Best choice between real-time protection options

To those who have problems with DefenseWall- please, mail me to support [at] softsphere [dot] com I could fix them.

 

DefenseWall had an issue with KIS, as Ilya said check the gladiator forum or mail him.

Regards K

 

Thanks kees 1958, already done earlier on this afternoon.
Ilya resonded very quickly indeed.

I think this not only shows commitment to Defensewall, but also the customer, and the none paying customer in partictular as i have not yet purchased a license, although things seem to be running smoothly at the moment so i will most likely be purchasing a license in the not too distant future.

 

I'm very interested in DW. I've seen some complaints that it slows things down but I don't find that! If there is a decrease in speed it must be a very marginal thing and I for one am quite happy to trade an insignficent ebb in performance for an exponential increase in security.

I'm wondering about 'DefensePlus' as well. The web site doesn't make it clear what exactly the 'Plus' is. I presume that we're taking DefenseWall + Firewall. Would this conjecture be right or is it something else again?

Do any of the members use DefensePlus? I'd be interested in hearing users' comments because I'm trying to decide which one of these I ought to keep.

 

No it's not a firewall.

If you check over on the Forum, it appears that most users have selected DW.

Other relevant thread here .

 

This is the field of investigation. I had some reports about it, but, because of some problems with those users and couldn't identified the reason of it (still). But, in case of 100% user cooperation, I always finish remote problem determination process to its logical final - DW that running smooth, without problems.

For the future- to all. If you like program, but have some problems with it- always call for support! If you will be ignoreg- this is a great deal to uninstall software and forget about their producer forever. Other case- see if your problem will be fixed by program's developer for reasonable time (couple of years is not reasonable period ).

OK, I'll try to fix it when I'll release DW v2.0

No, it is buffer overflow defense tool for old-styled processors without NX/XD bit (so-called Hardware DEP). Why "Plus"? I was searching for good-sound name and found this one. This world is much simpler you can imaging it

 

Hey Ilya (grand master hehe)
DW does not protect against those threats, and DP is a complement, or DW covers that that also? Forgive my ignorance.

I figure my processor is not DEP enabled/ supported / whatever. I figure, because i can't find info online, only ran a test that Microsoft suggests. It reads false, so i guess i'm stuck.
Is there good info online where i can see some list of processors/ family of processors? Does Intel call it something else other than DEP? (mine is Pentium M 760)

 

No, DW doesn't cover buffer overflow defense field. I had several reasons to do not incorporate DP into DW.

You are wrong, your processor have hardware-level buffer overflow defense, just switch it on for all the processes http://www.ferra.ru/online/processors/26556/ . Sorry- in Russian, but you will understand. Search engines rules the world!

 

Hi Ilya.

DW is a great application which is particularly suited to the needs of a novice user like myself.

I like the superb protection that it brings and the graceful way that it makes HIPS available to beginners. Ease of use is a major factor in any successful program and DW has this in bucketfuls.

It's not getting on with Adobe's Acrobat Reader, though, which ever since I placed it in the untrusted category has removed itself from the Start\All Programs menu and is sulking ever since in the deepest recesses of C:\Program Files, etc., etc.

If anyone knows how to resore this irksome, but indispensible, reader to it's rightful place on the Start register, I'd be greatful if you let me know.

Cheers all and have a Mega weekend.

 

You could use FoxitReader, it's much less "irksome" than Acrobat Reader.

 

I see. Since you don't see a point to develop it - it's solved in newer hardware- you don't see a point to incorporate it in DW. Logical.

Heh, i'm glad i asked! I'll translate the page, but sure enough i do recognize some of it. Everything else is, well, russian (is it a hard language to learn i wonder? dreaming in broad daylight..)

I did switch DEP on for all processes. Then i did the test and came false Maybe i must do it after reboot, but then again the test is whether DEP is available, not enabled/disabled. I'll try to find another test i guess. Or is it that some BIOS setting might be off?

