With L n S installed DEP prevents....

[CJsDad]

Generic Host Process for Win32 Services and Spooler Subsystem from running.
Is there a way to work around this?

[Frederic]

Don't enable "Watch thread injection" and "Watch DNS calls" in the advanced options. These options are not compatible with DEP.

Frederic

[CJsDad]

That seems to work.

Thanks Frederic.

[Pigitus]

Quote:

Originally Posted by Frederic

Don't enable "Watch thread injection" and "Watch DNS calls" in the advanced options. These options are not compatible with DEP.

Frederic

In a new machine with Windows Media Center and LnS 2.05p2, unchecking the thread injection control in LnS was all it took to stop the conflict with SVCHOST.EXE and other Windows files. Windows seems to tolerate leaving the DNS control option checked.
==========================

Windows' new Data Execution Prevention (DEP) development begs 2 questions.

1. Is it a satisfactory long-term solution for LnS to SURRENDER thread injection control to Windows?

2. More generally, is Windows slowly getting secure enough that it is displacing some 3rd-party products by plucking more and more security features away from them?


To 1. I don't understand the technical details to even guess the answer. All I know is that MS has a long history of security sloppiness, but it also looks as if it's trying to shape up. Would the more saavy posters address this issue?

To 2. The record is that MS honors ignorance in its customers so much that it may not be a serious threat to the security industry any time soon. But I suspect that many software will get into increasing conflict with Windows every time Windows updates. This will force all of us to rethink our security strategies in terms of different software combinations, won't it?

For almost 2 years, I had a reasonably satisfactory security arrangement which distracted me little from my work:

SPI firewall router,
LnS,
NOD32,
ProcessGuard,
Prevx Home replaced by Prevx Pro,
Firefox browser on practically safe sites (except for a few incompatible sites, and then SpywareStopper to guard against IE),
Disabled Windows services such as Server, Telnet, Remote Registry, Remote Desktop, etc.
Choicemail which limited incoming mail to those with addresses in my address book and set the others in a safe place
PortExplorer on a separate screen sometimes to keep an eye on where programs are going
Rare Windows updates
Last but not least, strong encryption of key personal files and backing up of personal and settings files.


About 5 or 6 scans over those 2 years revealed nothing (apparently) got through (but to those who see a whole, your comments are welcomed.)

Now it looks I'll have to invest more time on boards to watch developments. But I'll keep the upheaval to a minimum by staying away from Vista for a long time and not updating Windows too often.