|
|
#27
January 24th, 2007, 03:23 AM
|
|||
|
|||
Re: DefenseWall as a HIPS
Quote:
Send me minidump files for those BSOD's via forum- my e-mails are still ain't working. |
|
#28
January 29th, 2007, 10:21 AM
|
|||
|
|||
|
Re: DefenseWall as a HIPS
Thanks for the screenshots Ilya, I think the GUI will be just fine as long as you donīt forget the basic rules like: "Applications must remember its screensize + position, same goes for columns (+ remember column-sorting"). Btw, I now know what I forgot to ask: In Sandboxie, every change to the file system and registry will be made only in the virtual sandbox. So apps are not able to do any damage to the real system. But is this the same with DW? This is whatīs bugging me a bit.
 Last edited by Rasheed187 : January 29th, 2007 at 10:32 AM. |
|
#29
January 30th, 2007, 04:38 PM
|
|||
|
|||
|
Re: DefenseWall as a HIPS
Quote:
Correction- will be made within virtualization container. It is standard file system folder and registry key in case of SBIE. Quote:
No, it is not the same. DW has policy-based file system protection instead of virtualization. Also, registry protection is, mostly, policy-based also (but there is limited virtualization). The point is that if sandbox gives you 95-98% of automatical defense against unknown, 0-day malware. DefenseWall do this job and, in future, will be able to do it even better. As about defense rate- well, maybe, file system virtualization may give some little advantages, but the price for that is standard- simplicity in everyday use and learning curve. In fact, classical HIPS may give you ~99% of defense- but it will be impossible to use it due to huge number of popups. This balance- simplicity and defense rate- is highly important thing! |
|
#30
January 31st, 2007, 03:03 PM
|
|||
|
|||
|
Re: DefenseWall as a HIPS
Ilya - re. the rollback feature, does this mean it's possible to view all changes made to the file system and registry by a process, with detailed info on what it used to be and what it has been changed to ?
|
|
#33
February 1st, 2007, 07:42 AM
|
|||
|
|||
|
Re: DefenseWall as a HIPS
Quote:
Not all of them. "Time machine" from Apple requires second hard drive! |
|
#34
February 14th, 2007, 09:51 AM
|
|||
|
|||
|
Re: DefenseWall as a HIPS
@ Ilya Rabinovich
But isnīt DefenseWall basicly almost the same as GESwall? So itīs restricting apps with policies so that malicous apps canīt damage a system? But apps can still access certain parts of the real file sytem and registry otherwise they wouldnīt be able to work, and thatīs why you need the rollback feature, correct? I donīt know why but I still canīt visualize it completely, sorry about that. But with Sandboxie I know that the file system and registry will not be touched, with that I mean they will be virtualized and changes are kept in the sandbox. Iīm not saying that itīs better, but Iīm just trying to figure things out.  |
|
#35
February 14th, 2007, 01:40 PM
|
|||
|
|||
|
Re: DefenseWall as a HIPS
Quote:
Basically- yes, you are correct. Quote:
Not in the sandbox, but inside virtualization container. In case of SBIE is it a folder within "Documents and Settings" one. |
| « Previous Thread | Next Thread » |
| Thread Tools | Search this Thread |
|
|
