Application Whitelisting / Anti-Executable

Discussion in 'other anti-malware software' started by rm22, Feb 14, 2016.

Page 2 of 2
  1. paulderdash

    paulderdash Registered Member

    Joined:
    Dec 27, 2013
    Posts:
    4,644
    Location:
    Under a bushel ...
    OK. Some have had issues, but I have had none with HMPA with default template.
     
    paulderdash, Feb 16, 2016
    #26
  2. Rasheed187

    Rasheed187 Registered Member

    Joined:
    Jul 10, 2004
    Posts:
    17,559
    Location:
    The Netherlands
    I just don't like it, I have the same with Comodo, it's not my cup of tea.

    The Memory Guard is basically the HIPS component. It will block code injection into certain apps. AG will also block apps from modifying certain parts of the file system and registry, so that is basically the containment part. Plus it can protect private data. Personally I prefer to use Sandboxie for containment.

    I decided that for extensive software testing, virtual machines are the best option, so I never did try light virtualization.
     
    Rasheed187, Feb 16, 2016
    #27
  3. rm22

    rm22 Registered Member

    Joined:
    Oct 26, 2014
    Posts:
    357
    Location:
    Canada
    Have you tested this recently? I've been using ERP in a Windows 7 64-bit VM in a SUA and all settings are preserved on re-start.
     
    rm22, Apr 20, 2016
    #28
  4. marzametal

    marzametal Registered Member

    Joined:
    Mar 19, 2014
    Posts:
    766
    No I haven't; it's been a while since I fondled ERP. I wasn't using a VM either, maybe that changes things. I'll add it on my list of things to try out again. Thanks for the info, much appreciated!

    EDIT: I was using ERP for whitelisting command lines only, if that makes any difference. For me it wasn't about letting an exe through; it was more about what that exe was trying to accomplish that tickled my fancy.

    I've just been mucking around with Group Policy, Software Restriction Policy and Secure Folders, along with a bit of Shadow Defender and Sandboxie... waiting patiently for the stable release of ReHIPS... a work in progress, but definitely loving it!
     
    Last edited: Apr 20, 2016
    marzametal, Apr 20, 2016
    #29
  5. rm22

    rm22 Registered Member

    Joined:
    Oct 26, 2014
    Posts:
    357
    Location:
    Canada
    no worries... Secure Folders is next on my list :) and was just reading up on ReHIPs - I'm still on Online Armor for now - support still hasn't been cut off
     
    rm22, Apr 21, 2016
    #30
  6. marzametal

    marzametal Registered Member

    Joined:
    Mar 19, 2014
    Posts:
    766
    I reckon I would still be using Online Armor if I didn't jump on a VPN. That app was/is pretty intense. I think tomorrow I am going to try and figure out Pumpernickel and MemProtect. I thought they had to be used with Bouncer (eg: use the package or use nothing sorta' thing).
     
    marzametal, Apr 21, 2016
    #31
  7. Windows_Security

    Windows_Security Guest

    Windows_Security, Apr 25, 2016
    #32
  8. rm22

    rm22 Registered Member

    Joined:
    Oct 26, 2014
    Posts:
    357
    Location:
    Canada
    Just for reference for anyone interested, I posted on the Avast forum for more info on it's whitelist... Avast(Hardened Mode - Aggressive) whitelists by file name - there are no restrictions on file location, cmd-lines, or on vulnerable processes... so i'll definitely be sticking with NVT ERP & Voodooshield
     
    rm22, May 14, 2016
    #33
Page 2 of 2
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Accept Learn More...