed application, which drops the driver and start it. It's not required to say, that after this "learning" your system is not protected at all from any type of rootkits. BTW, this security package have a lot of scores at matousec.com (on the top of the list), because of testing technics imperfection. It's marketing "we have a lot of scores and don't annoy users with questions"... but you didn't protect them too, tests are passed only in specified pre-environment.

Additionaly: there is no any warranty that your system is clean, when you setuped security software and enabled "automatical learning mode". As we seen on OSAM (http://www.online-solutions.ru/en/products/osam-autorun-manager.html) users, a lot of computers are infected and contain different types of malware and rootkits... parallely with antiviruses, firewalls and other security products. So, when you uninstalling one and installing another, no one will give a warranty that your system wasn't infected before. (BTW, our "Presets Manager" will check this :-))

(I'm copying TS answers)

Installation Package Updated: 08-Jun-2009 14:25
Added support for new kernels

hellooo mihail

there is an ability to add a sandbox fonctionality to the next version also an advanced anti-keylogger

and what's the delay to realase the next beta version ;D

Mihail,

Thanks for your support... :)

I will try the last version. Maybe this installation works on my system...

I will surely try out this suite, once it comes out of beta.
I will follow this thread from time to time.

I wish you luck, Mikhail.
;D :thumb:

-{ Quote: "I will surely try out this suite, once it comes out of beta.
I will follow this thread from time to time.

" }-


You can try it now. I do it. It's stable, also if is sometimes slowly in opening folders or partitions. Use a virtualising or a sandbloxing sw if you want to be fully sure.

I installed it yesterday and I like it.

Works in a very low system level, use almost none CPU, is stable, but it should use less memory...

I used the Proactive Defense module, but after some time I disable it because I found it annoying like all HIPS, as always...
Keylogger protection didn't worked.
Maybe I will try some of its features on final release.

About Personal Firewall, it seems to lack some features described on website, but looks simple to use.
I would like to can change the main rules of it, and not use it only based on applications...
What means "Learning Mode" in OSSS? I'm asking this because the it continue to show me alerts...
I still like to see an option to enable/disable the inbound/outbound protection.

One feature that would be great is a notifier or an auto update for new available versions... :)

I will, for sure, try it again on final release... ;)

Keep going... :thumb:

New beta version, 1.0: http://www.online-solutions.ru/en/products/osss-security-suite.html

-{ Quote: "
Currently automatical learning mode is not introduced. Moreover, this feature probably will not be introduced, because it is absolutely unsecure. We will solve the "annoying questions" problem in other, more secure and professional way." }-
I'm glad to read this!
"Learning modes" are some kind of "automatical allow all signed started" and "grabb it to the database permissions for the next other times requested". svchost.exe, services.exe, explorer.exe,... full allow to start processes and more. Some malwares exploit these Windows filesystem and other signed.

I'm thinking "allow" all the "clean" (it's clean for sure?) system for the first and restrict all the "new" itsn't a valid and strong solution. Because the problems are inside the own system when interacts with something strange and its behavior.

I'm not a "proof", of course, only a home user, but I'm very excited for the objective you said and how to implement it.

Thanks & good luck.:)

Zen

Very good work, boys. I tested it with Comodo Leak tests and I had 320/340 scores. The previous beta had 260/340 scores.

cool well done:) how manny servicess run for this tool?how big is the installer?cpu usage?thanks

The installer 12,4 MB, CPU as the others HIPS, RAM and services sorry, but I had to restore my previous system configuration for other reasons.. I'm not using OSSS now.But if you have a disk imaging or a snapshot sw, try it.

-{ Quote: "The installer 12,4 MB, CPU as the others HIPS, RAM and services sorry, but I had to restore my previous system configuration for other reasons.. I'm not using OSSS now.But if you have a disk imaging or a snapshot sw, try it. " }-thanks

04-Jul-2009 at 06:30 morning :) new beta-version - OSSS v1.0 Beta (http://www.online-solutions.ru/en/products/osss-security-suite.html) was released.

News, change list, updated list of the known issues and our plans for improving OSSS will be published later, in 1-2 days.

Currenty I can say shortly:
dramatically improved user interface, most changes for action request windows
self-protection module partially included
DNS-cache viewer
WAN-interfaces support was improved (ADSL/ISDN-modems, PPPoE/VPN-connections)Full changelog will be posted soon.

It's very important to read about uninstallation process (http://forum.online-solutions.ru/viewtopic.php?t=259) - in this beta-version is requires user's actions for self-protection disabling.

P.S. For users, who uploaded new kernels with KernelChecker at Saturday-Sunday: please, reupload them again. They was deleted because of a small technical error.

-{ Quote: "04-Jul-2009 at 06:30 morning :) new beta-version - OSSS v1.0 Beta (http://www.online-solutions.ru/en/products/osss-security-suite.html) was released.

News, change list, updated list of the known issues and our plans for improving OSSS will be published later, in 1-2 days.

Currenty I can say shortly:
dramatically improved user interface, most changes for action request windows
self-protection module partially included
DNS-cache viewer
WAN-interfaces support was improved (ADSL/ISDN-modems, PPPoE/VPN-connections)Full changelog will be posted soon.

It's very important to read about uninstallation process (http://forum.online-solutions.ru/viewtopic.php?t=259) - in this beta-version is requires user's actions for self-protection disabling.

P.S. For users, who uploaded new kernels with KernelChecker at Saturday-Sunday: please, reupload them again. They was deleted because of a small technical error." }-i tried to install the program but it fails???
xp2?is it compatible with xp2?thanks

-{ Quote: "i tried to install the program but it fails???
xp2?is it compatible with xp2?thanks" }-
Yes, it is compatible with XP SP2.
Please follow instructions (http://www.online-solutions.ru/en/kernels.html)

-{ Quote: "Yes, it is compatible with XP SP2.
Please follow instructions (http://www.online-solutions.ru/en/kernels.html)" }-thanks:thumb: let me try again:)

tried to install and couldnt install even when i run the kernel check compability but still no luck at all,any ideas?

@Mihail Fradkov:any ideas?i want to try it but not luck

Change list for OSSS: Security Suite v1.0 Beta (04 Jul 2009)

Partially enabled the self protection module (pay attention to the uninstallation process (http://forum.online-solutions.ru/viewtopic.php?t=259)!).
Added the experimental heuristical analyser of the events risk level.
Implemented the ability of automatic rule creation for safe and malicious programs, based on heuristical analyser (experimental adaptation).
Added some new hooks for control over events (registry key rename, access to kernel through undocumented way, process suspending).
Improved action request windows interface. The windows are more friendly and usable now. (The second step of the big interface improvement plan has been done).
Improved NDIS WAN interfaces support. Added ADSL ISDN modems support. PPPoE and VPN connections have been tested.
Implemented the new way of work with Trusted and Blocked applications groups.
Added the ability to view internal DNS-cache (search, removing of elements).
Added new and modified old application icons.
Fixed:

kernel memory leak (after long work without reboot the system could be crashed with BSOD)
WAN-adapter detection error
processing of IP addresses adding/removal.Screenshts of improved user interface and action request windows (Click on picture to view it fullsize):

http://www.online-solutions.ru/common/images/osss/osss_scr01_100.jpg (http://www.online-solutions.ru/common/images/osss/osss_scr01.png) http://www.online-solutions.ru/common/images/osss/osss_scr02_100.jpg (http://www.online-solutions.ru/common/images/osss/osss_scr02.png) http://www.online-solutions.ru/common/images/osss/osss_scr07_100.jpg (http://www.online-solutions.ru/common/images/osss/osss_scr07.png) http://www.online-solutions.ru/common/images/osss/osss_scr03_100.jpg (http://www.online-solutions.ru/common/images/osss/osss_scr03.png)

http://www.online-solutions.ru/common/images/osss/osss_scr04_100.jpg (http://www.online-solutions.ru/common/images/osss/osss_scr04.png) http://www.online-solutions.ru/common/images/osss/osss_scr05_100.jpg (http://www.online-solutions.ru/common/images/osss/osss_scr05.png) http://www.online-solutions.ru/common/images/osss/osss_scr08_100.jpg (http://www.online-solutions.ru/common/images/osss/osss_scr08.png) http://www.online-solutions.ru/common/images/osss/osss_scr06_100.jpg (http://www.online-solutions.ru/common/images/osss/osss_scr06.png)


Quick links:
More information about new beta-release (http://www.online-solutions.ru/en/news/company/osss-security-suite-third-public-beta.html)
Download OSSS v1.0 Beta... (http://www.online-solutions.ru/en/products/downloads.html)
List of the known issues and functions, not included in this release (http://www.online-solutions.ru/en/products/osss-security-suite/osss-known-issues.html) (v0.8; not updated yet)

-{ Quote: "tried to install and couldnt install even when i run the kernel check compability but still no luck at all,any ideas?" }-
Today we will upload new installation package that must support your kernel, if you uploaded it before. :-) Please wait a bit.

