Considering buying WormGuard...

Discussion in 'WormGuard' started by Checkout, Mar 13, 2002.

Thread Status:
Not open for further replies.
  1. Checkout

    Checkout Security Rhinoceros

    Joined:
    Feb 11, 2002
    Posts:
    1,226
    As a licensed TDS operator, I'm wondering to what exxtent there's overlap between TDS and WormGuard.  Specifically, TDS uses one or more WormGuard engines, if I read the documentation right.  Would installing WG involve duplication, or is the installer smart enough to share resources, particularly during execution?

    I presume I still need a decent AV to accompany WG...

    While I'm feeling cheeky, is there a bundle price?   :D
     
  2. wizard

    wizard Registered Member

    Joined:
    Feb 9, 2002
    Posts:
    818
    Location:
    Europe - Germany - Duesseldorf
    The main difference between TDS-3 and Wormguard is that Wormguard is a full genric (heuristic) solution. Wormguard checks all kind of scripting malware (VBS-worms like Love-Letter for example).

    TDS-3 does not scan for such script malware. Wormguard does not replace an anti virus software but enhances it because most anti virus software have poor heuristic features for scripting malware.

    wizard
     
  3. Jooske

    Jooske Registered Member

    Joined:
    Feb 12, 2002
    Posts:
    9,713
    Location:
    Netherlands, EU near the sea
    I can but say WG saved my computer's life various times by warning for possible nasties and embeddings; i love the safe mode to be able to walk through a file (curious as we are) and see what it's warning for to be able to decide to run it anyway or not.
    Not to forget a lot of extra safety when surfing around, blocking nasties from web sites to enter your system at all, and a lot more. so there are only a couple of WG ingredients in TDS, but TDS does not replace the whole of WG.
     
  4. UNICRON

    UNICRON Technical Expert

    Joined:
    Feb 14, 2002
    Posts:
    1,935
    Location:
    Nanaimo BC Canada
    In five minutes I could write a macro virus in word. It would be new, no AV would have a definition. Wormguard would catch it EVERY SINGLE TIME. No file with embedded scripts can run without user intervention. This is a last line of defense. Once I was sent an infected .doc, it containes no malware, except a script to download malware from an ftp site. Wormguard was the only thing to stop it.

    You WILL get false alarms though. If you do any programming in VBA, wormguard will be all over any file containing VBA code (even though VBA is not script, but can be very deadly).
     
  5. Checkout

    Checkout Security Rhinoceros

    Joined:
    Feb 11, 2002
    Posts:
    1,226
    Unicron - you've got yourself a customer.  Thanks!
     
  6. Jooske

    Jooske Registered Member

    Joined:
    Feb 12, 2002
    Posts:
    9,713
    Location:
    Netherlands, EU near the sea
    Congratulations with your second best decission on buying software; the best was TDs already.
     
  7. UNICRON

    UNICRON Technical Expert

    Joined:
    Feb 14, 2002
    Posts:
    1,935
    Location:
    Nanaimo BC Canada
    I do not work for DiamondCS. But I am sure they will be happy to have you. You already own TDS-3, when are you going to  show up at the private forum?

    version 4 for both out soon too ;)
     
  8. Checkout

    Checkout Security Rhinoceros

    Joined:
    Feb 11, 2002
    Posts:
    1,226
    That's a toughie - I dial in using a hotel phone line, so it's expensive to play in real time.  :(  Looking forward to the next releases.
     
  9. UNICRON

    UNICRON Technical Expert

    Joined:
    Feb 14, 2002
    Posts:
    1,935
    Location:
    Nanaimo BC Canada
    is it just me or is your sig slowly growing again? I could have sworn it was smaller last week.

    Private forum is not unlike this one, should make no difference. Surprise, surprise, it is heave on TDS-3 and wormguard related stuff, but also everything else.
     
  10. Checkout

    Checkout Security Rhinoceros

    Joined:
    Feb 11, 2002
    Posts:
    1,226
    One more question:  with WormGuard active, can I turn off features in IE and ZAP which disable ActiveX, Active Scripting, and JavaScript, and safely let WormGuard handle these?
     
  11. UNICRON

    UNICRON Technical Expert

    Joined:
    Feb 14, 2002
    Posts:
    1,935
    Location:
    Nanaimo BC Canada
    I would leave them on too. Best to try a test, to see where the overlap is. WG doesn't seem to mind webpage related stuff. It concerns itself mainly with files on your computer, and scans them with stong heuristics before they can execute.
     
  12. Checkout

    Checkout Security Rhinoceros

    Joined:
    Feb 11, 2002
    Posts:
    1,226
    Unicron, you have tye-died my underwear with a gruesome shade of purple confusion; somehow I thought that WG could parse web pages, which was a highly attractive notion.  Perhaps I was thinking of something else.

    May rhinos leave your yard unbefouled.
     
