System Safety Monitor - is it the real deal?

Discussion in 'other firewalls' started by Phil, Dec 7, 2002.

Thread Status:
Not open for further replies.
  1. Phil

    Phil Registered Member

    Joined:
    Oct 24, 2002
    Posts:
    248
    System - XP Pro SP1

    So, here I sit all dejected without complete app control after Kerio v3b5 decided to go Tango Uniform. Kerio didn't crash -- I just had to uninstall because it *refused* to acknowledge my rules to unopened ports, no matter what I tried. For instance, my ISP requires an IDENT on send mail by sending three packets to my port 113. The mail will eventually go but can take up to 15 seconds while waiting for the IDENT or a DNS check, which Kerio v3 ALSO blocks no matter what I do. The IDS simply takes over and the packets never get to my filter rules. <shrug> Anywho, all that's a different story, I have reverted back to Kerio 2.1.4 until they get their act together with v3.

    Now, what I *really* like about v3 is the app control and K2 (or any other fw I am aware of) does not have that feature. I miss seeing "Gravity wants to start Internet Explorer -- Allow/Block?" and everything else that suggests. I could actually run without a fw -- or simply use XP's ICF -- if I had the level of app control Kerio v3 is trying to attain. I'm not really concerned about trojans because of awareness but am concerned about apps I *do* allow to be installed. Information is money to the sleaze factor out there and I don't want my info sneaking out.

    So, is SSM what I am looking for to compliment my fw while Kerio gets the bugs out of v3, assuming they can? BTW, the Atelier proof of concept WILL blow right through K3 if IE has an allow rule set. The only way to stop it is to make IE ask permission for *every* connection. It could just as easily use any other 'net capable app. But I digress -- is SSM the trick or does anybody know of another app? I am not interested in purchasing Tiny *just* for the sandbox. I have seen SSM mentioned in other threads but not really hashing it out. I noticed Root is having problems on W2kSP3 -- what about XP? Does it play well with others, in particular those that use LSP? Can you limit it to only app control or does it insist on doing a bunch of other stuff? Can it be run "on demand"? How is it on resource usage? Is SSM *the* one or is something else available?

    Yeah, I know how to find out -- install it and see. The problem is I JUST finished cleaning up a big mess left by the Kerio beta and I'm not in the mood to do it again. Please help out a lazy person. :D :D

    Thanks,
    Phil
     
  2. root

    root Registered Member

    Joined:
    Feb 19, 2002
    Posts:
    1,723
    Location:
    Missouri, USA
    I like SSM as added protection. I have problems with the latest version 1.9.1, but the version previous, 1.8.9 is working great for me.
    The newest version , I think, does a better job of watching for programs to use api calls to other programs, so I hope it gets debugged soon. Everyone is not having trouble with it though, maybe just me.
    Try it as an addition to your regular firewall. I think you will like it.
     
  3. the Tester

    the Tester Registered Member

    Joined:
    Jul 28, 2002
    Posts:
    2,854
    Location:
    The Gateway to the Blue Hills,WI.
    I tried one of the versions(I believe it was a beta version) of SSM a while back.It worked with no problems on my xp.System Safety Monitor is a good program from my experience with it.The only reason I didn't keep it was because I have a monitoring program and Spybot's resident beta.I don't like to run too many programs that deal with the registry.
     
  4. root

    root Registered Member

    Joined:
    Feb 19, 2002
    Posts:
    1,723
    Location:
    Missouri, USA
    Max has already fixed the problem I was having. I'm very impressed!
    I urge people to try this program in its newest form. I think you will find it is providing a level of protection that other programs do not currently provide.
    Whenever a program tries to execute, or even use another part of its own program, or another program, you get prompted to block, allow, once or always, etc. It offers excellent control.
    Plus, its free!!! :D
     
  5. peakaboo

    peakaboo Registered Member

    Joined:
    Oct 20, 2002
    Posts:
    377
    It would be nice if the author of SSM would include which OS the software is compatible with (all windows OS?) in his readme file.