Been testing out this app since the v1.0 beta release. I haven't had any problems so far.

Just wanted to give u a :thumb: ! :)

Cheers!

-{ Quote: "Today we will upload new installation package that must support your kernel, if you uploaded it before. :-) Please wait a bit." }-
thanks,is it compatible with vista 32 bits?thanks

-{ Quote: "Been testing out this app since the v1.0 beta release. I haven't had any problems so far.
Just wanted to give u a :thumb: ! :)" }-
Thanks 8)

-{ Quote: "thanks," }-
We uploaded new installation package. You can try it now.

-{ Quote: "is it compatible with vista 32 bits? thanks" }-
Please read announce (http://www.online-solutions.ru/en/news/company/osss-security-suite-third-public-beta.html), Vista will be supported in the next betas.

thanks michael8)

-{ Quote: "We uploaded new installation package. You can try it now.


Please read announce (http://www.online-solutions.ru/en/news/company/osss-security-suite-third-public-beta.html), Vista will be supported in the next betas." }-
hi again can i be able to use active process list if there is any withing this program to block active process in real time?thanks

-{ Quote: "hi again can i be able to use active process list if there is any withing this program to block active process in real time?thanks" }-
You can add your process to "Blocked" group, for example. Currently you can't do this from "Active Processes" tab, but we will do this. At this moment you can manually add process at the "Protection" and/or "Firewall" tabs.

-{ Quote: "You can add your process to "Blocked" group, for example. Currently you can't do this from "Active Processes" tab, but we will do this. At this moment you can manually add process at the "Protection" and/or "Firewall" tabs." }-thanks alot:thumb:

can "OSSS" detect hidden processess(rootkits)?or hidden malicius program in the system?thanks

-{ Quote: "can "OSSS" detect hidden processess (rootkits)? or hidden malicius program in the system?" }-
Yes, but this part is not complete enough yet. For example, we will show hidden processes in our "Active Processes" list, but they will not be marked as hidden.

It's better to use our OSAM: Autorun Manager (http://www.online-solutions.ru/en/products/osam-autorun-manager.html) to find rootkits and cure your system. It will be turned back to OSSS (integrated back, as it was in alpha versions).

-{ Quote: "Yes, but this part is not complete enough yet. For example, we will show hidden processes in our "Active Processes" list, but they will not be marked as hidden.

It's better to use our OSAM: Autorun Manager (http://www.online-solutions.ru/en/products/osam-autorun-manager.html) to find rootkits and cure your system. It will be turned back to OSSS (integrated back, as it was in alpha versions)." }-thanks again Mihail Fradkov

-{ Quote: "Can anyone answer if they know that this will remain as freeware or if they'll do a 'Panda' and start charging for the program itself and/or updates once the beta testings finished?" }-
I don't know where you're getting your false information from, but we've never done that.

Installation package is updated: 24-Jul-2009 21:35 (v1.0 Beta)
Support of new Windows kernels is added.

For users, who can't install OSSS on Windows XP or Windows 2003:
Please use KernelChecker utility to send your kernels to us, we will add support of your Windows kernel to OSSS. More information (http://www.online-solutions.ru/en/kernels.html)

-{ Quote: "there is an ability to add a sandbox fonctionality to the next version also an advanced anti-keylogger" }-
Thanks for the suggestions. We improved anti-keylogger protection, so you can use it :)

-{ Quote: "and what's the delay to realase the next beta version ;D" }-
v1.1 Beta released today at 06:30 ;)

News, known issues and changelog will be translated and posted later.

The new Wizard for installation works good, and now with CLT OSSS score is 340/340.:)

-{ Quote: "The new Wizard for installation works good, and now with CLT OSSS score is 340/340.:)" }-cool;) is this the proactive or firewall you tested or suite?thanks

-{ Quote: "cool;) is this the proactive or firewall you tested or suite?thanks" }-


The suite, OSSS complete installed. Bye ;)

Looks interesting ! lots of options and like the event viewer esp.

-{ Quote: "
The suite, OSSS complete installed. Bye ;) " }-thanks

Any news?

http://www.online-solutions.ru/en/products/osss-security-suite.html ;)

^^ ok.... :doubt:

-{ Quote: "Any news?" }-
OSSS v1.2 Beta is released, but no english translation for changelog and news. Please wait a bit.

Any news? :D

Especially about Win7 64-bit support?

-{ Quote: "Any news? :D" }-
Ofcourse! You can checkout news at our site (http://www.online-solutions.ru/en/) (at left bottom corner).

OSSS v1.2 press-release (http://www.online-solutions.ru/en/news/company/osss-security-suite-fifth-public-beta.html) / Change list for OSSS v1.2 (http://www.online-solutions.ru/en/products/osss-security-suite/change-list-1-2.html)
OSSS v1.3 press-release (http://www.online-solutions.ru/en/news/company/osss-security-suite-sixth-public-beta.html) (currently: only automatical translation) / Change list for OSSS v1.3 (http://www.online-solutions.ru/en/products/osss-security-suite/change-list-1-3.html)
Discussion regarding OSSS v1.3 on this forum (http://www.wilderssecurity.com/showthread.php?t=259955)

-{ Quote: "Especially about Win7 64-bit support?" }-
I cannot say exactly when x64 build will be published, sorry.

Thank you for the update! :)

hi michael we also need password protection to protect program from alteration as some of us share our computers we other family members;) so it will be a good idea to protect the settinngs/configuration of the program:) thanks
running smooth so far good job:thumb:

-{ Quote: "we also need password protection to protect program from alteration as some of us share our computers we other family members;) so it will be a good idea to protect the settinngs/configuration of the program:) thanks
running smooth so far good job:thumb:" }-
Thanks.
We are planning to implement this feature, but I can't say exactly in what beta release it will be implemented. Please wait a bit :)

Running this tool as well at the moment and I really like it.

Very nice tool Mihail, well done! :thumb:

A little expensive in my money ($60AU) however, i will keep watching this one improve and maybe one day i will buy this.

Thank you.

Hi guys. I am now helping to respresent Online Solutions.

@1boss1: What would you like to see as the new price? What price would be fair to you? - Valuable feedback such as this can help us greatly improve the product.

It depends on the the license. I think more than $30 USD is more than I would pay. It's a nice program and could be very potent against unknown malware.

Well then, a price such as $24.95, you would more then pay for? I am assuming money is an influence to you when buying a product :D

-- By the way thank you for the feedback :)

That price is quite acceptable, is that lifetime with future program updates? Efficacy, usability, then price are my main concerns in order. OSSS has potential for good efficacy and the price you mentioned (if that is to be the price) is good (obviously a freeware version would be nice too, but programmers have to eat too) but OSSS's usability needs alot of work. I understand it's beta and the predefined rules or whitelist is not in place yet, but I've never seen so many pop-ups from a single app!

-{ Quote: "That price is quite acceptable, is that lifetime with future program updates? Efficacy, usability, then price are my main concerns in order. OSSS has potential for good efficacy and the price you mentioned (if that is to be the price) is good (obviously a freeware version would be nice too, but programmers have to eat too) but OSSS's usability needs alot of work. I understand it's beta and the predefined rules or whitelist is not in place yet, but I've never seen so many pop-ups from a single app!" }-

Well I will talk to them about changing the price :) As you have said, it is still in beta so it should be expected that the product is not at it's full release stage yet, with it's full features and such. But, as for the popups, hopefully later on (not too long) you will see a dramatic decrease in the number of popups :)

Any timeline estimates? How about on just the set of pre-defined rules?

