AppDefend v1.200 Alpha Public Release

Discussion in 'Ghost Security Suite (GSS)' started by Jason_R0, Dec 19, 2006.

Thread Status:
Not open for further replies.
  1. Jason_R0

    Jason_R0 Developer

    Joined:
    Feb 16, 2005
    Posts:
    1,038
    Location:
    Australia
    Due to a large amount of emails about the v1.200 alpha I have decided to release it to everyone. There hasn't been any significant bug reports with it, but I still recommend only experienced users try it out. If you use the Jericho firewall you may not want to run this one yet.

    http://www.ghostsecurity.com/alpha/gss_setup_1200alpha.exe

     
  2. rdsu

    rdsu Registered Member

    Joined:
    Jun 28, 2003
    Posts:
    4,456
    Hi Jason,

    Nice to see you here again... ;)

    I would like to know if you already have improved and add some feature since July?

    When can we expect some new news about AD?

    Regards
     
  3. Hermescomputers

    Hermescomputers Registered Member

    Joined:
    Jan 9, 2006
    Posts:
    1,069
    Location:
    Toronto, Ontario, Canada, eh?
    Hello Jason,

    Is it safe for X64 or only for 32 bit iterations of windows?
    Virtual Machines of 98SE, 2000, and XP Pro 32 here I come!!!:D
     
    Last edited: Dec 19, 2006
  4. rdsu

    rdsu Registered Member

    Joined:
    Jun 28, 2003
    Posts:
    4,456
    I can't use it with Comodo Firewall Pro (CFP), because the Application Monitor of CFP doesn't run with AppDefend...
     
  5. TheQuest

    TheQuest Registered Member

    Joined:
    Jun 9, 2003
    Posts:
    2,301
    Location:
    Kent. UK by the sea
    Hi, Jason

    Glad to see you are OK, and not a Ghost. :eek:

    Will have a play with the "New Beta". :thumb:

    Take Care,
    TheQuest :cool:
     
  6. nick s

    nick s Registered Member

    Joined:
    Nov 20, 2002
    Posts:
    1,430
    If I recall correctly, this build also has an issue with Outpost Pro 4: loss of connectivity resolved only by running OP4 in "Allow Most" or "Disabled" modes. The early SSM 2.2 betas caused a similar problem when combined with OP4.

    Nick
     
  7. farmerlee

    farmerlee Registered Member

    Joined:
    Jul 1, 2006
    Posts:
    2,585
    Not a great start for me. Installed it on my system which is running windows 2003 with nod32 + windows firewall and got the bsod on start up momentarily before the screen went blank. Did a restart and windows loaded up but the screen remains blank.
    Will try another install on a clean installation of windows.
     
  8. farmerlee

    farmerlee Registered Member

    Joined:
    Jul 1, 2006
    Posts:
    2,585
    Still no luck with a clean install of windows 2003 + latest updates and system drivers. Windows starts up and i see the ghosts floating around then bsod which shows,

    STOP: c000021a {fatal system error}
    The windows logon process system process terminated unexpectedly with a status of 0x00000080 (0x00000000 0x00000000).
    The system has been shut down.

    Is this release compatible with windows 2003? The last version has been running fine.
     
  9. Hermescomputers

    Hermescomputers Registered Member

    Joined:
    Jan 9, 2006
    Posts:
    1,069
    Location:
    Toronto, Ontario, Canada, eh?
    Are you running Windows 2003 X64 by any chances? it could be the 64 bit causing the issues if you are.
     
  10. VisiThink

    VisiThink Registered Member

    Joined:
    Jun 24, 2005
    Posts:
    9
    Location:
    Colorado, USA
    I tried installing and running the Alpha again, but I get the following error when starting the machine:

    STOP: C000021a {Fatal System Error}
    The Session Manager Initialization system process terminated unexpectedly with a
    status of 0xC0000022 (0x00000000 0x00000000).
    The system has been shut down.


    I am running Windows XP SP2 (32-bit) with all of the latest patches.

    I have removed all unnecessary device drivers from the system, but this error continues to be displayed when starting the machine outside of safe mode.

    EDIT: Since this error appears to be related to the file system, I do have a commercial disk defragmenter installed. This is the only non-Microsoft file system device driver installed on my machine. I will try disabling the device drivers used by it and see if that helps.
     
