"OSSS" (Online Solutions Security Suite) Beta is Out

Discussion in 'other anti-malware software' started by PaulBB, Mar 18, 2009.

Thread Status:
Not open for further replies.
  1. PaulBB
    Offline

    PaulBB Registered Member

    "OSSS" (Online Solutions Security Suite) 0.8 Beta
    http://www.online-solutions.ru/en/common/images/osss/osss_scr01.png

    More info, download and screens:

    http://www.online-solutions.ru/en/osss_security_suite.php
    http://www.online-solutions.ru/en/ospd_proactive_defense.php
    http://www.online-solutions.ru/en/ospf_personal_firewall.php
    http://forum.online-solutions.ru/viewforum.php?f=6
  2. vijayind
    Offline

    vijayind Registered Member

    Why is it called a suite, if it only has a firewall and HIPS component ??
  3. Peter2150
    Offline

    Peter2150 Global Moderator

    Wonder exactly how this is "new generation" I love how someone re invents the wheel, and calls it brand new technology.
  4. firzen771
    Offline

    firzen771 Registered Member

    looks interesting
  5. Ilya Rabinovich
    Offline

    Ilya Rabinovich Developer

    It looks very similar to the current firewall solutions like Comodo, Online Armor and others. Nothing special, no innovations.

    And it doesn't work with DefenseWall installed. At all.
  6. Kees1958
    Offline

    Kees1958 Registered Member

    :thumb: :thumb: :thumb:
  7. Mihail Fradkov
    Offline

    Mihail Fradkov Registered Member

    Nothing to comment here. I think you didn't tested it on real-bypass technics used in modern itw-malware (for latest six monthes, for example).

    The reason of the problem - DefenseWall and it manipulation with processes starting (Service is killed by services.exe, if DW is started before). Anyway, today we resolved this problem and you can get new build of installation package.

    Thank you for report and other information!
  8. blacknight
    Offline

    blacknight Registered Member

    It doesn't install on my XP Pro SP3 updated. It says that the kernel of my system is not compatible with OSSS. I tried to install OSSS after I uninstalled my security softwares and cleaned the system. May be that the problem is Vista Inspirat BricoPacks ? But BricoPacks runs with every other HIPS and security suite...
  9. Mihail Fradkov
    Offline

    Mihail Fradkov Registered Member

    Navy, if you already uploaded your kernels following this manual, then you need to get a new build of installation package (where your kernels are taken into account). We uploaded a new build of installation package today (19.03.2009) to our site at 20:50 (GMT+03). Please check it and say how it is. Thank you!
  10. Durad
    Offline

    Durad Registered Member

    nice GUI i like it
  11. Ilya Rabinovich
    Offline

    Ilya Rabinovich Developer

    No, I didn't. You see, I was talking not about bypass techniques, I was talking about basic architecture. It's outdated.

    And, from the user's point of view, there is no difference between Comodo and OSSS. Stop to think as a developer.
  12. -NiCeGuY-
    Offline

    -NiCeGuY- Registered Member


    interesting ! I follow steps and done ! Kernetchecker said OSSS supported now ! And then downloaded the lastest version but still not working for my system o_O? :mad: WHY o_O?? :cautious:

    Attached Files:

  13. Espresso
    Offline

    Espresso Registered Member

    Compatibility is actually as follows:

  14. Mihail Fradkov
    Offline

    Mihail Fradkov Registered Member

    How you can talk "about basic architecture" if you didn't see anything regarding software? (Excepting installation process, of course).

    There is a very big difference between OSSS and Comodo (just for example; from your quote), and tests on ITW will say more for you. It's "just" a powerful kernel for future work. What you will add later to this basis - it's not important, if you have a good basis. But if you have a bad basis, there is no difference what kind of "roof" you will try to attach. This building will collapse.

    As user's point -- I know about what you talking -- you don't know a plans and feature list of OS company to know exactly what we do and what we will release in near future (for users, who don't want to know WHAT is going on their computers, just want to be PROTECTED, and don't be bothered).

    Future will say who was right. ;)
  15. Mihail Fradkov
    Offline

    Mihail Fradkov Registered Member

    It's very strange, we need to analyze this case. (Probably, there is some desynchronization between KernelChecker's data and data put into installation package).

    Could you send to us by attach by mail (or upload to any free web-service) two files from your OS?
    %SystemRoot%\system32\win32k.sys
    %SystemRoot%\system32\ntoskrnl.exe

    E-mail: tsdep@online-solutions.ru

    Thank you for you report!
  16. kareldjag
    Offline

    kareldjag Registered Member

    Hi,

    I've taken a look at when OSAM was advertised on Sysinternals board last year (in Russian), and i it appeared to me that these soft were promising (as often "with made in Russia" softwares).
    I concede to be quite disappointed by hostile welcome comments.
    The presentation of the soft on the web site is honest (like Softsphere, Sandboxie etc), and there is no pretentious/bling bling marketing, or worse, non honest marketing as it is the case with PrevX (as said the song of Simple Minds: " promise me a miracle... la la la " ).
    Of course it would be a joke to talk about new kind of product and technology: such product (System Expert HIPS is the pro terminology for behavioural based HIPS like OSSS) exist since the early 2000's (and even before if we take into consideration Invircible).
    I suggest to take a look at my old blog via a google search: http://www.google.de/search?client=...l=de&q=KARELDJAG HIPS&meta=&btnG=Google-Suche
    And for more information the overview done for Kaspersky by Alicia : http://www.viruslist.com/en/analysis?pubid=204791972