-{ Quote: "Any timeline estimates? How about on just the set of pre-defined rules?" }-

Not yet, but as soon as I find out more I will be sure to post it on here :)

On version 1.4 beta used along with Avast 5 (current released version) OSSS installs flawless yet after restart, OSSS locks up on the first prompt. OSSS is prompting about a windows service and no matter what I select OSSS freezes and Window displays a message that it has encountered an error and has to close. I am using windows 7 ultimate 32 bit. Possible conflict with Avast?

Apparently there is some sort of conflict related to the presence of avast 5. I uninstalled avast and reinstalled OSSS and it works fine.

OSSS passes all the Spycar tests fwiw. However, after using System Shutdown Simulator on it (OSSS fails the outbound fw test) i got two bsod's in a row. Not sure if its related to sss.exe, my system, or simply a flaw in OSSS.

Would be nice se OSSS in Matousec tests

-{ Quote: "OSSS passes all the Spycar tests fwiw. However, after using System Shutdown Simulator on it (OSSS fails the outbound fw test) i got two bsod's in a row. Not sure if its related to sss.exe, my system, or simply a flaw in OSSS." }-
I'll pass on the information to the developers. They'll look into all of it :)

We may apply for Matousec in the near future, but as our product is still in beta we may wait till we have a fully tested release :)

-{ Quote: "On version 1.4 beta used along with Avast 5 (current released version) OSSS installs flawless yet after restart, OSSS locks up on the first prompt. OSSS is prompting about a windows service and no matter what I select OSSS freezes and Window displays a message that it has encountered an error and has to close. I am using windows 7 ultimate 32 bit. Possible conflict with Avast?" }-
I'm not sure at this moment. I need more information. Minimum information: it is a screenshot of "Create Rule" window, when Service trying to start, ald scheenshot of close-error-message. (If you can't get screenshot at this moment, photo is usable too). (If you will have this information, please send it to bugs@online-solutions.ru). Without this information I can't say exactly what is wrong. We will create ticket on this problem and later will try to reproduce described problem. But I think, your system configuration may be important.

P.S. It is very important about what action OSSS asked you, when it freeze later.

-{ Quote: "OSSS passes all the Spycar tests fwiw." }-
Thank you for information.

-{ Quote: "However, after using System Shutdown Simulator on it (OSSS fails the outbound fw test) i got two bsod's in a row. Not sure if its related to sss.exe, my system, or simply a flaw in OSSS." }-
1. OSSS since v1.4 must pass any shutdown/logoff/restart tests. Probably, some testing methodics were wrong?
2. If you got a BSODs, please send minidumps to us, we will analyze them. Even if you are not sure, that this is OSSS problem. Minidumps path is: "%SystemRoot%\Minidump". Send them to bugs@online-solutions.ru. And it will be better if you will write some steps to reproduce problem (if it reproducable for 100%), of just describe some details after what you got BSODs.

Thank you.

I see you updated the 1.4 build today to include some predefined rules. Hopefully that will reduce the amount of pop-ups. I see you also improved system shutdown protection which is also good. I sent the dumps as requested. I look forward to testing the new build.

Hi is OSSS still going to offer a completely freeware version because I see on the website that their is a paid version, but to get a free license you have to promote the product with reviews or be an active beta tester. What I read earlier in the forum said that they were ggoing to offer a completely unrestricted freeware version of the suite but this does not seem to be the case now. can someone clarify this for me?

-{ Quote: "Hi is OSSS still going to offer a completely freeware version because I see on the website that their is a paid version, but to get a free license you have to promote the product with reviews or be an active beta tester. What I read earlier in the forum said that they were ggoing to offer a completely unrestricted freeware version of the suite but this does not seem to be the case now. can someone clarify this for me?" }-

THey have a post in their forum from their sales dept explaining (sort of) what happened to their free version.

http://forum.online-solutions.ru/viewtopic.php?t=327

On win7 32 bit with avast 5 OSSS freezes when trying to add anything to the recycle bin. OSSS works fine without Avast 5. I can duplicate this on my virtual machine.

In the Autorun manager OSSS doesn't show the os_kern and config files as trusted. Why is that since they belong to the program?

The developers are investigating the problem with Avast right now :)

That is a good question! I will investigate it :) The problem should be resolved shortly :)

OSSS v1.4.13445.0 has been released. This should fix the BSOD etc.

did they add pasword protection in this version?thanks

-{ Quote: "OSSS v1.4.13445.0 has been released. This should fix the BSOD etc." }-

Does OSSS auto update?

-{ Quote: "Does OSSS auto update?" }-

You will need to re-download OSSS from the site.

@jmonge: No, there is no password protection yet, but it is being worked on :thumb:

thanks 333halfevil

1000db, your wish is our command :). Prices are now being changed to the following:


Single User (1 user): $24.95
Family Pack (3 user): $49.95
Family Pack (5 user): $74.95

Those are competitive prices! :thumb:

When I download the new installer it says its version 1.4.13383.0 not the newer one mentioned above.

In the System tab under Active Processes, what does "Dirty Type" mean exactly?

They say if you create a video clip you get a free license, what type of video click are they talking about? Everyday use of the program, OSSS vs Malware, OSSS vs Zero Days?

Hi guys, sorry for the late reply. I have been away for a few days :)

@1000db: The kernel has been changed, not the actual version of the program. It is only a minor fix.

The "dirty type" is used to identify type of module in integrity control. At the moment it is just a beta fuction, and will probably change in the near future.

@Ibrad: Any video showing either the function, stength or features of OSSS :)

New build I see. However, I am unable to access the changes for this version; could you post them?

-{ Quote: "New build I see. However, I am unable to access the changes for this version; could you post them?" }-
New Windows Kernels support only. When something is changed, we change a version number. (Or rarely if we upload fix and not changing version, we announce it).

OSSS users are encouraged to periodically perform an update to support new operating system kernels.

ATTENTION! At this moment, this update is manually only. In the future, it will be automated, and users do not have to perform any actions.

Common point: download the new file os_vdisk.sys (http://www.online-solutions.ru/files/os_vdisk.rar) (it is packed with RAR archiver). Unpack this archive and put the file in any directory.

If OSSS is active currently:
Go to the OSSS settings and disable self protection. Do not forget do click Apply button.
Move the new file os_vdisk.sys instead of the old (overwriting it) in the directory %SystemRoot%\system32\drivers (for example, "C:\WINDOWS\system32\drivers").
Go to the OSSS settings and re-enable self protection.
After any reboot, OSSS will use a new driver. You will not require to reboot specially, because at this moment OSSS is working fine.If OSSS is disabled, because of Windows kernels incompatible:
Mov the new file os_vdisk.sys instead of the old (overwriting it) in the directory %SystemRoot%\system32\drivers (for example, "C:\WINDOWS\system32\drivers").
Restart your computer.
If after system restart OSSS will not run due to incompatibility, download KernelChecker (http://www.online-solutions.ru/kernels.html) and do all acts, that are described in the instructions (http://www.online-solutions.ru/kernelchecker.html).
Then please conctact our technical support: tsdep@online-solutions.ru.

I just installed from new installer on the website. So far it seems that you have resolved the incompatibility with Avast 5 (at least on XP). I haven't tried on Win7 yet. I think you've made some progress. :thumb:

I installed the latest version on an XP machine and it worked fine. I try on identical hardware but with Win 7 32 bit and get this:

You had to follow these instructions: so OSSS team could fix your kernel's issue and to release a new updated version. I did it last summer and it was very useful for me too. ;)

-{ Quote: "I installed the latest version on an XP machine and it worked fine. I try on identical hardware but with Win 7 32 bit and get this:" }-
Just follow instructions from this message (http://www.wilderssecurity.com/showpost.php?p=1623913&postcount=168)

OK done. Now, according to the kernalchecker, I need to wait for fixes to be made to OSSS.

So, is it working under Windows 7 or there is a need to wait for fixes to be made ?
I'm asking because I don't want to uninstall current security setup in order to find out that OSSS is not working.

edit : Well, I tried to run Setup anyway and I got the message like in picture above from 1000db
kernelchecker is saying I should wait for fixes.

We'll have to be patient...but hopefully it'll be worth it.

Any news for Win7 64-bit? :doubt:

I tried it. It is definitely a BETA. Thank goodness I made an image before doing so.

It's okay, I guess. . .

