AppDefend Wishlist / New Features / Suggestions

Discussion in 'Ghost Security Suite (GSS)' started by gottadoit, Nov 19, 2005.

  1. joe999

    joe999 Registered Member

    Dec 22, 2005

    Was just browsing the Appdefend Forum and this post :

    Brought an idea to mind. How about a "simple" disk protection per application a bit like the simple network control we have now.

    Example :-

    C:\Program Files\Windows NT\Accessories\wordpad.exe

    Could have the following 3 options for disk access :-

    1) Disk access to App path and Sub dirs - RW (options: NONE/RO/RW)
    2) Disk access to "My Documents" - RW (options: NONE/RO/RW)
    3) Disk access to System - RO (options: NONE/RO/RW)

    So wordpad.exe would be allowed read/write access to it's own directory and any sub directories and read/write to "My Documents" but only read access to the rest of the systems disks.

    It might be a way of reducing any damage done by naughty apps that have been allowed to run thinking they are safe but then seeing lots of delete requests to "C:/windows/system" that might make you change your mind !

    Wouldn't want it to delay the eagerly awaited next Beta if it was to be included :) and probably would need lots of work anyway.

  2. kkiko

    kkiko Registered Member

    Jul 4, 2006
    hi~sorry about my English because i come from Asia.
    i've tried the standard regdefend and then appdefend beta(including RD).

    first,i find that AD's log is not so detailed as RD's. when i view the log of RD,i can see if it's blocked/allowed by application rules,or ask user,or auto user,i think it's very useful.

    secondly,when appdefend asks me if i allow a applicaton to set a global hook,i choose "allow always",the result is the application will be allowed to set global hooks or just the current one? Maybe i couldn't say it clearly so i give a picture of SSM .If Appdefend can't do this as SSM now ,i wish AD can have the feature in future version

    Thank you

    Attached Files:

  3. Pilli

    Pilli Registered Member

    Feb 13, 2002
    Hampshire UK
    Hi Kkiko, The "always allow" is application specific, this is as intended as that application is SHA checked, if malware were to change an .exe with "allow always" then you would receive a pop-up, if you know that the application has changed say via an update then you would re-allow it.

    Bare in mind that a keylogger that you may have accidently "caught" would be stopped in it's tracks by AD unless you allowed it, this is why applications are given individual attention for their specific rules.:)

    BTW - Your English is not at all bad :D

    HTH. Pilli
  4. Infinity

    Infinity Registered Member

    May 31, 2004
    at the moment .. and sorry to kick in .. but Appdefend cannot come even close to SSM .. the metamorphose SSM has made is phenomenal .. backed up with good support!

    .. I don't know what's happening ... but honestly .. this happend a lot lately .. there is simply no support for Ghost Security and that was one of the best features it had .. the fast answers from Jason ..

    so my feature request is:

    give us the support like we had before .. I have to bite my tongue for not giving any more feedback :( :( :( ...
  5. Pilli

    Pilli Registered Member

    Feb 13, 2002
    Hampshire UK
    Hi Infinity, As you can see from other threads Jason has been very busy making ground breaking changes to the GSS suite - He is only one man whereas SSM is now being developed by a team.

    Jason had some severe problems a while ago and they have now been resolved. I think that you will find that Jason's support will be second to none once the new suite is finished.

  6. Infinity

    Infinity Registered Member

    May 31, 2004

    I don't doubt you, nor do I doubt Jason .. but GSS is loosing ground (and I won't even talk about PG .. .. )
    .. I know SSM is with 3 guys (I believe) .. But I thought Jason was not the single coder/programmer .. if this is the case, I can understand this even more.

    I was just a little worried, that's all. cause GSS has fine capacities (had a good backup / support .. the other Ghost moderator I haven't seen him for ages :(

    .. if RD and AD can be purchased as one program/suite, then Jason is one step closer again (this will probably go on and on and on) .. but the capacities are numerous with GSS .. like I said from the beginning.