    There's no need to test it against recent "in the wild malware": i have no doubt that it passes minimum 80% of the benchmark test methodology done for DefenseWall.
    But like most antimalwares (HIPS, AV, Antimalware Suite), it might be vulnerable to doc format malwares, browser based malwares (client/server side like web worms for instance), and of course non-OS dependent "malwares"/threats (boot/vm/bios/firmware rootkit, hardware keylogger for instance.
    But the main problem as i said in the viruslist article is still the user.
    There is not the user on a side and the computer/line defense on the other side: both are involved in the same security process.
    The AV industry has understood since a long time that it's better to release very easy to use soft, even with colander like/ineffective protection; in order to reach a viable and profitable business model (the black list and signature/pattern file concept require the need of a new license every year).
    More than any other security soft, firewall included, System Expert HIPS like OSSS (or Antihook, OA, MD, Micropoint and co) rely to the configuration and final cut/decision (answer to pop up alerts) of the user.
    Unfortunately, the average user is ready to make efforts in learning the abc of Emule and P2P, but not to learn the abc of the registry and malware's behaviours.
    Therefore, the efficiency of system expert HIPS is user's knowledge and experience dependent.
    And power/advanced/expert users may represent only 5% of internet users.
    Even if this kind of HIPS has some future in the corporate environment (Landesk seems to be a sucess : http://www.landesk.com/products/securitysuite/index.aspx ), i really doubt of it in the home environment.
    The knowledge required to use it, the pop up fatigue, the possible evolution of Windows to kernel virtualization (Midori), and the cemetery of discontinued HIPS like Viguard or SSM...all these arguments let me quite pessimistic about the future of system expert HIPS in general and OSSS in particular.
    More than white list HIPS which are only suited in restrictive environments, i am convinced that Sandbox/virtualisation HIPS have the best chance to continue their life-cycle.
    And Ilya, Tzuk and co can find a confirmation that they have taken the right approach (well balanced with ease of use and efficiency) with the introduction of some leaders in such "technology":
    Microsoft OS and future browser: http://www.osnews.com/story/20349/Microsoft_Unveils_Windows_Cloud_Confirms_Midori
    http://www.osnews.com/story/21120/Microsoft_s_Next_Browser_To_Be_Based_on_Gazelle_
    Symantec: http://www.csoonline.com/article/476317/Symantec_Gets_Good_Vibes_from_Virtual_Browser

    But there is also reasons for HOPE: the success of Comodo prove that it is possible, the evolution of PrevX to an hybrid technology (+ in the cloud approach) prove that there is other ways to follow, and most of all...LADA is still alive isn't it!
    In all case best wishes for OSSS.

    ps: Ilya: there's no need to use DW with OSSS or any other HIPS: its effectiveness makes it highly sufficient by itself!

    Rgds
  17. NoIos
    Offline

    NoIos Registered Member

    The problem with almost all the security software nowadays is not the technology they use but the fact that they display informations that have no sense for a great % of the pc users. The greatest technology that they can invent will be the one that will trigger pop ups when necessary and will explain
    the danger to the user in a way that can make the right decision without the need of experience or knowledge. This is what we need...
    So if a hips can make its language understandable to the common person I don't see why should not be a valid solution in the future.

    The quoted statement below demonstrates that the guys that have created OSSS seem to go almost to the right direction...and yes future will always tell the truth. So for me as a consumer...having another option for my security can be only positive.

  18. jmonge
    Offline

    jmonge Registered Member

    cool coments:thumb:
  19. Ilya Rabinovich
    Offline

    Ilya Rabinovich Developer

    Yes, I know, I just installed it on my test virtual computer where I usually test malicious modules under sandbox restrictions and had the issue. Usually, I always report about problems in security software to its vendors they could improve their products.
  20. Mihail Fradkov
    Offline

    Mihail Fradkov Registered Member

    Problem of desynchronization between KernelChecker and installation package is fixed. We have renewed the installation package (updated: 20.03.2009 13:15 GMT+03). All guys, who got the message "Kernel is not compatible" while installing software, but KernelChecker wrote that "kernel is compatible", now can use fixed installation package.

    Also, please do not send kernel files directly to us by e-mail, please use KernelChecker instead. (Now all will be OK).

    Thanks for reports!
    Last edited: Mar 20, 2009
  21. Mihail Fradkov
    Offline

    Mihail Fradkov Registered Member

    UPDATE. New kernels added. Installation package is updated:20.03.2009 14:20 (GMT+03).
  22. blacknight
    Offline

    blacknight Registered Member

    " please recheck for OSSS installation package update in several hours.
  23. Mihail Fradkov
    Offline

    Mihail Fradkov Registered Member

    For guys, who already installed OSSS (today build only; previous builds are OK), it's recommened to re-install (uninstall previoud build and install a new one). We fixed one problem with resources that may affect on several descriptions and messages (in the previous build they can appear as empty strings, empty descriptions or some of messages were mixed and so on).

    Sorry.

    New build: 20.03.2009 17:00 GMT+03

    P.S. This update is only for resources bug-fix, no new kernels added. Working on.
    Last edited: Mar 20, 2009
  24. Mihail Fradkov
    Offline

    Mihail Fradkov Registered Member

    If you uploaded kernels some hours ago, please check new installation package from the site. Your kernel must be added already. Please say how it is - success or not. Thank you.
  25. -NiCeGuY-
    Offline

    -NiCeGuY- Registered Member

    yeah , new package is working on my XP sp3 , didnt try on my vista SP1, another question Proactive Defense setting just can choice learning mode or allow all , no other choice & why ?

    thanks
Thread Status:
Not open for further replies.