+Needs a restart during install. Thus, testing it with Shadow Defender is n.g.

+Auto detects your network

+Uses a whitelist, of some sort, during install

+Evidently needs MS Visual C+++

+Install loaded my default browser & OSSS's website. I immediately closed the browser. Maybe I shouldn't have done so -- see my next entry.

+OSSS said it couldn't detect my internet connection & asked for a restart.

+OSSS goes through *something* during startup -- BEFORE the Windows welcome. I restarted again later & it did it again. Maybe it does this every time there is a startup. It's okay, maybe, but other classic HIPS I have used (SSM, Prosec, EQsecure, OnlineArmor, MalwareDefender etc etc etc) ---- NONE of them ever put my computer through these startup gyrations.

+Despite its whitelist, OSSS popped up every time a system file activated -- it gave me several pop-ups just for services.exe. This took place even though OSSS claimed to be in learning mode. Ugh!

+During install OSSS gave options as to what to install. I opted NOT to install the firewall, but OSSS installed it anyway.

+I liked the GUI. Fairly intuitive to use (for a classic HIPS, that is)

+Compared to MD (Malware Defender), OSSS seemed to have pretty much the same coverage, PLUS a full-scope firewall. One exception (I *think*) is that its file protection did not seem to be anywhere near to being as granular as MD's.

+Uninstall hung for over 1 minute -- but it was loading my default browser to go to its website & ask why I was uninstalling. It asked that question in Russian, however.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Despite all the comments I have made, OSSS looks to be a VERY promising classic HIPS, & (for a beta) it is pretty stable. My real-time set-up almost always consists of ONLY a classic HIPS and an AV. So I am very happy to see a new HIPS coming on, even if I wouldn't use it at the moment.

P.S. I hope Kees1958 takes this puppy for a spin.

i tried it but it made nuts all the pop ups;D

For the first, thank you for you review/feedback and comments.

-{ Quote: "+Uses a whitelist, of some sort, during install" }-
It is automatically checking your system for malware and rootkits using our other product: OSAM (http://www.online-solutions.ru/en/products/osam-autorun-manager.html)

-{ Quote: "+Install loaded my default browser & OSSS's website. I immediately closed the browser. Maybe I shouldn't have done so -- see my next entry." }-
Do not afraid, it's just for information about new versions, when you using an installer that may be downloaded some weeks or monthes ago.

It is not used as part of internet connection detection or something.

-{ Quote: "+OSSS said it couldn't detect my internet connection & asked for a restart." }-
It is required to know what OSSS wrote to you exactly. I think it was a normal case (when, for example, you using LAN for connect to the Internet). But I can't say and be sure - need to have screenshot and information about your connection from you.

-{ Quote: "+OSSS goes through *something* during startup -- BEFORE the Windows welcome. I restarted again later & it did it again. Maybe it does this every time there is a startup. It's okay, maybe, but other classic HIPS I have used (SSM, Prosec, EQsecure, OnlineArmor, MalwareDefender etc etc etc) ---- NONE of them ever put my computer through these startup gyrations." }-
It's because of OSSS is more powerfull than these systems. I will quote some text from your site:
from OSPD description:
-{ Quote: "The "OSPD" kernel is loaded before all other system drivers and takes control of the system from the very start." }-from OSPF description:
-{ Quote: "The "OSPF" is loaded before all other system drivers and takes control of the system from the very start. It interacts with the network on the lowest level (the closest to the hardware level). This approach excludes the possibility of unauthorized sending and receiving data even by processes that are ‘invisible’ to the OS." }-
So, it is not a problem, it is an advantage :-)

-{ Quote: "+Despite its whitelist, OSSS popped up every time a system file activated -- it gave me several pop-ups just for services.exe. This took place even though OSSS claimed to be in learning mode. Ugh!" }-
To give a correct answer on this issue I need to have a copy of requests and/or screenshots.

-{ Quote: "+During install OSSS gave options as to what to install. I opted NOT to install the firewall, but OSSS installed it anyway." }-
OSPF part cannot be "removed" from OSSS. It is a one common kernel. So, when you disabling "Personal Firewall" option in setup, it is just disabling it in configuration, so all connections are allowed. (You can checkout Firewall options after installation)

-{ Quote: "+I liked the GUI. Fairly intuitive to use (for a classic HIPS, that is)" }-
Thank you :-)

-{ Quote: "+Compared to MD (Malware Defender), OSSS seemed to have pretty much the same coverage, PLUS a full-scope firewall. One exception (I *think*) is that its file protection did not seem to be anywhere near to being as granular as MD's." }-
What do you mean about file protection? I just did not understand, sorry.

-{ Quote: "+Uninstall hung for over 1 minute -- but it was loading my default browser to go to its website & ask why I was uninstalling. It asked that question in Russian, however." }-
Hm... Really strange. It must use the language that were used during uninstall.

-{ Quote: "Despite all the comments I have made, OSSS looks to be a VERY promising classic HIPS, & (for a beta) it is pretty stable. My real-time set-up almost always consists of ONLY a classic HIPS and an AV. So I am very happy to see a new HIPS coming on, even if I wouldn't use it at the moment." }-
Thank you!

BTW, we made an official (first) release two weeks ago. Here is a news (http://www.online-solutions.ru/en/news/company/osss-security-suite-first-release.html). Here is a changelog (http://www.online-solutions.ru/en/products/osss-security-suite/change-list-1-5.html).

Is this going to be a free product?

konata add this hips to mamutu and you are set to go
note:this hips is very chatty;D but is still good

i think that this hips will detect a rootkit loading cause it loads even before windows does and before all program loads;) this is a plus for me;D

I rarely try BETA softwares.
But once officially released I'll definitely try this. ^^

i am currently testing this program with malware but i notice some thing when malware is executed and after the installer allow to run it follow by malware trying to change registry or modify system files and apply a block rule but the blocked malware is still running in memory:) it will be nice to have an option to block and terminate it is safer:)
note:the hips protected my registry and protect againts system modification but it will be nice to have a block and terminate or terminate and block feature:)

now i will install OA and compare;) i want to have a nice hips in my systems;D

Looks interesting, if i get my VM up again i'll definitely try it :D

ok OA++ is way faster;) in my system;D

Congrats for second place on Matousec.

I am trying this program in a spare snapshot for the first time...looks interesting. :)

I wish there was a current 'help file'...the only reference to one, was in this post > "where is the help file of OSSS?" > http://forum.online-solutions.ru/viewtopic.php?t=554

P.S. Also, I have a thread in > 'other firewalls' > http://www.wilderssecurity.com/showthread.php?t=278343

How does OSSS stack up as a HIPS, in terms of features ? (it did excellent on matousec)

Specifically, ...........


1. Does OSSS have user configurable protection for the following:

a) User configurable - Registry autorun entries ?

b) User configurable -File and Folder protection?


2. Does it have a Sandbox feature ?

3. What are the basic differences in the protection approaches between OSSS and MD ?

-{ Quote: "1. Does OSSS have user configurable protection for the following:
a) User configurable - Registry autorun entries ?
b) User configurable -File and Folder protection?" }-
OSSS have a really flexible protection settings: all type of actions can be configured by user. So, answer for two your questions -- YES. (You can use masks, etc).

-{ Quote: "2. Does it have a Sandbox feature ?" }-
In the current market's meaning - no.

I requested OSSS to test their HIPS against keyloggers, but there was no reply. :thumbd:

Ergo, OSSS is untested against the keylogger genre (testing POC is available from spyshelter.com and zemanausa.com). IMO, OSSS is not reliable for primary protection against THE most dangerous type of exploit -- the keylogger. (A malware infection is a minor inconvenience, whereas a rampant keylogger is a downright DISASTER!)

-{ Quote: "I requested OSSS to test their HIPS against keyloggers, but there was no reply. :thumbd:

Ergo, OSSS is untested against the keylogger genre (testing POC is available from spyshelter.com and zemanausa.com). IMO, OSSS is not reliable for primary protection against THE most dangerous type of exploit -- the keylogger. (A malware infection is a minor inconvenience, whereas a rampant keylogger is a downright DISASTER!)" }-
if that is you opionion how do you explain the good matousec results?
-{ Quote: "Keylog 1-7 (that are all!) -> passed!" }- And in generall keyloggers have to act like trojans as well (autostarts, remote connect and so on).