    Guess since it is free one can't expect this type info?

    Looks like from the install instructions that no registry keys are changed, just establish a folder, extract the zip to this folder and run Syssafe.exe.

    Anyone know where there is a forum which discusses this program?

    Also I was @ http://www.wilders.org/securing_your_pc.htm
    just peaking around trying to find out more info on SSM and noticed at the bottom security suggestions, and a couple stood out for me:

    • disable HTML in your e-mail software;
    • rename shscrap.dll to shscrapold;
    • install HTAstop; for more info look at our free tools page.
    • install DSOstop; for more info look at our free tools page

    Couple of questions on above:

    1) How does one know if HTML mail is enabled, and if it is how does one disable for example netscape messenger, or hotmail.com

    2) what does shscrap.dll do and why rename it, what is impact of renaming this .dll

    3) HTA Stop and DSO stop worth installing or not?

    TIA
     
  6. peakaboo

    peakaboo Registered Member

    Joined:
    Oct 20, 2002
    Posts:
    377
    in addition to above Qs, does Max Burmistrov have a home page for his SSM program?
     
  7. Pieter_Arntz

    Pieter_Arntz Spyware Veteran

    Joined:
    Apr 27, 2002
    Posts:
    13,312
    Location:
    Netherlands
    Unless you can read and understand Russian, this is the closest I could find: http://kormushkin.narod.ru/help/ssme.html

    Regards,

    Pieter
     
  8. SpaceCowboy

    SpaceCowboy Registered Member

    Joined:
    Oct 20, 2002
    Posts:
    40
    http://maxcomputing.narod.ru/ssme.html?lang=en
    Pieter Arntz your link was in english and worked fine unless i was missing something
     
  9. Pieter_Arntz

    Pieter_Arntz Spyware Veteran

    Joined:
    Apr 27, 2002
    Posts:
    13,312
    Location:
    Netherlands
    Probably my English :)
    What I meant was : this is the only page in English I could find.
    I found a homepage, but that was illegible for me.

    Regards,

    Pieter
     
  10. peakaboo

    peakaboo Registered Member

    Joined:
    Oct 20, 2002
    Posts:
    377
    when I click on the links provided, i get a blank pageo_O
     
  11. JacK

    JacK Registered Member

    Joined:
    Jun 20, 2002
    Posts:
    737
    Location:
    Belgium -Li?ge
    http://maxcomputing.narod.ru/ssme.html?lang=en
    Rgds,
     
  12. root

    root Registered Member

    Joined:
    Feb 19, 2002
    Posts:
    1,723
    Location:
    Missouri, USA
    SpaceCowboys link worked fine for me.
    Since I opend my mouth before, I guess I better keep this updated.
    I thought the problem I had was fixed, but when I shut down and rebooted I had a new problem, with apps not wanting to load. If I remove mchooknt.dll from the folder, the program works fine, but is missing one of the most important parts.
    I emailed Max again, but I'm sure he's asleep at this time.
    I still think this is going to be a must have. It is beta software though.
     
  13. LowWaterMark

    LowWaterMark Administrator

    Joined:
    Aug 10, 2002
    Posts:
    17,842
    Location:
    New England
  14. Phil

    Phil Registered Member

    Joined:
    Oct 24, 2002
    Posts:
    248
    Thanks for the info. One of the reasons I asked about the app is stability. I don't like a lot of things diddling around with my XP reg either. At over 25MB with more than 500,000 lines, there is just TOOOO much that can get goofed. I do have an excellent reg backup program and use it with regularity but still.....

