EQSecure 3.41 Settings

Thanks guys but as I said in my last post I'm not sure which rules to load because there are lots of different version floating around here. Is it possible that you can give me a link to the most suitable set?

Presumably I have to manually delete my existing default rule set before importing the new ones?

Do I need to reinstall the program first or can I make these adjustments as it is now?

Thanks again

deadmeat

 

Malware Defender isn't mature enough for me:


- The priority mechanism of MD is illogical (you should read the rules from top to bottom, not the opposite).

As a result, it's adding confusion for absolutely nothing (especially if you have hundreds of rules with many of them imbricating in others).

- The file, registry and application modules are within the same tab thus adding even more confusion.

- The Write permission of the registry module is in reality for write, create and delete.

If you use "Write = Deny", it becomes "Create & Delete = Deny" with all the yet strangely unseen implications.

- An imported MD ruleset will not be able to adapt to every "environments" as environment variables are lost immediately after rules are validated.

...

 

If you want to use one of my rulesets, I suggest you use the latest from http://drop.io/eqsecure ... Instructions are included.

All my other ones posted in this thread are too old.

 

Many thanks - much appreciated.

 

Being based in Brazil I need to use a Portuguese version of XP but I imported the rules and everything seems fine. The only problem I had was with a prog called "Taskbar Shufle" which couldn't hook the taskbar. This is probably the least vital app anyone could have anyway and as I hardly use it myself I've dumped it to save hunting for a fix.

Thanks again guys. Job done!

 

Hi, I would like to defend these 2 points:

To be out of the ordinary rules of other hips & firewalls, doesn't mean that it is illogical it is just out of the ordinary, or the order that we are used to use. If we give it some time, it may proved that it is on same functionality or better in the particular case.

The interface needs work, however especially this, the same tab for all rules is more practical for me.

These are my comments, sorry for being out of topic and Alcyon keep up the good job with eqsecure rulesets.

 

been out quite a long while
went backpacking for a week


BTW does anybody here use EQS 3.41 with server 2003?

coz ive been using on one system i had and as always rock solid stable..
still waiting to get my hands on ver4 beta 3 to play with server 2003

regards all

 

I've lost ~ 600 gigs of data recently so probably EASTER will be able to help!

In fact, i have to ask him for the complete saved package

 

EASTER, if you've collected some of my old rulesets, even if it's mostly betas, there's some valuable stuffs so i'd like to have them back, if possible, plus v4b3... What's the frustating part is that i've lost all my translations...

Btw, there's no more Chinese EQS forums!

 

Alcyon, I have some of your rulesets.
I'm not sure about posting links in this forum but I'll pm you the link.
PS: Are your proxo rules toast too?

EDIT: pm sent

 

Don't worry Alcyon.

It might take me weeks to gather them up but lets put it this way, i have your rulesets scattered over about 20 hard drives and even more partitions, so bear with me and i'll try to round up all of them i can, but it's going to be a job

Doesn't surprise me that the EQS Forums are no more but thats what they done to themselves, what they done to us is give us a WORLD CLASS HIPS that is every bit as solid as anything commercially ever developed IMO. Plus they gave us carte blanche to make it even better

EASTER

 

Proximitron rules weren't lost, fortunately

Edit: Thanks for the files

 

There's nothing to really worry about. These were just old rules, anyway.

I agree about the quality of the product.. It'll be our best kept secret

Take care,

Alcyon.

 

My pleasure. They are yours to begin with .
Hope you're are back up and running asap.

 

Can you share: how virus/trojan/etc attack?

1. autorun.inf
ok, this is general virus programmer trick to spread their virus, it can spread via USB Storage Device (FlashDisk, External HD,etc), Floppy Disk, CD/DVD ROM, Disk Drive partition (C:\,D:\,etc).
--
So, i block it via EQSecure File Protection, on black list i set block read ?:\autorun.inf
The problem is i can not delete autorun.inf either until i disable EQSecure
2. Favorite virus extension file
I make some rules to deny possible virus file extension like exe,com,bat,vbs,etc. New trick i found lately: .vmx (virus conficker use this extension!), and then i just need to do white list of trusted application (Microsoft Office, OpenOffice, etc)
3. via Network
I have problem with this one. Can you tell me how virus attack and spread from Network (LAN)?
I know some virus use windows security hole, like famous Sasser virus, etc..
How do you secure your PC with EQSecure?

thanks,
Yudi

 

I'm pretty sure even conficker using autorun.inf must call RunDll32 to make any real malicious moves (correct me if i'm in error here) but i use EQS blacklist rules under File Protections and add RunDll32 alert/accept because some legit apps needs it to run. And with the details EQS shows in it's alert display, it's simple to deny and terminate it if conficker originated.

EASTER

 

the problem is if someone on other PC got infected with conficker and then attack other PC from LAN?

 

Here's a new ruleset, again, for all eqs-junkies:

eqsecure.v3.41.winxp.rules.v1.51.0423-exp.zip

What's new: Scanners compatibility fixes, ADS & Application rules added

http://drop.io/eqsecure

 

Good to see you up and running again

 

It's a pleasure! Here's another one:

eqsecure.v3.41.winxp.rules.v1.53.0424-exp.zip

What's new: medium-priority rules added

http://drop.io/eqsecure

 

Does EQS 3.41 work on windows 7 ? anyone tried it?

 

i have a mini prob

in eqsecure beta 3
in protection mode they are a may type of protection not activated like loading dll & call remote com &reviewing other process & deep level disk

if you have any sollution for activate this fonctions
i will be very happy and thanks

sorry for my bad english

 

Alcyon,

If you still need any of the old rulesets just send me a PM. I have pretty much all of them stored on my HD, around 20 zipped files if needed.

 

Alcyon.

How did you lose 600 gig of data?

Regards Kees

 

Hi Kees. Without going into details, it's because of corrupted nforce4 raid drivers...

Thanks, Rickster I'll send you a PM soon.

EQS v3.41 doesn't work with Win7... I guess the best alternative is Malware Defender. EQS and MD are quite similar softwares!
Btw, I've installed build 7100 some days ago and i'm totally addicted.