I think OSSS is one of the best HIPS available.

-{ Quote: "I requested OSSS to test their HIPS against keyloggers, but there was no reply. :thumbd:" }-
There were not reply at this moment, because we are working on new beta version that will be released soon (in several days). And also, request in a form 'before I start to test your software, download this test and test it yourselves' seems a small incorrect...

-{ Quote: "Ergo, OSSS is untested against the keylogger genre (testing POC is available from spyshelter.com and zemanausa.com). IMO, OSSS is not reliable for primary protection against THE most dangerous type of exploit -- the keylogger. (A malware infection is a minor inconvenience, whereas a rampant keylogger is a downright DISASTER!)" }-
Ofcourse, OSSS protect against keyloggers. You can try spyshelter's test (really primitive, and only 1 way), and zemana's tests.

Thank you for your attention.

helloo

osss dont have a solid antikeyloger

no anti-screen logger no anti-clipboard protection no webcam protection :'( :'(

and fail with a lot of spyshelter test

-{ Quote: "osss dont have a solid antikeyloger" }-
Prove it.
OSSS protect against keyloggers.

-{ Quote: "no anti-screen logger no anti-clipboard protection no webcam protection :'( :'(" }-
We already answered (http://forum.online-solutions.ru/viewtopic.php?t=524) about these "actions". Why they are not "controlled".

-{ Quote: "and fail with a lot of spyshelter test" }-
We can code a lot of so-called "tests", that other products will "fail". But there is nothing common with a real system protection.

good to see a new beta version soon :-*

-{ Quote: "Prove it." }-The burden is on you to prove what OSS can do. Not vice versa (http://en.wikipedia.org/wiki/Argument_from_ignorance).

-{ Quote: "We already answered (http://forum.online-solutions.ru/viewtopic.php?t=524) about these "actions". Why they are not "controlled". We can code a lot of so-called "tests", that other products will "fail". But there is nothing common with a real system protection." }-
OSSS offers rationalization. Online Armor and Outpost Pro offer actual results by passing the tests.

Now that we have effective, low-cost imaging software --plus superb scanners such as Hitman, Immunet, MBAM, Bugbopper -- malware infections have become, at worst, a minor inconvenience.

Keyloggers, on the other hand, can be downright disastrous.

I WANT OSSS to be proven effective against the full spectrum of the keylogger genre. When that happens, I am a paying customer.

-{ Quote: "The burden is on you to prove what OSS can do. Not vice versa (http://en.wikipedia.org/wiki/Argument_from_ignorance)." }-
No, it is not on us, if someone just saying "it does not protect at all". This is a primitive trolling. Someone saying something and othery guys must to prove that this 'something' is not a true. That's funny.

Anyone can use the same methods like - "you eating infants every morning". And later say "the burden is on you to prove that this is not true".

On what facts someone decide that this assertion is not a mere assertion?

If someone accusing somebody, he/she need to buttress up this accusation by facts. Or anyone will talk anything. I can give a link to wikipedia too: Praesumptio innocentiae (http://en.wikipedia.org/wiki/Presumption_of_innocence).

Also, if we will spend a time to prove every user (the most are unprofessional in this area, and cannot correctly appreciate technical details), then we will unable to do something useful.

Example: user is asking us to test (not he tested -- we must test for him!) spyshelter's tests. This test for keylogging using a primitive technics like SetWindowsHook() and "injecting" a .dll to all processes. "System protection" test is writing registry value to "Run" key... About what we can discuss here? And later we got: "OSSS is not protecting against keyloggers". And we must prove that we are not idiots. Any ideas how to do this in such cases?

-{ Quote: "OSSS offers rationalization. Online Armor and Outpost Pro offer actual results by passing the tests." }-
We are not oriented to any tests. We are working on user's system protection, not on a tests bypassing.

Show me at least one product on market, who booting so early on the system as OSSS doing. Does users know this? Users understand this? Can users compare this with other products? How you will advise to say something about this?
(It's just a sample, nothing more).

-{ Quote: "I WANT OSSS to be proven effective against the full spectrum of the keylogger genre. When that happens, I am a paying customer." }-
I have nothing to say regarding this.

Vendor should not have any relation to testing and proving the effectiveness of the product. However, this does not mean that doing testing can be absolutely anyone who does not have an appropriate mix of knowledge and experience (in particular, referring to the real ITW/0day threats).

-{ Quote: "
I have nothing to say regarding this.

Vendor should not have any relation to testing and proving the effectiveness of the product. However, this does not mean that doing testing can be absolutely anyone who does not have an appropriate mix of knowledge and experience (in particular, referring to the real ITW/0day threats)." }-

Well Said !! And agree with you ...

Any competitive vendor can code a test software, that other products will "fail" to block , and we have saw that in past a lot...

if it loads before windows does this may detect rootkits in real time;)
also regrun/unhackMe does this early booting;D :thumb:

-{ Quote: "No, it is not on us, if someone just saying "it does not protect at all". This is a primitive trolling. Someone saying something and othery guys must to prove that this 'something' is not a true. That's funny." }-

It's not your job to prove what your software can do?
You leave that to the user to find out? Remarkable.
Afaik, remarks in this thread haven't got anything to do with primitive trolling. I don't see why you would need to mention that here.

-{ Quote: "I have nothing to say regarding this.

Vendor should not have any relation to testing and proving the effectiveness of the product. However, this does not mean that doing testing can be absolutely anyone who does not have an appropriate mix of knowledge and experience (in particular, referring to the real ITW/0day threats)." }-

The results from Matousec on OSSS, can those be discarded as useless?
Or are those tests done with the appropriate mix of knowledge and experience and, especially, with those necessary real ITW/zero-day threats?

It's apparantly stressfull to give a reaction on tests that are not on-par with what you consider meaningful testing but does that mean that besides beta-testing in the wild, users are left with nothing else to go on?

Besides support and insight from (and sometimes simply getting acquainted with) reps from security software companies, WildersSecurity also offers a platform for 'marketing-light' e.g. a way to present new programs to the members and readers here.

Your way of marketing is, let's say, innovative.
I've never read from any representative telling folks here;
Test it against zero-day exploits, don't bother me with tests I consider useless and if you don't like that, bugger off.

An OSSS license costs $24.95. For what period of time?

Does OSSS require a restart during installation? (If so, why? Malware Defender is an excellent HIPS and can be installed with NO restart.)
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

As to OSSS approach of refusing to test their app -- they are saying, in effect, "Our product is great because we say so. If you disagree, prove it."

Example (underlining added) from http://www.online-solutions.ru/en/products/osss-security-suite.html

-{ Quote: "The "OSPF" (Online Solutions Personal Firewall) firewall provides complex defense of user systems from all security threats connected with intrusions and theft of personal data." }-

I would like to believe that OSSS is just as effective against "ALL security threats"" as its proponents claim it to be. However, I won't buy a pig in a poke based on advertising claims. I am a potential buyer -- not a tester. IMO, it is the job of OSSS to offer actual evidence -- not just rationalizations and put-downs -- so as to objectively support the validity of their claims.

-{ Quote: "It's not your job to prove what your software can do?" }-
I think you mistaken. Our job is to make a software that really protects. It is a work of marketers to get users in any way, using any methods, just only to get a users.

-{ Quote: "You leave that to the user to find out? Remarkable.
Afaik, remarks in this thread haven't got anything to do with primitive trolling. I don't see why you would need to mention that here." }-
Just back to some messages before. Tests that advised by user are passed. But some other user writing post (a direct quote): "osss dont have a solid antikeyloger". What to add here? What to say on this? (I already asked this). I said that this is not true and asked to prove this. I think it is correctly and logical.

-{ Quote: "The results from Matousec on OSSS, can those be discarded as useless? Or are those tests done with the appropriate mix of knowledge and experience and, especially, with those necessary real ITW/zero-day threats?" }-
Is is not related to an ITW or 0day threats at all. Only one thing in the latest tests were ripped from TLD3 rootkit.

-{ Quote: "It's apparantly stressfull to give a reaction on tests that are not on-par with what you consider meaningful testing but does that mean that besides beta-testing in the wild, users are left with nothing else to go on?" }-
I never said something similar.