  13. UNICRON

    UNICRON Technical Expert

    Joined:
    Feb 14, 2002
    Posts:
    1,935
    Location:
    Nanaimo BC Canada
    my example of its use did not mention webpages but a word doc. and WG is good for this because you can safely view the file in WG's text window to read the code and judge its capability.

    I would have tried the demo before purchasing any product if possible. It was not my intention to mislead you in any way.
     
  14. Checkout

    Checkout Security Rhinoceros

    Joined:
    Feb 11, 2002
    Posts:
    1,226
    Don't worry, you haven't.  I'm sure the confusion is a product of an alcohol-related (hic) aberration on my part.  Nevertheless, wouldn't it be a wonderful and world-class idea to throw before Diamond developers....   ;)
     
  15. Jooske

    Jooske Registered Member

    Joined:
    Feb 12, 2002
    Posts:
    9,713
    Location:
    Netherlands, EU near the sea
    But it does stop stuff from web pages from interfering with your computer or functions to be activated on your system from in- or outside origin, HTA and such are stopped completely, all those nasties, that is for me part of the attraction. Have it running already?
     
  16. Checkout

    Checkout Security Rhinoceros

    Joined:
    Feb 11, 2002
    Posts:
    1,226
    No.  (sigh)  I think I'm going to have to wait for V4.  As it is, I'm staring a complete reformat and reinstall in the face.  I'm not blaming WG for this, BTW.
     
  17. Jooske

    Jooske Registered Member

    Joined:
    Feb 12, 2002
    Posts:
    9,713
    Location:
    Netherlands, EU near the sea
    Who or whatever is to blame, never nice.......
    Think indeed as UNICRON says a good thing to look for the tips and troubles in the private forum, since XP a lot written about that......
    Things like installing it as an administrator or a user, those things.... For me it's really strange about the missing file part. That's why i thought about a new d/l + install.
     
  18. Checkout

    Checkout Security Rhinoceros

    Joined:
    Feb 11, 2002
    Posts:
    1,226
    Thanks, but I'll wait for V4.  Things will get complicated otherwise.  I reserve the right to make wishes, in the meantime.   :)
     
  19. Jooske

    Jooske Registered Member

    Joined:
    Feb 12, 2002
    Posts:
    9,713
    Location:
    Netherlands, EU near the sea
    Yes, wishes we want implemented in v4 many have posted in the private forum, and i'm sure emailed too.
    I still think you'll get WG running fine with some ideas. The strange thing with much software in general is on the one system it runs marvelous, while on the other with the same OS it's a mess or something in between. You know best with the programming and installations there are combinations which bite for reasons unknown.
    As long as with installing such a program which goes very deep into your system protection close other programs which are protecting there like forewalls and all kinds of scanners, and you install it in the right place -i'm no NT/XP user, but i read in the forums it can be better sometimes to install some as an administrator or especially as a user or in some cases even on both places- which is all worth trying before reformatting your system.
    From the last bad flight i hope you were able to uninstall what was there and first have the OS ok again before a next try, even if it will be v4.
    In the meantime continue your wishes and sweeeeeet dreams :)
     
  20. Checkout

    Checkout Security Rhinoceros

    Joined:
    Feb 11, 2002
    Posts:
    1,226
    Goodnight, dearest Jooske, wherever you are...  :)
     
  21. Jooske

    Jooske Registered Member

    Joined:
    Feb 12, 2002
    Posts:
    9,713
    Location:
    Netherlands, EU near the sea
    Netherlands, that little wet country near the sea, in front of the screen still, about 00:30 in the morning.
    I did not mean the sweeeeeet dreams for going to sleep yet, but the sweeeeet dreams about a wonderful amazing WG4 and TDS4 ahhhhhhhh that's the language barrier, or dreams barrier?:)
    Did you see btw in the private forum some of the nice and sweet SS3 scripts i made for TDS? Besides the serious security stuff the smart guys produce of course.
    In fact i hope we can expect some contributions from more of the experienced scripters like yourself!
    Now with springtime in the air i might post some appropriate little scripts :D.
    Promise me in the meantime you get MSAgent running which i use often to enlighten the scripts even more :)
     
  22. 5zigenCivic

    5zigenCivic Registered Member

    Joined:
    Mar 18, 2002
    Posts:
    12
    i have been using wormguard for about 10 days now..  it does work, and believe me before this i would never use pop-mail or outlook.
     
  23. Jooske

    Jooske Registered Member

    Joined:
    Feb 12, 2002
    Posts:
    9,713
    Location:
    Netherlands, EU near the sea
    Glad you like it too, i love the security feeling.
    One of my new programs .exe's has a nice exe double extension name someting like xxx.2.0.exe, and of course i am warned when i use it. I can allow it though in the configuration.
     
Thread Status:
Not open for further replies.