GesWall - some news/ tests

Discussion in 'other anti-malware software' started by aigle, Mar 10, 2008.

Thread Status:
Not open for further replies.
  1. Henk1956

    Henk1956 Registered Member

    Joined:
    Dec 3, 2007
    Posts:
    55
    It works for me (even when they are FAT).
    Anything started or opened runs isolated.
     
  2. aigle

    aigle Registered Member

    Joined:
    Dec 14, 2005
    Posts:
    11,164
    Location:
    UK / Pakistan
    Ok, I will try and see.

    Thanks
     
  3. Yoda1953

    Yoda1953 Registered Member

    Joined:
    Nov 1, 2007
    Posts:
    163
    Location:
    Netherlands
    What does threat gates mean, like what happens if one threat gate's the harddisks? For instance \device\harddisk0.

    I see in the manual mentioned as Reserved for internal GeSWall use.
     
  4. aigle

    aigle Registered Member

    Joined:
    Dec 14, 2005
    Posts:
    11,164
    Location:
    UK / Pakistan
    No, NEVER do it as all ur applications (including windows vital processes also) on C disk will be isolated. And if yu rebooted with this rule, u will be in trouble. U can threat gate specific folders on C hard disk/ partitions or threat gate ur USB drives, CD Roms, non-OS disks/partitions etc etc.
     
  5. Yoda1953

    Yoda1953 Registered Member

    Joined:
    Nov 1, 2007
    Posts:
    163
    Location:
    Netherlands
    Curious :cautious: , nothing strange happened when I tried it and rebooted. Thanks for your reply.
     
  6. aigle

    aigle Registered Member

    Joined:
    Dec 14, 2005
    Posts:
    11,164
    Location:
    UK / Pakistan
    Then u configured the rule wrong. If u really want to see, try this( but on your own risk). :eek: :eek:
     

    Attached Files:

  7. Yoda1953

    Yoda1953 Registered Member

    Joined:
    Nov 1, 2007
    Posts:
    163
    Location:
    Netherlands
    I used \device\harddisk as you can see in my first post #28
     
  8. Kees1958

    Kees1958 Registered Member

    Joined:
    Jul 8, 2006
    Posts:
    5,857
    AIGLE,

    This would be great for the VISTA64 gaming box

    The next version 3.0 would be driven by new code, compatible with x64. It is expected later this year. USB storages handling is a part of 3.0.

    Regards Kees
     
  9. aigle

    aigle Registered Member

    Joined:
    Dec 14, 2005
    Posts:
    11,164
    Location:
    UK / Pakistan
    There must be some mistake. Use \Deviec\Harddisk0 or \Device\Harddiskvolume0 and choose Resource type as File but not as DEVICE, and it should work I think.
     
  10. aigle

    aigle Registered Member

    Joined:
    Dec 14, 2005
    Posts:
    11,164
    Location:
    UK / Pakistan
    Let,s wait n see. I am not so hopefull about future of GW.
     
  11. LoneWolf

    LoneWolf Registered Member

    Joined:
    Jan 2, 2006
    Posts:
    3,782
    Really?? ...........Why is that o_O
     
  12. Yoda1953

    Yoda1953 Registered Member

    Joined:
    Nov 1, 2007
    Posts:
    163
    Location:
    Netherlands
    OK but what does it do, when I apply this?

    It marks every single file on the drive as isolated, so....with reboot VERY big problems like BSOD. No way to start Windows. Restored my backupped image, because I like to experiment. o_O :gack: :blink:
     
    Last edited: Jul 17, 2008
  13. aigle

    aigle Registered Member

    Joined:
    Dec 14, 2005
    Posts:
    11,164
    Location:
    UK / Pakistan
    May be u can then go to safe mode and delete this rule.
     
  14. aigle

    aigle Registered Member

    Joined:
    Dec 14, 2005
    Posts:
    11,164
    Location:
    UK / Pakistan
    Developments has become so slow, so I am not sure how it will go on.
     
  15. trjam

    trjam Registered Member

    Joined:
    Aug 18, 2006
    Posts:
    9,102
    Location:
    North Carolina USA
    I am hopeful, there is development going on right now that agile and I cant talk about. How it will turn out, only time will tell. For one, this product requirs very little maintanace.
     
  16. trjam

    trjam Registered Member

    Joined:
    Aug 18, 2006
    Posts:
    9,102
    Location:
    North Carolina USA
    and for me, right now, it works. Who really knows what any of us will use a year from now.
     
  17. Page42

    Page42 Registered Member

    Joined:
    Jun 18, 2007
    Posts:
    6,941
    Location:
    USA
    I agree. After some initial rules creations and some getting used to, this product has become the classic "set and forget" for me, which suits me fine. Some people, clearly, can't keep their hands off their security programs and probably get mighty bored with GeSWall's quiet reliability.
     
  18. aigle

    aigle Registered Member

    Joined:
    Dec 14, 2005
    Posts:
    11,164
    Location:
    UK / Pakistan
    That,s so true of GW. I even forget most of the time that it,s on my system.
     
  19. Kees1958

    Kees1958 Registered Member

    Joined:
    Jul 8, 2006
    Posts:
    5,857
    DW only tracks registry changes which can be rolled back (could be seen as some form of virtualisation but is the purest policy sandbox), simpler in security i sbetter (less possible points of failuer)

    GW uses redirect as virtalisation, is a policy sandbox (uses Microsoft 32 bits internal Policy management mechanismens, which also reduces the possible points of failure) plus selective virtualisation

    SafeSpace can be set up as a minimal Virtualisation sandbox, application virtuaisation sandbox like SBIE, partition protection like Returnil
     
  20. Yoda1953

    Yoda1953 Registered Member

    Joined:
    Nov 1, 2007
    Posts:
    163
    Location:
    Netherlands
    No, no safe mode too. Do not, I repeat, do not try this at home :shifty:
     
  21. aigle

    aigle Registered Member

    Joined:
    Dec 14, 2005
    Posts:
    11,164
    Location:
    UK / Pakistan
    Lol, I told u already but u were insisting to try.
     
  22. LoneWolf

    LoneWolf Registered Member

    Joined:
    Jan 2, 2006
    Posts:
    3,782

    I believe DefenseWall tracks registry and file changes which can be rolled back.
    Unless I'm misinterperting the way DW works.
     

    Attached Files:

  23. Kees1958

    Kees1958 Registered Member

    Joined:
    Jul 8, 2006
    Posts:
    5,857
    Yep,

    Yes you are right, but DW i thought that DW is able to revert to old regsitry values, while files only can be deleted with roll back

    Regards
     
  24. Ilya Rabinovich

    Ilya Rabinovich Developer

    Joined:
    Sep 13, 2005
    Posts:
    1,543
    DW tracks only files, folders and keys created by untrusted processes.
     
  25. LoneWolf

    LoneWolf Registered Member

    Joined:
    Jan 2, 2006
    Posts:
    3,782
    Thank's Ilya for the clarification, much appreciated.
     
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.