What do you use with DefenseWall if at all?

I had an issue with Chrome in the past I notified you about and was informed a fix would come out in version 3 - here - https://www.wilderssecurity.com/showthread.php?t=254878&highlight=defensewall chrome

I tried version 3 and internet browsing with Chrome and Iron was sluggish after a while. Maybe I'll try it again and see what happens. Posts 60-63 in this thread describe my issue-
https://www.wilderssecurity.com/showthread.php?t=316544&page=3&highlight=defensewall chrome

 

Gotta confess I use DefenseWall with Emsisoft AM6 in a support role to patrol for AMs loitering around.

 

About Defensewall & today's AV products. I use an AV because I don't trust myself to 'do the right thing 24/7'. So I follow Ilya's "fine print clause" and support my security with an AV.
.
QUESTION: Just about all AVs' come nowadays with built-in extra modules: email guard, net surf protection, Behaviour blocker plus the file guard.

Coupled with DW, is the AV only to do a daily scan? Is it necessary to switch on those extra features & guards e.g. behavior blocker (HIPS?) etc?

 

In general you can I use DW alone or alongside any other security. IMHO DW covers all spheres you listed. I used it both ways and there have not been any problems with malware yet.

 

Strolling through my Applications folder, I see Sandboxie sitting there forlorn, sent to the old peoples home, replaced with DefenseWall & Emsisoft AV.

I see an orphaned icon in the task bar or desktop & files scattered about from being installed untrusted & thus savaged by DW. This I have no problem with. I like to see that my investment is working. And I have a trusty bloodhound in JV16powertools for locating these orphans.

QUESTION: What if I bring old SB back for browser security? Will it just mean duplicating what DW does anyway or is there a benefit?

 

There is a privacy benefit because all traces of web surfing activity will be contained within the sandbox, which can be set up to securely delete on exit.

 

DW and SBIE work differently so coupling them will make you a layered protection what is good.

 

AGREE

 

For exploits of vulnerable software provided that you're protected when encountering them there isn't anything to worry about, however if you have downloaded malware then whilst it won't be able to install whilst Defensewall or other HIPS is active as soon as you uninstall (or activate a learning mode or whatnot) there's nothing stopping on-access or persistant malware from going live. This is why Defensewall is safest used in combination with software for removing files (virtualisation/AV/imaging) so you can be certain there's nothing untoward left over when your HIPS is deactivated.

 

You should not worry that if you uninstall DW then all malware which managed to get there will become active. What you get is only dead remnants of malware unable to function.

 

Defensewall is a policy-based HIPS that restricts the processes of untrusted software as potential gateways but it doesn't decimate files that have come through; so as I understand it once it is uninstalled intact malware could remain and potentially become active. As Ilya is here he could confirm whether downloaded malware would be destroyed once Defensewall is removed

 

Yes, that's pretty much it.

No, what would be left would be severely crippled malware that could do no harm.

Yes, I'm sure Ilya will post here to confirm this.

 

Well, one of the aims of DefenseWall is do not allow malware to auto-run, wherever the protection is active or not. Potentially it may become active, but probability of this scenario is dramatically low. Also, DW is a part of multi-layered protection, it gives anti-viruses all the time they need to get new signatures and remove malicious files off the computer.