    Last edited by a moderator: Dec 20, 2006
  11. yankinNcrankin

    yankinNcrankin Registered Member

    Joined:
    May 6, 2006
    Posts:
    406
    Just Installed and all works fine just one gripe, the initial startup of windows is a bit long maybe 5 seconds too long, other than that all is well OS = XP pro service pack 2. :)
     
  12. jimmytop

    jimmytop Registered Member

    Joined:
    Dec 9, 2004
    Posts:
    268
    Location:
    USA
    a) Still no learning mode? o_O

    b) No network rules? o_O

    c) Couple of minor bugs:
    1) mouseover text over both Allow and Block say "stops the event".
    2) Preferences have "Run GSS when Windows starts" De-selected yet it still loads on startup.

    d) clicking the X should not close the gui....grrrr. It should just minimize to tray. If you must have it the other way then at least give the other 99% of the people who think otherwise, a choice.

    e) Simple but very needed change to the pop-ups:
    Instead of one Allow button and one Block button, and three other choices we have to click. Change the pop-up to a one-click nuisance no matter what. How? Easy, have 3 Allow buttons and 3 block buttons. Remove that garbage in the middle.
    As cumbersome as this software is to use with all the alerts (and no learning mode) why increase the number of mouse clicks the poor user has to put up with? This is an easy fix.

    f) Need a way to import/export rule sets

    g) better support of Limited User. But probs with Fast User Switching. As I speak the VM has locked trying to FUS from Limited to Admin account.
    Still need different .Defaults for Limited vs Admin. Admin should control how much access Limited user gets, to the point of blocking everything except already allowed.

    Since it locked, I'm done for now!

    Thanks!
     
  13. Hermescomputers

    Hermescomputers Registered Member

    Joined:
    Jan 9, 2006
    Posts:
    1,069
    Location:
    Toronto, Ontario, Canada, eh?
    I tried it in a VM hosting Windows 2000. Works great!
    So far only very minor glitches appeared.
    I really like the little ghosts floating around the desktop during initial boot. I like the fact it actually loaded before my Firewall drivers kicked in and before just about everything and its quite a bit verbose about what is loading giving controls over even buried initial boot up processes.
    There is far more "Details" about Alerts in the Log (Info tab). much better at providing process behavior. However it must be enabled prior in either the .default rule or in the process rule. "allowed" behavior logging is off by default.

    Some issues:
    1)The controls in the task bar don't work: They show appdefend as "Off" While its obviously working.
    2) A blank Warning screen asking for input. but about what? (See Included Picture)
    3) Network Rules in Appdefend control panel is empty is it normal at this point?
    4) GSS is asking to connect to IP address: 209.59.128.193 and reports then closes. (I did not capture the transaction yet so I cant report on that).
    5) RegeDefend is missing in action.(I feel really naked without it)
    6)The Info section (Log) appears to not be working (Except for the "System tab" which rendered associated DLL's). until rules are modified.
    7)Help File (main menu) is still only a "RegDefend" support document.

    Tomorrow I'll try XP 32 or 98SE...
     

    Attached Files:

    Last edited: Dec 20, 2006
  14. yankinNcrankin

    yankinNcrankin Registered Member

    Joined:
    May 6, 2006
    Posts:
    406
    Hermescomputers : I get the same exact mystery window that asks for i dont know ? However it seems to load up and bypass it anyways, but seriously it takes my system abit tooo long to load the drivers upon start up and GSS is all the only drivers I got loading up no other programs to bog me down¿; wondering if its the fact that it detects me having 2 CPUs' which really is my hyperthreading which reads as me having 2 CPUs'. After all is loaded and settled it runs perfect on my system no glitches so far so good; and yes this version seems to go deeper it really does prompt all the main OS functions that need to happen before actual boot, csrss.exe, lsass.exe, logonui.exe, system, winlogon.exe, userinit.exe, etc. etc. pretty awesome
     
    Last edited: Dec 20, 2006
  15. Hermescomputers

    Hermescomputers Registered Member

    Joined:
    Jan 9, 2006
    Posts:
    1,069
    Location:
    Toronto, Ontario, Canada, eh?
    YankinNCrankin:
    I agree it is a pretty awesome suite. It was actually impressive in its previous iteration and now its even better. Still needs a lot of work though...

    One of the things I like also is when I need to cleanup my managed list of processes its a real undertaking. (I have a lot of stuff running). I like to use the hash check in "Maintenance" to identify the processes being monitored that are deleted. However in the X64 version I cant resize the window making everything all crammed up so its hard to read the name and the path to the process and it doesn't have an id # to link it either so forget using this at length. I usually end up frustrated and try scanning for missing entries by memory.

    In this Alpha the redesigned interface is addressing all this nicely. one quick scan and everything is visible. It returns errors for processes that are monitored but no longer on the drive like in the previous version but at least now you can Id them and you can read the full path... Makes it much easier to trace those missing executable in the process manager. The only thing is you cant delete it from there. you still need to go to the main Process manager to do the job. still it's a major improvement in my opinion...
     
    Last edited: Dec 20, 2006
  16. Hermescomputers

    Hermescomputers Registered Member

    Joined:
    Jan 9, 2006
    Posts:
    1,069
    Location:
    Toronto, Ontario, Canada, eh?
    The only thing I am concerned about is Microsoft is working hard at blocking applications that use Kernel Hooks... the new GSS is using 7 of them. In XP X64 we need to remove a MS Patch to get around this. I am bit curious about what is coming next.

    Here is a pic about those kernel hooks. The other hooks relate to an old sygate firewall that used low level hooks that load early . Nice thing is GSS now loads before it actually does...
     