    Phil
     
  15. Phil

    Phil Registered Member

    Joined:
    Oct 24, 2002
    Posts:
    248
    I'll just bet the part missing is the app control, huh! :rolleyes:

    Are you talking about the 1.9.1beta2 version available from the site or do you have something "newer"? I have seen a couple of comments from XP users that the latest version works ok, but since W2k and XP are "kissing cousins" I think your comments may give reason to pause. I did notice the beta2 version is labeled W2k fix or something on that order. I may just need to run Drive Image, make a restore point, do a reg backup (<sigh> the travails of running betas :D) and give that puppy a trial run. I would like to be sure I have the latest and greatest, though.

    Thanks for your help, Root.

    Phil
     
  16. root

    root Registered Member

    Joined:
    Feb 19, 2002
    Posts:
    1,723
    Location:
    Missouri, USA
    As best as I can tell, the dll I mentioned became part of the program in version 1.9.1.
    That dll is what picks up the api calls or hooks that are used when one program uses another program. I currently just renamed the file and the rest of the program is working fine.
    I seem to be one of the few people having a problem with this.
    The program seems safe enough to try out, but then I mess with new programs daily. :D
     
  17. peakaboo

    peakaboo Registered Member

    Joined:
    Oct 20, 2002
    Posts:
    377
    Still can't get there via IE, must have the reins pulled too tight on that puppy, so I swithched to Netscrap and got there w/out any problems.

    Will wait a while before I install, too many little things not clicking on this one for me to feel comfortable.

    Home page:

    http://maxcomputing.narod.ru/ssme.html?lang=en

    says latest version is Current version 1.9.1 (beta! 2) September 23, 2002.

    excuse me but aren't we in December?

    when you click on SSM help (English) you get:

    http://kormushkin.narod.ru/help/ssme.html#basic

    which shows top of page: March 03 2002 Version 1.8.4

    I know I'm being picky, but being picky has saved my SA quite a few times thank you.

    also when you download SSM from here:

    http://kormushkin.narod.ru/ssm.zip

    open the zip you get an exe: ssm191-2-w2kfix.exe quite different from the 191 version I dl'd from wilders this pm also the installation obviously doesn't match the instructions anymore if this is an install ap vs. placing in folder and running SysSafe.exe to start the program

    also no mention on compatability with operating systems that I could see.

    yup - I think I can wait awhile on this must have ap

    thank you.
     
  18. Phil

    Phil Registered Member

    Joined:
    Oct 24, 2002
    Posts:
    248
     
  19. Primrose

    Primrose Registered Member

    Joined:
    Sep 21, 2002
    Posts:
    2,743
  20. Paul Wilders

    Paul Wilders Administrator

    Joined:
    Jul 1, 2001
    Posts:
    12,472
    Location:
    The Netherlands
    Is it? We'll check. Most probably the version being put up instead will be v1.9.1uo anyway ;). Thanks for the heads up, Phil!

    regards.

    paul
     
  21. Phil

    Phil Registered Member

    Joined:
    Oct 24, 2002
    Posts:
    248
    You're welcome. :)

    Phil
     
  22. root

    root Registered Member

    Joined:
    Feb 19, 2002
    Posts:
    1,723
    Location:
    Missouri, USA
    After four days of working with me trying to get SSM to work on my machine, I do believe Max finally found the problem. I know he was working on this very late at night as thats when I was around. I remain impressed with this product and its author.
    For those of you that seem to have your own problem with it, I encourage you to let Max know. I'm sure he will make every effort to make this a most effective product for everyone to enjoy.
    I will continue to recommend this product highly. It addresses a built in problem with Windows that is a security nightmare. It is not easy to get a product like this to work flawlessly on every machine with all the various combinations of setups and hardware that are in place today.
    For those of you that may have some problem with SSM, Firewalls, and some of the other programs around that seem to cause a lot of heartache, please take into consideration the difficulty of making these programs work just right, and take into consideration the kind of effort you get in return for your trouble reports. If more product developers would work as hard as Max has been working the last few days, we would have a safer environment.
    I just want to make sure he gets the credit he deserves for the work he has done, and I'm sure, will continue to do.
     
Thread Status:
Not open for further replies.