I just said that some activity is not related to malware, but can be a part of malware. Some guys coding a tests that call this activity (and only it!) and saying - "malware can do this!". Yes, malware can do this. But also malware must to do "something other" to have a possibility to do this later. It is not a possible to explain a security model in a simple form. But there are "critical points" in the system, as well as in the logic of the application, and, moreover, malware. These actions and controlled.

For example, I can code a "test" that will create a text file. Or read other files and copy it content to newly created files. Oh-oh, malware can steal some information and write it to a file. Isn't true? Absolutely true.

It's an exaggerated example to understand what I mean.

-{ Quote: "Besides support and insight from (and sometimes simply getting acquainted with) reps from security software companies, WildersSecurity also offers a platform for 'marketing-light' e.g. a way to present new programs to the members and readers here." }-

-{ Quote: "Your way of marketing is, let's say, innovative." }-
Maybe more honest?

-{ Quote: "I've never read from any representative telling folks here;
Test it against zero-day exploits, don't bother me with tests I consider useless and if you don't like that, bugger off." }-
I did not said that. Especially in these words.

OK, repeating the fourth times: we tested software with test that user posted to us. Ofcourse, software protects against this keylogging technics. Later other user wrote... see beginning of this message. Your suggestions.

-{ Quote: "An OSSS license costs $24.95." }-
It is depend on country.
-{ Quote: "For what period of time?" }-
One year. There are different license packs like family pack (several computers), for half-year, etc.

-{ Quote: "Does OSSS require a restart during installation? (If so, why? Malware Defender is an excellent HIPS and can be installed with NO restart.)" }-
Yes, it is require restart. It require restart because it booting before all other components of OS. OS kernel cannot be hooked in such manner later, and if it will not be hooked so early, it will not be possible to control early system events and integrity of the system. (I.e. system maybe in untrusted state).

-{ Quote: "As to OSSS approach of refusing to test their app -- they are saying, in effect, "Our product is great because we say so. If you disagree, prove it."

Example (underlining added) from http://www.online-solutions.ru/en/products/osss-security-suite.html" }-
Yes. That's interesting, but it is really close to truth.

For example, see here (it were one year ago, but it is actual -- it is were tested on Windows XP): here is a test on one blackhat rootkit (http://translate.google.com/translate?hl=en&u=http%3A%2F%2Fsporaw.livejournal.com%2F78145.html%3Fthread%3D1577025%23t1577025&sl=ru&tl=en) that were actual for all protection systems for that time (it have an implemented TCP/IP stack in its driver). OSSS not attract to any implementation, but protect against this threat as fundamental solution.

-{ Quote: "I would like to believe that OSSS is just as effective against "ALL security threats"" as its proponents claim it to be. However, I won't buy a pig in a poke based on advertising claims. I am a potential buyer -- not a tester. IMO, it is the job of OSSS to offer actual evidence -- not just rationalizations and put-downs -- so as to objectively support the validity of their claims." }-
I can not "kill card" when someone says "OSSS not protect from any keyloggers".

Security vendor - it is like a doctor. If you do not trust him, it is not a good idea to "use" it.

I am well aware that it is required to earn the trust of users. But in my opinion this is done by real actions, i.e. systems protections (absense of incedents), and appreciation of this protection from the professionals (for me, for example, the assessment from some of the developers of malware - is the highest rating, and we got some, for example, related to Rustock and some other). And not "hanging noodles on users ears" with beautiful graphics or something similar. Time will tell.

well in my own opinion pocs test are nothing ,just went ahead and got my self the latest beta and tried with real world nasty malware and all the time this software alert me of intrutions attemps;) it's a cool hips as i tried it and like it alot easy to navagate tabs also:) very chatty;D

-{ Quote: "well in my own opinion pocs test are nothing ,just went ahead and got my self the latest beta and tried with real world nasty malware and all the time this software alert me of intrutions attemps;) it's a cool hips as i tried it and like it alot easy to navagate tabs also:) very chatty;D" }-
So do me a favor & check it out against Spyshelter's tests. I would do the tests myself, but OSSS needs a reboot during install so I can't trial it using Shadow Defender.

sorry man at this moment i am testing ProcessGuard after the weekend i will test it ofcourse;) :thumb: no problem

-{ Quote: "So do me a favor & check it out against Spyshelter's tests. I would do the tests myself, but OSSS needs a reboot during install so I can't trial it using Shadow Defender." }-
I'll run a test for you:

Keylogging - Pass
Webcam Capture - Pass
Screenshot - Fail
Clipboard Monitoring - Fail
System Protection - Pass
Sound Record - Fail

thanks;) i didnt have time for testing osss for him but as you did thanks alot;) :thumb:

-{ Quote: "I'll run a test for you:

Keylogging - Pass
Webcam Capture - Pass
Screenshot - Fail
Clipboard Monitoring - Fail
System Protection - Pass
Sound Record - Fail" }-
Many many thanks! As it turns out, OSSS offers roughly the same imperfect keylogger protection as does PCTools FW (a free FW+HIPS app).

I tried to install OSSS last night but I must have done something wrong. Before Windows ever got to its Welcome screen, a pop-up came up telling me that Windows had noticed major changes in the hardware for my computer and that I would need to re-activate Windows.

I haven't made any hardware changes in a very long time. This pop-up startled me greatly since I do NOT want to try & figure out how to go through the activation process again.

From this thread I see that others have installed OSSS without similar difficulties. Nevertheless, I suggest that everyone image their HD before trialing OSSS or ANY major/complex bit of software. I am soooo glad that I did.

Thus far, of the HIPS that have been tested (to my knowledge), DefenseWall (http://www.wilderssecurity.com/showpost.php?p=1678522&postcount=1) provides the most effective broad-spectrum keylogger protection BY FAR.

-{ Quote: "Many many thanks! As it turns out, OSSS offers roughly the same imperfect keylogger protection as does PCTools FW (a free FW+HIPS app)." }-
bellgamin, are you joking or making fun of you?

Above is written by me (several times in different messages), by other users (two minimum), that OSSS protecting against keyloggers. Some users showed results of different tests from different vendors or testlabs. And again, repeating "does not protect against keylogging". Heh. Did I wrong when I said about trolling? Seems like "fat trolling".

Moreover, OSSS have nothing common with PCTools technical "solutions" (technical implementation).

-{ Quote: "I tried to install OSSS last night but I must have done something wrong. Before Windows ever got to its Welcome screen, a pop-up came up telling me that Windows had noticed major changes in the hardware for my computer and that I would need to re-activate Windows.

I haven't made any hardware changes in a very long time. This pop-up startled me greatly since I do NOT want to try & figure out how to go through the activation process again." }-
This behavior is not related to OSSS. As you can undersand, OSSS does not change your hardware at all.

-{ Quote: "From this thread I see that others have installed OSSS without similar difficulties. Nevertheless, I suggest that everyone image their HD before trialing OSSS or ANY major/complex bit of software. I am soooo glad that I did." }-

-{ Quote: "Thus far, of the HIPS that have been tested (to my knowledge), DefenseWall (http://www.wilderssecurity.com/showpost.php?p=1678522&postcount=1) provides the most effective broad-spectrum keylogger protection BY FAR." }-
I will not comment on this (that's funny how you got your conclusions). You can post and advertise here anything you want, it is not bothering me. Also, you can continue to post that OSSS does not protect at all. It is your right. But my right after this is to call you a forum troll.

I think i see where the confusion "appears" to be ;)

Mihail Fradkov says OSSS can block keyloggers, and several posters have run tests which, on those anyway, it does PASS :thumb:

But they have also run other tests which are Not KL's and some failed. So MF is correct in his statements about OSSS's KL's abilities. If other KL's are tested against it, that would help show OSSS's capabilities, in this area.

I've used the free "OSAM" (Online Solutions Autorun Manager) several times in the past, and rate it very highly :thumb:

Observing how a product deals with various threats and the results of tests is one way to determine a product's efficacy.However I'm not so sure that citing rival vendor's test tools,which are designed with but one purpose,to show their product is the best thing ever,is the most reliable way to determine this.:-\

-{ Quote: "You can post and advertise here anything you want, it is not bothering me. Also, you can continue to post that OSSS does not protect at all. It is your right. But my right after this is to call you a forum troll." }-
I linked to a series of tests done by a 3rd party (not me) where DefenseWall (http://www.wilderssecurity.com/showpost.php?p=1678522&postcount=1) had very good results versus keyloggers. Several other apps were included in that same test. The fact that I linked to a test of protection from keyloggers -- which is a salient discussion point in this very thread -- does not constitute "advertising" by any stretch of the imagination. I am a retired school teacher. I have nothing to sell. You on the other hand are directly connected with OSSS. So who here is doing the advertising? It certainly isn't me.