A new topic for me to read. After getting CHX-I running like i want to, DEP, then 8Signs gets a visitor

Edit:the link to test is not it. I lost the link.. This would not happen in Opera, i'll have to ajust FF to run like i want to..
Edit2: this is the test, actually there's more than one method.

 

I can allow it for myself- need work...

 

Yes, it is. Mostly, because of its great variability.

Try slipfest test

 

Some articles on DEP:
- NX bit
- Data Execution Prevention
- A detailed description of the Data Execution Prevention (DEP) feature in Windows XP Service Pack 2, Windows XP Tablet PC Edition 2005, and Windows Server 2003
- Data Execution Prevention at Microsoft TechNet

 

Thanks Lucas.

Confirmation in english
Also from one of those links, i found this interesting read. OptOut seems like a bad choice. AlwaysOn will be mine, hopefully nothing breaks. If it does, maybe an uninstall is the proper response?

Have you tried it yourself? Just unpack and run it i guess, but does it leave stuff behind? There's not much to read about it. If anyone can answer, please do. Ilya certainly helped a lot already

 

Yes, I did. There is "Shellcodes"->"Test NX" menu item, it is works properly.

 

I see what you mean, Pedro. DEP is a function of Windows that's turned off by default. Well, I just turned it on. Thanks for the tip.

 

All work and no play makes Jack a dull boy. Take it easy, Ilya.

Cheers

 

I went nuts for about 5 min., now i got it:

Reboot to BIOS and found out it was disabled......... No comment at this moment

 

"NX enabled" Will look at the rest of Slipfest.
Also, there's this test (only NX test). It actually violates DEP settings. Windows comes up and notifies, closes application about 3/4 times (different attempts maybe) and the test says in German "congratulations". First time i saw Windows clearly standing up for me.

Now the missing part, ASLR (sounds like a brand new Mercedes). From what i read, it's mostly theoretical, but i'm not about to leave it to theory. On with the show!

 

After editing the Boot.ini file, setting DEP to AlwaysOn, upon reboot FF didn't launch, neither Opera.. IE7 did. Opera's case i have no clue. FF i hope it's an extension.
Also, since reverting to OptOut, FF loads fine, which suggests FF is bypassing DEP in OptOut mode (i have no exceptions, unless like the autostarts, Windows has multiple folders of exceptions..). Am i reading this wrong?

I'm going to backup, uninstall FF, clean reg, reinstall FF, and go from there. I'm certainly now more than ever determined to use AlwaysOn. Unless i'm forced to use IE7? Certainly there's millions out there using FF in AO.

 

Boot.ini ? I can't find that file.
I did it this way in WinXPproSP2 :
01. Close all windows
02. Click on Start
03. Click on Control Panel
04. Click on System
05. Click on tab "Advanced"
06. Click on button "Settings" of Performance
07. Click on tab "Data Execution Prevention"
08. Mark "Turn on DEP for all programs and services except those I select:
09. Click on button "Apply"
10. Click on button "OK"
11. Close all windows
12. REBOOT
Is that also a valid procedure ?

 

Decided on Foxit. Got rid of the bloatware and Foxit outperforms Adobe any day. Great idea that, Antartica.

 

Erik, that's the so called OptOut. You supposedly enable DEP for all processes, except for the ones you opt out. This is one of the MS articles, where further down you'll see "System-wide configuration of DEP". From that window you tried, you can only choose OptOut, or OptIn. To choose AlwaysOn or AlwaysOff you have to edit the "boot.ini" file, accessed as described in the article:

There's another way to access the boot.ini, which was the one i did (it's the same in the end), detailed in another MS article, that i can't find (i reinstalled FF atm). It's in System dialogue, but now you choose Startup and Recovery - Settings - Edit.

This is uncharted territory for me, so i can't really say much more.

 

Reboot and Firefox does not start. Not even that warning is shown that it violates DEP or anything, it just doesn't start. No extensions, this is afaik a clean install.
Windows starts to bug me, Debian is calling.