General answer to leaktests?

Discussion in 'other software & services' started by lurker1, Mar 9, 2003.

Thread Status:
Not open for further replies.
  1. lurker1

    lurker1 Guest

    Hi everybody,

    as I mentioned in annother topic already, I am not using LnS. However
    I share with others like you the general interest in firewalls and
    system security matters.
    I did not go thru the hassle of testing all available leaktests on my
    firewall because I am using a tool here from which I hope and trust
    that it will catch such intruders whatever their name is. :)
    The name is SSM, System Security Monitor.
    I accidentally read an article in the "General Firewalls Forum" here,
    that also Oops is detected, which means that also WIN98 etc. users
    will have an answer to the issue.
    The program is freeware, has a very small footprint, and low memory
    consumption. It can be hidden also. Here are the features:

    System Safety Monitor - Features

    ·Allows you to control which programs and applications can be opened on
    your computer.
    ·Offers a choice of two modes - User and Administrator. In Administrator
    mode you can set your preferences to control programs. Access to this
    mode can be protected with an encrypted password to prevent anyone
    changing your settings. In User mode no changes can be made to your
    ·Supervises changes to important registry keys when installing new
    ·Will block or alert on any attempt to change guarded registry keys.
    ·Allows you to control which programs run at system startup.
    ·Maintains a list of running applications and allows you to terminate any
    application immediately.
    ·Maintains a list of Black-Listed (banned) and Trusted (allowed) programs
    and applications. These lists can be easily edited.
    ·Allows you to block specific windows (including websites) from opening.
    ·Can be set to run automatically on system startup.

    Did anybody check SSM with the available leak-tests?

  2. V

    V Guest

    I accidently read the same article in the Firewall forum where Mickey posted that Frederic had already created a new driver to patch the leakage issue.. System Safety Monitor is nothing new & mention was made of it ages ago in the old Becky's LnS forum. AWFT & 00ps affect NT/200/XP systems & are a non issue for 98[me=]users. I'm not using SSM or non MS software and all leak tests incl pcAudit !!FAIL!! to even execute on "my" Win98 OS. :)[/me]

    btw, If you're not using LnS why post this advertisement in the Look'n'Stop forum?
  3. Cynder

    Cynder Guest

    Reading the 1st thread I get the instinct impression that hints being thrown to show how pointless Application Filtering Feature is in Look ‘n’ Stop, but yet Look ‘n’ Stop manages to stay on top of the matters.

    I’m going to be bold here, my Opinions is if Look ‘n’ Stop ever discontinues Application Filtering Feature and implements Application Control like that of SSM I surely wont be using no-longer.
  4. nameless

    nameless Registered Member

    Feb 23, 2003
    I'm at an absolute loss as to why you would "trust" this application (i.e. "SSM") to protect you, without testing it yourself.

    I'm even more confused as to why the "black list" feature is desirable. If you have an application on your system which you absolutely don't want to run, you get rid of it. Why on earth would you try to block it without simply getting rid of it?

    Another thing--you (well, it was probably you) posted before that "ALL TRUSTWORTHY SECURITY-SOFTWARE SHOULD BE OPEN SOURCE!" (see ). Is SSM open source?
  5. Cynder

    Cynder Guest

  6. lurker1

    lurker1 Guest

    Hi everybody,

    when I mentioned SSM and in the same time asked if anybody had tested
    it with the available leaktests, then I did this for the following
    1. Not to substitute it for any firewalls and their application filters,
    but to have an additional layer of security to possibly catch intruders
    in the first place, before the firewall will have received a patch.
    2. Moreover virus/trojan scanners and firewalls will most of the time
    be able to handle such attacks AFTER a trojan/virus has been discovered
    and is known.
    3. Mentioning SSM, Webwasher, Proxomitron, Ad-aware and the lot on
    this forum has absolutely nothing todo with advertising another
    product or to use another firewall.
    4. I thought that particularily users of this forum are more aware of
    firewall-leaks than others. That's why the question was placed here.

    So again... did somebody try SSM with the available leaktests?

  7. anvil

    anvil Guest

    Hi lurker1,

    yes, I tested SSM ("System Safety Monitor") with most famous leaktests and, from technical view, it can indeed cope with most leaktests, e.g. Firehole, Tooleaky, AWFT, Thermite, partly PCAudit,... so all in all it seems to have similar capabilities towards leaktests as Look'n'Stop. :)

    But as SSM isn't as focused on leaks/outbound protection, you have to know a bit about all this stuff, in order to be able "close leaks" with SSM (e.g. it doesn't say: "app x wants to access internet by hijacking app y" but something like: "app x wants to create remote thread in app y")

    Furthermore there are some design issues and stability problems at the moment which have to be fixed.
    But Max, the developer, is very quick and open for suggestions, so I think, SSM will be a great tool. :)
  8. lurker1

    lurker1 Guest

    Hi anvil,

    many thanks for your answer... was good to hear. :)

    Yes, I agree, it is more an overall security tool which is useful also
    somewhat in relation to assist the strenthening of firewalls as well,
    if the user knows what he is doing.
    I guess for this and other reasons the black list exists for the admin
    and users.Pending further clarification a detected application could
    be kept there.
    Putting it on trusted for admin and black-listed for users could be used
    for the kids not to fiddle with father's chess game settings. :)

  9. MickeyTheMan

    MickeyTheMan Security Expert

    Feb 9, 2002
    I'm still waiting for someone to move this topic in appropriate forum before participating actively in it. This subject has nothing to do with LNS
  10. Pieter_Arntz

    Pieter_Arntz Spyware Veteran

    Apr 27, 2002
    I was kind of waiting to see in what direction the thread would be going. Since it seems to be focusing on SSM, I will move it to Software & Services now. ;)


Thread Status:
Not open for further replies.