    Attached Files:

    Last edited: Dec 20, 2006
  17. tony62

    tony62 Registered Member

    Joined:
    Aug 26, 2005
    Posts:
    214
    Location:
    UK
    Manually give 'winlogon.exe' Network access;)

    There are a number of bugs already reported, check this thread GSS Alpha 1.2 Feedback
     
  18. tony62

    tony62 Registered Member

    Joined:
    Aug 26, 2005
    Posts:
    214
    Location:
    UK
    Jason,
    AppDefend v1.200 Alpha was released back in July, with a number of bugs already mentioned in this thread: GSS Alpha 1.2 Feedback. It would appear to me that there has been very little development since, not even any of the simple GUI bugs which were mentioned have been rectified.
    I have found AppDefend v1.200 Alpha unusuable, since it does not correctly prevent execution of applications. I can provide screenshots of such actions if need be.

    Is development ongoing and if so could you possibly keep us informed of any progress?

    I hope that this public release of Alpha isn't some way of palming us off and keeping us quiet.
     
  19. farmerlee

    farmerlee Registered Member

    Joined:
    Jul 1, 2006
    Posts:
    2,585
    No its the 32bit enterprise version of windows 2003. I am going to try it on the same computer with a windows xp installation and see how it goes.
     
  20. Jason_R0

    Jason_R0 Developer

    Joined:
    Feb 16, 2005
    Posts:
    1,038
    Location:
    Australia
    There is no difference between the private and public alpha. The amount of people requesting access to it is the reason I released it. It isn't really a "working product" in the way the last public release was, and I don't think it should be used that way. Work has continued on AD and RD (which now works in the next release from boot), since the last alpha there have been many improvements and new features being developed and tested.

    Some of the core of GSS though has been rewritten due to problems displaying the correct information at boot, and other issues which are unacceptable to me and my customers. This is due to to the old display core of GSS relying on Microsoft code (like 99.99% of applications do), so a large chunk of this had to be handwritten. To facilitate a quick and bug free roll out into GSS I have been putting this core work into a new freeware "mostly GUI" application (which allows me to quickly fix bugs and test all capabilities) which will be released very soon (days).

    I'll be posting a new thread on this soon in the freeware forum and will be talking about the benefits for GSS there too.
     
  21. tony62

    tony62 Registered Member

    Joined:
    Aug 26, 2005
    Posts:
    214
    Location:
    UK
    Thank you:)
     
  22. vcu

    vcu Registered Member

    Joined:
    Dec 23, 2006
    Posts:
    1
    Thanks so much for the 1.2alpha release to everyone loving GSS.
    Unfortunetely, it is not possible to install it on my box, dell DM501/E5050, running windows 2003 sp1 with all patches; PG3.4.100 (full) and GSS1.1beta are uninstalled prior to GSS1.2alpha install.
    After reboot, interesting Ghost screen displays at windows login screen and no windows login box shown up; then system reboots itself - set auto reboot when BSOD occurs and I dont have BSOD info shown as sequence.
    Finally, it is a must to remove 12.alpha and put all those back to mine.
    Any ideas, plz!

    * NOTE: DELL system, specific to model DM501/E5050 (intel dual core 820D), there seems issue with Dell' own motherboard and video drivers. This box comes with all the lastest drivers and bios versions from DELL.
    It is not possible to install "comodo personal firewall 1.x" on this box - always a rollback is a must at final stage of the install.
     
  23. farmerlee

    farmerlee Registered Member

    Joined:
    Jul 1, 2006
    Posts:
    2,585
    I am running a dell laptop with windows 2003 and i have the same problem that you do, i've tried a few things with no success.
     
  24. siliconman01

    siliconman01 Registered Member

    Joined:
    Mar 6, 2003
    Posts:
    780
    Location:
    West Virginia (USA)
    As a licensed user of both RegDefend and AppDefend, I'm really looking forward to the impending new release. It's been a long haul on beta V1.110 of GSS. I'll probably trash "the other guy" once this new release is out and running satisfactorily. ;)
     
  25. SystemJunkie

    SystemJunkie Resident Conspiracy Theorist

    Joined:
    Mar 3, 2006
    Posts:
    1,500
    Location:
    Germany
    Yep Comodo shows real problems and seems to disable itself when problems occuring, not very intelligent, it would be more safe when blue screen would appear to prevent connecting in unsecured condition the internet.

    GSS 1.2 Bugs I found: winlogon screen: User Logon password inputbox appears despite the fact that I have no user password created. That leads to impossibility logging into windows xp, forced to start in safe mode.

    Sometimes the Question Form can´t be shut during winlogon procedure.

    Gss is still not able to prevent csrss.exe from shutting down ptdirect.exe.
    It is a system specific problem that power translator is always killed by csrss.exe on my system, only tool actually that is able to partially block this process is winpooch, gss 1.2 alpha still not capable to prevent ptdirect csrss.exe kill, neither a warning box appears nor any other hint. Ptdirect.exe is simply killed without notifying user.
     
Thread Status:
Not open for further replies.