What is your setup with NO blacklist (no antivirus - naked) setup

S23, just out of curiosity: did you manage to get an auto log in when something requires admin priveledges, if so woudl you please post it (or PM it)

thx Kees

 

Hi Kees. This is something I not tried to do. The ones I read about but I imagine you already are aware is use Task Scheduler or the Microsoft Application Compatibility Toolkit to launch elevated without prompt. When I read, they tried the Compatibility Toolkit with the option "Run as invoker" but there is "RunAsAdmin" and RunAsHighest", but not sure if can make difference. I just installed Ubuntu beta here on top of Win7, so I cannot confirm.

http://www.sevenforums.com/tutorials/11949-elevated-program-shortcut-without-uac-prompt-create.html (task scheduler)
http://www.techrepublic.com/blog/wi...e-uac-for-your-trusted-vista-applications/635 (Microsoft Toolkit)

 

Except for a hosts file that blocks the bigger adservers and Google garbage (analytics, syndication, etc) I haven't used a blacklist based security app since 2006. Am using 4 PCs with operating systems ranging from 98FE to XP-Pro-SP3. Except for certain test configurations, all of them are secured by a default-deny security policy, enforced by SSM free or pro, Kerio 2.1.5, Proxomitron, and system policy/configuration.

Excess and unneeded components have been removed from all of them. Internet Explorer has been removed from all but one. All unneeded services are disabled. User folders such as documents and desktops have been moved to a data partition. The browser cache(s) and temp folders have been moved to ramdrives. The system partitions are nearly static. All auto-updaing is disabled. Updating and installing are allowed for the administrator only. The integrity of each OS system partition is checked from another OS by comparing file lists obtained from another OS to ones compiled by the OS. On all PCs, SSM protects the registry. In addition, batch files replace the registries with clean, optimized copies on the 9X systems.

All internet access is denied except for apps that specifically require it to function. Except for those running apps like Tor, none of the PCs have open ports. All browser traffic is forced through Proxomitron, which enforces default-deny on the web content. Content such as PDFs and flash media are opened with their own applications, not in the browsers. In addition to enforcing a process whitelist, SSM helps to isolate attack surface apps by blocking their access to any other apps and processes not absolutely necessary to their operation.

I've been using this arrangement for nearly 5 years without incident. Until I see evidence that it can be defeated, I see no reason to change it.

 

you are well protected my friend

 

i replaced my Sandboxie with Returnil System Safe 2011 FREE

 

Why don't you email the guys from VMlite appstudio that you want to join their beta version test for the freeware they release to plan. Will give you sandboxie like VM application virtualisation.


(Suggesting this not becasue Returnil is not a great freebie, but because you have played with GeSWall, BufferZone and Sandboxie)

Regards Kees

 

I'd run GW if I could, but it makes my games lag either way. Might test it if they release a 64-bit version soon, see how it does.

 

cool app! but I'm lazy e-mailing people so I think I'd have to wait to try it

I'm also waiting for Bufferzone 4 Beta

 

is Bufferzone 4 going to be 64 bit ready?thanks

 

Yes, that's one of the main new features.

 

cool i may check this out as geswall pro will have 64 bits when i dont know but they said it will and even defensewall i heard but out of the 3 ofcourse i will prefer my beloved defensewall

 

only my sig