You do not like the messages I post? Then deal with the messages themselves, and stop trying to shoot the messenger. "Troll" is a direct personal insult. You have already used this insulting term against me 3 times.

You are a salesman-representative of a software program. IMO, using personal insults and ridicule are not generally effective ways for gaining support for the software you represent. Wilders is a forum for openly discussing the pros and cons of security software. It seems you are striving to turn it into a forum where anyone who questions the efficacy of OSSS is ridiculed and insulted. I sincerely hope that you do not succeed.

Where is an 'eating popcorn' emoticon when you need one? This is quite the discussion... ;D

I see another problem too.

Bellgamine, how do you test the Anti-Keylogging ability of OSSS?

Cause a lot of people do not understand the following:

LeakTests are not capable for testing security applications. It is not improtand if the OSSS can stop all of the thousand possibilitys to log keystrokes and screens. Did you think about what is done with the log after that? Or how the keylogger should start every time your computer starts.
It is simply not possible that a keylogger can be installed (dropped) while OSSS is running...

If you find a real keylogging malware sample which bypasses OSSS i think the OSSS team will really try to fix that problem and discuss it openly with us.

-{ Quote: "I think i see where the confusion "appears" to be ;)

Mihail Fradkov says OSSS can block keyloggers, and several posters have run tests which, on those anyway, it does PASS :thumb:

But they have also run other tests which are Not KL's and some failed. So MF is correct in his statements about OSSS's KL's abilities. If other KL's are tested against it, that would help show OSSS's capabilities, in this area." }-
Yes.

Moreover, we already posted on our form, and I already posted here this link (http://forum.online-solutions.ru/viewtopic.php?p=2516#2516) about other test details. But this is totally ignored.

Thank you for your support and understanding.

-{ Quote: "I've used the free "OSAM" (Online Solutions Autorun Manager) several times in the past, and rate it very highly :thumb:" }-
Thank you!

P.S. Habakuck, thank you too!

-{ Quote: "Where is an 'eating popcorn' emoticon when you need one? This is quite the discussion... ;D" }-
Here is especially for you :-)
http://www.freesmileys.org/smileys/smiley-basic/popcorn.gif
(Not showed automatically in post -- too sad)

-{ Quote: "This is quite the discussion" }- :)
Been watching for a while, looking for an excuse to install your tools
:)

re:
http://forum.online-solutions.ru/viewtopic.php?p=2516#2516

Understand the thrust of the arguments...Pop_ups for screen grabs or recorders
??

So that we are all clear no member here has a "right" to call anyone a troll. I hope we can continue the discussion in a pleasant enough manner. Thank you.

-{ Quote: "Did you think about what is done with the log after that? Or how the keylogger should start every time your computer starts.
It is simply not possible that a keylogger can be installed (dropped) while OSSS is running..." }-
I used to be in the camp that wanted a security program to block every test out there (screen grab, clipboard monitor, etc.). I recall Xiaolin ( dev of MD - an app similar to OSSS) saying that this was unnecessary due to the other protections offered by MD. I was a bit disappointed by that, but as time has gone by my opinion has changed. Many of the logical arguments presented here have been informative and, although this thread has been heated at times, there has been some good points made by all involved.

How is OSSS able to intercept so early in the boot process? Does it alter the MBR to place code there? If so, will this interfere in any way with an encrypted TrueCrypt or Jetico BCVE boot drive?

-{ Quote: "Does it alter the MBR to place code there? If so, will this interfere in any way with an encrypted TrueCrypt or Jetico BCVE boot drive?" }- As far as i know it does not interfer with the MBR but patches your kernel (win2k.sys).

I won't use it together with TrueCrypt! There were some problems with boot time defragmentation for example (they got fixed) but i won't take that risk with TrueCrypt!

-{ Quote: "I won't use it together with TrueCrypt! There were some problems with boot time defragmentation for example (they got fixed) but i won't take that risk with TrueCrypt!" }-
These "problems" were not really "problems", it were a known issue - we are locked some files due protection reasons. But this behavior were invalid in case if some legal process like chkdsk or boot-time defrag want to get 'full access' to a disk. So, we changed our behaviour (recoded one of the module), to allow legal applications like check disk or boot-time defrags 'lock' a disk for their use.

This is fixed in OSSS v1.6 Beta (it will be released really soon).

As I said, this is not related to any disk cryptors or something other, who are working with disks on "physical" level (crypting sectors).

Moreover, we used OSSS with:
BestCrypt Containers (Jetico)
BestCrypt Volume Encryption (Jetico) [TrueCrypt is an analogue of BCVE]
Software RAID (MIRROR) on Windows 2003and have no any problems or something.

It is just for information. (We cannot give warranty that no any problem will appear with TrueCrypt, but currently I have no any idea about possible technical reason to make problems with TrueCrypt; so, if someone using TrueCrypt with OSSS, please post here message for others).

-{ Quote: "How is OSSS able to intercept so early in the boot process? Does it alter the MBR to place code there?" }-
Current versions of OSSS booting immediately after OS kernel (one file). No any other drivers (system or other) are booted before. Please see a screenshot here (http://forum.online-solutions.ru/viewtopic.php?p=1798#1798).

On x64 platform (soon beta) we will be in MBR and will control anything. Moreover, possibly, we will later update x86 (32-bit) variant to do the same thing.

-{ Quote: "If so, will this interfere in any way with an encrypted TrueCrypt or Jetico BCVE boot drive?" }-
Please see my answer above about TrueCrypt and/or BCVE.

Thanks for the information. That is very impressive!

so when OSSS is install and reboot it is the first one to load,even before windows screen apears?thanks

-{ Quote: "so when OSSS is install and reboot it is the first one to load,even before windows screen apears?thanks" }-
Yes, widely bevor the Windows Screen appears!

It is also the first HIPS i have seen which gave me promts bevor the windows logon!
Was a bit funny to see the: "Pleas enter your windows password" screen and an OSSS PopUp asking me about the logitech driver. :thumb:
This was on XP.

hello haba

there is another hips from ca corporation that have the same behavior but not solid like osss

waiting osss 1.6 beta :argh: :argh: :argh: :-* :-* :-*

Updates for new Windows kernels support (http://forum.online-solutions.ru/viewtopic.php?t=446) uploaded.

Mihail Fradkov,

Please excuse my novice question, but I am new to this concept, what does below actually mean:

-{ Quote: "Mihail Fradkov,
Updates for new Windows kernels support uploaded" }-

Basically, My Questions are:

1. So, does this mean that whenever a New - Windows Service Pack is released for the Windows version (XP, Vista, 7) that your running and you have applied it to your PC, the SP would have updated the Wiindows - Kernel file(s) and so you need to get updates for OSSS to support it ?

2. What about, whenever you apply the "Monthly" - MS Windows Updates, does Windows Updates alter the Windows - Kernel File(s) each month, requiring one to get updates for OSSS to support it ?

3. BTW, does "Windows - Kernels", refer to one "main" specific windows operating system file, under lets say Win XP, or does it refer to several Win XP operating system files ?

Not every windows update changes so much that you have to wait for an OSSS update. Most of the windows udates will install without any problems.

-{ Quote: "Basically, My Questions are:
1. So, does this mean that whenever a New - Windows Service Pack is released for the Windows version (XP, Vista, 7) that your running and you have applied it to your PC, the SP would have updated the Wiindows - Kernel file(s) and so you need to get updates for OSSS to support it ?" }-
Yes. If Windows Kernels are changed -- we need to make update for OSSS. In 90% cases it can be done automatically (we just execute special program that analyzes new kernels), in other cases we need to investigate some changes manually to add support. But we always analyze Service Packs as betas, before they are released, to make a support sooner, than users will install Service Packs to their computers.

