SSM or Other HIPS

Well, i have sophos currently, are there better rootkit detectors?
Thanks

 

GMER is well-spoken of by kareldjag et al. As to whether it's better than Sophos -- I don't know. Haven't ever seen a comparison. I have both Sophos & GMER on my computer.

 

I always have to guess and use my intuition when I choose softwares. Which member is right and which member is closest to the truth.
In the army it was much easier, the guy who shouted loudst was always riight.

 

Does this mean that anyone who posts in capital letters will be right?


As for whose advice is correct, that may be something that can only be discerned after you trial the suggested program(s) on your PC. If it should be deficient and let malware in, then of course, you respond by rebuking the advice. If nothing bad should happen, then you support the advice. But again, each system setup will be different, so having the exact same software on several machines does not guarantee that the results will be the same as each user will utilize the system differently.

 

Ill try out Gmer and..... What is sandbox?

 

I'll leave the *technical answer* to your question to others who are far more qualified than I.

To me a sandbox is like a dream world. When you dream, you can make out with chicks, fly like a bird, beat up 800 lb. gorillas, tell your boss that he stinks -- but when you wake up, the dream vanishes and everything is just like it was when you climbed into bed and went to sleep.

In a computer sandbox, you can do dangerous things, stupid things, fun things -- whatever! -- & when you climb out of the sandbox, your computer remembers NONE of it. It's like it never happened.

 

GMER and Ice Sword.
I have been using Ice Sword for quite a while and just installed GMER a few days ago.
They both have more features than SAR.

 

In my opinion RkU, IceSword and Gmer are the leading detector. There is a chinese detector called DarkSpy coming, but still very beta. But all of them just get pypassed from a sample rootkit published on October, 24.

 

Nice analogy BG. The only problem is that you made the analogy too good. Now I want a 'real life' sandbox. I really do!!!

muf

 

So can anyone recommend a sandbox that is pretty good for a newbie like me

 

geswall. free and effective.

 

...

... And Bufferzone, Defensewall and GreenBorder, of course.

Your choice will depend on your needs and your trials.

 

Does GeSwall need to be configured or anything? if so, what must i do
Thanks

 

just install it and when (certain?) applications access teh internet, u will prompted if u want them isolated (aka sandboxed).

 

ok, thanks WSfuser.
Fast reply...

 

GesWall uses a *different sort* of install routine that my browser (K-meleon) thought was a page, so it displayed it instead of downloading it. So I right-clicked on the file & asked K-meleon to save it to disk. Afterward, the file installed just fine.

Sandboxes were reviewed at That site. DefenseWall wasn't included.

Defensewall was tested at Yonder test site & received a very high rating.