CryptoSuite - anyone still using it?

Hello inpersonam,

You are most welcome!

No it does not, exclusions apply only to the AV and AS scanning (both real-time and on-demand).

This is HIPS again, the self protection feature in fact. It prevents anything from making changes to ESET and is hard coded. The only way around this is to disable the self protection option in HIPS or disable HIPS entirely.

You rules are fine, in fact they are a lot more granular than mine. Since I set my rules manually and did not know what may be blocked, I ended up allowing everything CP to do anything, basically a blanket "allow all" rule.

Yes as all that were created were for specific actions that occurred when you updated and ran CP. As I said above, my manually added rules are basically a blanket "allow all"...

When you use learning mode as you did there is no need to worry about that as learning mode does it all for you.

If you want to be prompted, use interactive mode, then open CP.

Short answer - No. Long answer - That would be a hard thing to request as even though all HIPS pretty much do the same thing, they may monitor different events, wordings in the prompts may be different, etc. The list would be aimed to help people that do not know a lot about HIPS so even if you had this list, how would you know how to incorporate into your HIPS? If you do not understand your HIPS enough to use learning or interactive mode to help set up your rules, how could you even begin to set up these rules manually? And as I said, all HIPS are different in how you set them up, the wordings and prompts, etc. I imagine if a vendor supplied such a list that soon afterwards he would start receiving requests like "How do I incorporate your list into (insert your HIPS software name here)?" IMHO this would be a waste of the vendors time and just create more work for him, and I, for one, would rather have him devoting his time to coding his product. This is especially true for small vendors such as CP (which are often 1 or 2 man teams). Again, this is just MHO but I hope my explanation may help a bit...

This is a yes and no answer. They are all similar in what they basically do, but may monitor different things, different UI's with different wordings and prompts, etc. Even though they may be pretty much similar in what they do, they may look totally different and how you set up and use them may be totally different, sometimes to the extent of just because you are knowledgeable using one HIPS, there still may be a steep learning curve if you switch to another...

HTH...

Note: We have taken this thread way off topic from its original intent and I am surprised that a mod has not jumped in. If you wish to continue this discussion, we should probably start a new thread or do it via PM...

 

Hi dear Kent,

Not sure whether that would be needed (but of course the mods/admins decide about it) if the things you guys are discussing, will also be discussed for Crypto Suite, with proof that it is ESET that is causing Crypto Suite not working as it should be and why and what to do (I am not saying that it is ESET; I simply don't know). The discussion is interesting; maybe in case it is only about Crypto Prevent and ESET, then a new thread may be better with a link to it here in this thread.
Would that be OK with you guys and the mods?

===

Some PS:

PS-1:
The fact that the word "crypto" is both in "Crypto Suite" and in "Crypto Prevent", doesn't mean that both programs are in any way related.

PS-2:
About Crypto Suite:
Different folks who are still using Crypto Suite, are interested in different parts of the program. I myself am mostly interested in its checksum comparing part.

 

Hi Kent,

Thanks again for all you help.

I am not quite sure now how I got my Cryptosuite and CryptoProtect to install - I think by turning off the services etc via msconfig, and by luck I had self defense turned off in the HIPS settings. But I got the impression that the Cryptosuite installer runs if I exclude the installer file from real time file system protection. Any how, I think I have got enough to know how to mackle with the problem next time I meet it.

The focus of our discussion has moved, but I think would all be of interest and relevant to someone trying to get his Cryptosuite working again, or interested in the larger issue of how Eset can interfere with the running and installation of programs in the way that Cryptosuite and CryptoProtect were affected. We have not actually nailed the Cryptosuite problem yet, but it looks like excluding the installer from real time protection or turning off the non-windows services and startups, at least with self defense turned off in the HIPS settings, or running the installer with HIPS off or in learning mode are approaches worth exploring. And we suspect that the problem is caused by Eset.

Tom

 

Hello Jan,

Even though we have strayed off-topic and even though we migrated to discussing issues with CP installs, it does all come back to the subject of the CS installs with ESET involved. I just wanted to mention we were starting to stray a bit but it is all related so maybe the mods will let us continue. I am sure they will let us know otherwise.

I think inpersonam probably has enough information now to troubleshoot any issues he may have. I bet he could even go back and uninstall those programs if he wished and install them again to learn more about the issues he had. It is a learning process for us all. We can keep discussing this if anyone wishes to continue on and see if oit goes any further. I know in my case I just did a general fix to my issues as at the moment I do not have enough time to troubleshoot in depth to pinpoint exactly what is being blocked or not allowed and thus causing the issues. On my end, the issues are solved for now and I do not feel I have lowered my security in any way with the fixes I put in place.A lot boils down to trust and I have dealt with the developer over at FoolishIT (developer of CP) and trust him and his software...

 

I think that Kent and I have probably taken this as far as either of us wishes for the time being at least. It is about Cryptosuite and CryptoProtect and Eset Nod32, so perhaps in a perfect world one would note the discussion under CryptoProtect and also under Eset Nod32, with just cross references to in both of those places to this discussion. I don't think that either Kent or I are likely at this stage to want to resolve exactly which of the possible factors in relation to Eset is causing the problem, and so there is nothing that could be separated from our discussion and transferred elsewhere at this stage, but if I have to go into it further on a later occasion I will try to clarify and resolve the issues and would be happy then to add my further observations.

Of course if someone else has the energy to take it further.....

It all seemed to me to have to do with the installer files in Cryptosuite and CryptoPrevent using a temp file, and that file being locked by Eset.

 

Hey Kent and inpersonam,

I am fully OK with what you guys posted and would like to thank you both for your input! Thank you guys!
(I myself don't have the time to look at it further too for now)