OSSS v1.5 (and previous versions) requires to change os_krnl.sys (main OSSS driver) file when internal changes of Windows too big. Starting v1.6 OSSS will not require to change os_krnl.sys, all required data is stored in os_vdisk.sys (it have a new format). Also, OSSS v1.6 will update this file automatically (and do it periodically). So, user in most cases will have no any problem.

OSSS v1.6 beta is not released yet, but it will released really soon (in some days).

-{ Quote: "2. What about, whenever you apply the "Monthly" - MS Windows Updates, does Windows Updates alter the Windows - Kernel File(s) each month, requiring one to get updates for OSSS to support it ?" }-
Yes. If some of the monthly update will alter Kernel file, it is require to update OSSS.

-{ Quote: "3. BTW, does "Windows - Kernels", refer to one "main" specific windows operating system file, under lets say Win XP, or does it refer to several Win XP operating system files ?" }-
Here is answer (http://www.online-solutions.ru/en/kernelchecker.html) on your question. Five files. Usually really used - two.

Thank you for your questions.

good program michael:thumb: :thumb: my respect to you:thumb: :thumb:
i like the auto-run antimalware scaner:)handy tool

Mihail Fradkov,

-{ Quote: "Originally Posted by Mihail Fradkov
Yes. If some of the monthly update will alter Kernel file, it is require to update OSSS" }-.
Question:

1. So, what happens if you download and install a Monthly MS Update and it turns out that an OSSS kernels update is needed (ms update altered a kernel file). but the OSSS update has *not* been applied (i.e. he OSSS update is not available yet) ?

..... In this case, does OSSS on the PC, let this Monthly MS Update be applied/installed ?

.... If Yes, then:

A) Will OSSS detect the kernel incompatability and *not* load itself and just let the Windows PC boot up and be used "normally", either with no OSSS protection features --OR -- with limited OSSS protection -- OR -- will pc get a BSOD ???


2. On avearge, how many days, after a Monthy MS Update is released which turns out requires an OSSS Update (due to MS update altering a kernel file) does it take for the OSSS kernels update to be released for manual update (or in future for automatic update) ?

-{ Quote: "1. So, what happens if you download and install a Monthly MS Update and it turns out that an OSSS kernels update is needed (ms update altered a kernel file). but the OSSS update has *not* been applied (i.e. the OSSS update is not available yet) ?

..... In this case, does OSSS on the PC, let this Monthly MS Update be applied/installed ?" }-
OSSS does not block any installations of any updates. Yes, you will be able to install MS update. And if you will not update OSSS, it will not work anymore: partially (if win32k.sys changed only) or at all (if ntoskrnl.exe is changed).

-{ Quote: ".... If Yes, then:
A) Will OSSS detect the kernel incompatability and *not* load itself and just let the Windows PC boot up and be used "normally", either with no OSSS protection features --OR -- with limited OSSS protection -- OR -- will pc get a BSOD ???" }-
Answered above.

If win32k.sys changed only - OSSS will warn user that some protection functions are disabled (in this case will not work keylogging protection partially, DDE protection and small part of self protection -- system messages protection).

If ntoskrnl.exe changed - OSSS will not load. It will popup a message regarding problems and way to fix they.

No any BSODs in any case possible.

As I said before, v1.6 will automatically update required information before such problems may appear.

-{ Quote: "2. On avearge, how many days, after a Monthy MS Update is released which turns out requires an OSSS Update (due to MS update altering a kernel file) does it take for the OSSS kernels update to be released for manual update (or in future for automatic update) ?" }-
As I said before, for Service Packs - we analyzing betas. So, when Service Pack is released, all required information is already included to OSSS (automatically updated). For common updates (monthly updates) -- we adding information immediately after receiving updates. At this moment we doing this partially manual (manual part - is just to start a special program only; and users must update manually), but later it will be fully automatic: automatically downloading updates, automatically building required information, automatically update all OSSS copies.

Shortly.

Current state (OSSS v1.5):

Service Pack:
Service Pack beta is released.
We automatically or manualy analyze it and adding required information to OSSS.
Installation package on site is updated. os_vdisk.sys is uploaded to site (for manual updates).
Users who have already installed copies, updates os_vdisk.sys manually.
Service Pack is released as public release.
There is no any problem to install it.Monthly Updates.
Monthly updates are published and available for download. If these updates does not change any kernel file -- stopping here. (There is no any problems). Real experience: kernel files are not changed often.
We starting a special program to download all updates for all systems and gathering required information, adding it to OSSS.
Installation package on site is updated. os_vdisk.sys is uploaded to site (for manual updates).
Users who have already installed copies, updates os_vdisk.sys manually.
There is no any problem to install updates for users who updated OSSS. Other users will have a problem: after installing MS updates, OSSS will not work partially or at all. They will require to update OSSS.New State (OSSS v1.6):

All the same, except one: all process is automized, and users do nothing. OSSS update itself automatically.

Mihail Fradkov,

Thanks, for your detailed explanation.
Sounds great :thumb: :thumb:

Looking foward to OSSS v1.6

OSSS v1.6 Beta is available for download (http://www.online-solutions.ru/en/products/downloads.html).

-{ Quote: "Is this free?" }-
No. OSSS is not free currently, it is a shareware (30 day free trial use).

Ways to get a free OSSS license (http://www.online-solutions.ru/en/products/osss-security-suite/free-license.html).

http://www.freesmileys.org/smileys/smiley-basic/popcorn.gif

Damn...doesn't link in the post...wth? Oh well....

-{ Quote: "Many many thanks! As it turns out, OSSS offers roughly the same imperfect keylogger protection as does PCTools FW (a free FW+HIPS app).
" }-

I wouldn't say that spyshelter test (marketing) tool is the definitive tool to see if you are protected against the full spectre of keyloggers or not ;D
I would like to see spyshelter in matousec to see if is able to block something more than their antitest tool shows, maybe is not even able to protect himself for being killed.

Although maybe is not enough for everybody you can block all the attempts of the keylogger to send the information to the net (to make it useful) using a simple firewall, so you will be protected.

-{ Quote: "I wouldn't say that spyshelter test (marketing) tool is the definitive tool to see if you are protected against the full spectre of keyloggers or not ;D" }-
If not SpyShelter test tool, then what would you suggest?

-{ Quote: "No. OSSS is not free currently, it is a shareware (30 day free trial use).

Ways to get a free OSSS license (http://www.online-solutions.ru/en/products/osss-security-suite/free-license.html)." }-

Is there any life time registration or you have to pay every year to renew?

The suite looks quite functional but the english translation in your site is not proper. Somewhere it states

-{ Quote: "Extended download for 24 month(s)

An additional EUR 6.99 will be added to the product price for this option.

If you purchase the "Extended Download" service, you can download the electronic product version up to 24 month(s) after receipt of your payment by going to "My account" in the Customer Care Center. Please notice that this service is not an extension of your original product and does not give you access to any additional licenses for the original product. However, this does not entitle you to download updates." }-

By that you mean that:

1) the 24 months are additional to the initial 12 months, or just 24 months?
2) the above additional payment doesn't entitle you to download updates through the application itself? And you just can download the version from the website?

I am trying your product for a couple of days and it is good but or I am lost in translation or it is quite expensive bearing in mind the competition.

-{ Quote: "Is there any life time registration or you have to pay every year to renew?" }-
No, lifetime licenses are not provided at this moment.

-{ Quote: "The suite looks quite functional but the english translation in your site is not proper. Somewhere it states" }-
You quoted an information from our "seller", it is not our information. They provide an additional service: installation package download/CD by additional fee (it is a service of this company, not our).

-{ Quote: "By that you mean that:

1) the 24 months are additional to the initial 12 months, or just 24 months?
2) the above additional payment doesn't entitle you to download updates through the application itself? And you just can download the version from the website?" }-
You can download installation package from our site if it is up and working well. :-) This service from a 'seller'-company is required for cases, when installation package can be removed from site for some purposes, or any other 'bad' cases, when you will not be able to get an installation package from original source. Just an "insurance". So, it is a fully your decision: is it required to you or not.

-{ Quote: "I am trying your product for a couple of days and it is good but or I am lost in translation or it is quite expensive bearing in mind the competition." }-
If you will have additional question regarding product, site or something else, please ask.
Sales questions you can mail to sldep@online-solutions.ru directly.

Thank you.

Any news on the x64/Win7 version yet?