    Best Wishes to you and Jason! :thumb: and I hope, once again that it will be alright in the end .. for everyone.
  7. Konyntje

    Konyntje Registered Member

    Apr 26, 2003

    Couldn't find this in the suggestion thread, which was closed anyways....

    When AppDefend pops the window asking if an app can connect to a site, why not put a button there that resolves the address like 'whois' does? Knowing the site it is trying to access can help judge if the request is legitimate.

    Better yet, can you incorporate the 'Shazou' extension that works with Firefox? I have it in my browser - by clicking the icon I can tell Wilders is at, its run by Freeze Frame Graphics at 3949 Schelden Circle, Bethlehem, PA. It also shows a Google map of the location (single building surrounded by grass).

  8. tonyjl

    tonyjl Registered Member

    May 25, 2004
    Re: Suggestion

    Good idea! but... If you've already got software that does that for you,why bloat AD with unnecessary things we already have?
  9. MsFluffyMuffin

    MsFluffyMuffin Registered Member

    Jun 4, 2003
    Theres basically only a few wishes I would like added to AppDefend.

    First I would like some sort of disk access protection, being able to set where particular processes are allowed to read or write files would secure a system no end, well something along those lines anyhow, I guess joe999 put it better then I did in post #51 :D

    Secondly I would like to see some form of ASLR as well.

    Thirdly some kind of virtualization layer similar to DeepFreeze or ShadowUser.

    Thats about it for me right now, I dont want much really, okay about some more ghosts.....hehe

    Hugs for George the ghost,
    Last edited: Aug 15, 2007
  10. gangABang

    gangABang Registered Member

    Oct 12, 2007
    first i would like to appreciate appdend design it is really cool.
    my wishes are
    on memory protection should be like PG that is appdefend warns any application which tries to write on memory of others but even if it is allowed to write it should be specific to that process not others for eg. if some process wants to modify iexplore.exe it should only be allowed to iexplore.exe not csrss.exe please add this feature.
  11. Jason_R0

    Jason_R0 Developer

    Feb 16, 2005
    It's a good idea in theory, but I dislike the complexity it adds to the user interface. Mostly because it's very difficult for the end user to determine why something is happening, lists of lists is something I try to avoid.

    This has been discussed in great detail with some of my testers and some ideas were brought up to allow the greater flexibility you desire without the UI headache. They should be in the next GSS.exe.
  12. xtree

    xtree Registered Member

    Dec 4, 2006

    would it be possible to make AD's firewall a bit more talkative?
    Currently it indicates only that an app is initiating a network connection.
    Perhaps the old feature showing the address/port/protocol at least could be brought back.

    Thanks, xtree
  13. Disciple

    Disciple Registered Member

    Nov 14, 2002
    Ellijay, Georgia - USA
    GSS v1.410

    These will probably be addressed as GSS comes closer to a release version, but I wanted to state them any way.
    1. Columns are not sortable by clicking on the column name, please consider making the display user sortable by clicking on a column header.
    2. The Logging screen only displays the time and event happened but not the date, please consider adding the date as well.
    These are my main things I would like to see incorporated in the release version.
  14. rodsoto

    rodsoto Registered Member

    Mar 18, 2004
    I would like standardized GUI, so its easier to read, my eyes dart all over the place to read, and due to the way its currently setup, sometimes I just give up and go 'allow once' a few hundred times..

    Also AppDefend recognising 'installation' applications, probably when it an allowed setup.exe extracts and executes a TMP file. So setup.exe "Allow?", then TMP "Parent Process Setup.exe - possible Installation program - Allow?" then it will ignore all other TMP and setup.exe requests for that session.

    I agree with the 'disable appdefend' for XX amount of seconds. Or 'disable appdefend until next reboot' or 'Disable appdefend until PID terminates'. any sort of rule that you want Appdefend (even regdefend) to disable and allowing it to turn back on automatically when the time 'is right'.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.