найдена новая программа https://defendset.ru/ .com Мне нечего сказать о ней нашел через поиск взяты отсюда https://allsoft.ru/software/security/information-security/defendset/
Here's an english video on it https://www.youtube.com/watch?v=K1VwzSHkBcQ Using google translator: Blocks everything except trusted applications. Prevents infection, and does not fight its effects. Protects against viruses and cryptographers Allows to open only trusted files. Protects data from accidental damage Saves file versions when changed FILE PROTECTION Blocks any unauthorized file operations. https://defendset.ru/wp-content/themes/defendset/img/2.png OPERATIONAL PROTECTION Prevents infection and does not eliminate its effects. https://defendset.ru/wp-content/themes/defendset/img/3.png PROGRAM PROTECTION Can protect against non-virus programs. https://defendset.ru/wp-content/themes/defendset/img/4.png PARENTAL CONTROL Data protection against unintentional damage by a child The principle of Defenset is proactive blocking of unauthorized operations, which ensures comprehensive computer security. The block will prevent malicious files from getting into the computer and excludes infection by a new unknown virus, because it does not allow unknown applications to create and run scripts and executable files. Defendset protection is based on a common feature of all viruses for reproduction - writing your code to other files. The program blocks the creation and modification of files by unknown applications , without limiting the work of trusted and system processes. This approach allows you to timely detect and prevent the spread of malicious programs on your computer, as well as protect against programs that are not viruses in the traditional sense. There's also pdf documentation https://defendset.ru/download/defendset.pdf
it has .com domain and english site https://defendset.com/ https://defendset.com/help/ renewal license
Looks like a whitelisting app to me: You can get PCMatic a lot cheaper if the whitelisting approach is what you want. Or just run Comdo's Defense+ in paranoid mode; it's free.
It does look like a whitelisting app. Hm... maybe I'll give it a try. @serejka4902 Мы говорим по-английски на этом форуме.
HIPS = worse NVT ERP, altho they can block stuff with drivers, something that admittedly ERP can't do, that's why bouncer is here
Hi kronckew, I believe the free download is found here: -https://www.comodo.com/home/internet-security/free-internet-security.php?track=8234
Realy?...why do ypu think so...or in other way - how many HIPS have you ever saw or used? Looking at screenshot it looks a bit like anti-exe...a bit like HIPS...and perhaps file/folder protection. It can be interresting so I downloaded it...we wil see
https://personalfirewall.comodo.com/free-download.html I haven't used Comodo in some time. I believe Defense+, the HIPS, is part of the above download. In the past, you could just install the firewall if you didn't want to us Defense+. Also I believe you can't just install Defense+ by itself without the firewall being installed. There is a separate Comodo thread on Wilders you can refer to for additional information.
Cuz 1st hips is slower - it has to monitor changes and everything, while anti-exe only monitors launches of processes, and 2nd, if you know what you're doing with anti-exe, it's better. Hips is for holding your hand when you have no idea what to allow/block and what's legitimate and what's not, hips tries to guess what's malware based on what it's doing. Anti-exe only tells you that something is trying to do something, and you decide whether it's good or bad. Ofc there's also preconfigured options like "vulnerable processes" and "allow everything system program files etc." that tries to hold your hand in taking the decisions (once again), VS even has "AI" and integrated virustotal scan but that's veeery slow and unreliable (as in, may let bad stuff run, and false positives)
the app seems like memprotect+Pumpernickel its even trigger for already running app(if you create bad rule) it freeze apps that have read writing
Sorry...it's hard to discuss with yours arguments...imagine that you allow app which name seems to be known for you but in fact is fake/rogue. Once allowed it can do what it want. https://www.wilderssecurity.com/threads/anti-exes.342763/ https://www.wilderssecurity.com/threads/hips-verses-anti-executable.251629/ https://www.wilderssecurity.com/threads/what-kind-of-malware-can-bypass-anti-exes.326211/ https://malwaretips.com/threads/spyshelter-anti-executable-vs-hips-of-free-version.57363/
That's why you simply don't do that... If you know something that may not be trustworthy but you have no way to verify unless you inspect its code or virustotal says it's bad (if virustotal says it's bad, then likely it's bad, unless it's a crack or false positive or something, but if virustotal doesn't say it's bad, it doesn't mean it's not bad) you can run it in a VM / sandboxed. And the goal is not to test whether it's bad or good in the VM, the goal is to be able to use it without it affecting your real system Also, I'm not gonna read 20 pages of threads man...
Tried Defendset but I'm a bit disapointed...app is not intuitive for me - building rules is not clear, alert about detected action gives no possibilityto react...action is only listed in "Events" tab. I'm not surprised.
