Basic TDS config question(s)

Discussion in 'Trojan Defence Suite' started by steveb, May 31, 2003.

Thread Status:
Not open for further replies.
  1. steveb

    steveb Registered Member

    Joined:
    May 29, 2003
    Posts:
    13
    Location:
    Canada
    :)
    a) If I configure TDS to be with Exec protection on, does this set TDS as resident ? which I presume will have TDS notify if a infected file is executed only.
    b) if a is yes then I don't need to select to have TDS start with windows in the configuration?

    TIA
    Steve
     
  2. CrazyM

    CrazyM Firewall Expert

    Joined:
    Feb 9, 2002
    Posts:
    2,428
    Location:
    BC, Canada
    Hi steveb

    Configuring TDS to use execution protection just installs that functionality, it does not set it as resident or to start automatically. TDS does need to be running in order to scan all programs executing on your system.

    So if you wanted to have execution protection all the time, you would still need to configure TDS to run at Windows start up. Or you could just start it manually when you felt you needed that particular feature/extra protection. Your choice :)

    Regards,

    CrazyM
     
  3. steveb

    steveb Registered Member

    Joined:
    May 29, 2003
    Posts:
    13
    Location:
    Canada
    Re:Basic TDS config question(s) - more o_O

    :D
    Thanks...
    I had hoped that there was a 'smaller' ver of TDS that I could run, not that TDS is that big :), I had set TDS to start with windows on my kids system and they quickly found how to shut if off at start up because the start up (process scan) was taking to long in their eyes.

    a) I'm asking for suggestions on a compromised start-up config ( I could then do a full scan if I suspect something) so that their system stays protected (my wish - because I have to fix it) vs - it takes to long - their complaint (and they will turn it off.) presently have all scan at startup options on.
    I had asked them to scan on demand before installing a new file or after downloading but of course they don't.
    FWIW ~ In the past I have just run a AV program and had TDS as scanned on demand.

    b) can I password protect TDS? (haven't found it yet if it's there)

    Steve
     
  4. Jooske

    Jooske Registered Member

    Joined:
    Feb 12, 2002
    Posts:
    9,713
    Location:
    Netherlands, EU near the sea
    You can minimize TDS at startup, not having it scanning all there is (load diifferent configurations if you want), not starting with windows startup but manually afterwards, leave the Process Memory scan (the heaviest though very usefull process in startup most time consuming) out of the configuratuion they start up with and do it manually and have the Full System Scan with all options on more then once a week, maybe each night, etc.....
    The kids can work on of course with TDS starting, only it is noticable and might be somewhat frustrating.
    Hmm WormGuard can be hidden for the user, true... TDS ... not really eh?
    Why don't you show them some SS3 scripting with it and how they can make TDS starting games and sending emails, adding desktophelpers with the msagents in it, all that kind? They should love that stuff!
    They can make TDS disappear (but still running) with thyping "hide" in the console so i wonder where to type "show" to have it back!
    If you minimize TDS to systray rc the icon gives those options too, exactly the same as in the msagents characters!
    If your system is msagent ready with all the SAPI4 runtimes, the character Genie installed you could try the InnerPeace script which ships with TDS to grab their attention and love for scripting :D
    And make it a jukebox to play their favorite music too, so why ever close TDS? this ships with TDS too, in the User Submitted files, the Wayne folder.
    TDS is not just the best security tool but it also makes security a happy experience.
    If your kids with the script examples learn that scripting part, you might get very nice surprises :)

    TDS-4 will have some differences you'll find very attractive for sure! The password protection part if not mentioned before, it's heard now and if possible might be there. Soon we'll know!
     
  5. steveb

    steveb Registered Member

    Joined:
    May 29, 2003
    Posts:
    13
    Location:
    Canada
    :D :D
    Thanks Jooske
     
  6. Andreas1

    Andreas1 Security Expert

    Joined:
    Jan 29, 2003
    Posts:
    367
    Location:
    Mainz (Ger)
    Re:Basic TDS config question(s) - more o_O

    a) I'd suggest turning memory space scanning off - this is useful if you suspect there is some bad thing in memory already at the moment when you're launching TDS. So, if you're launching TDS at Windows start and if you start with a clean system TDS will start up quickly and prevent infections with the other scan methods as long as it's running in the background.
    TDS-Configuration, "Startup" Panel: "Boost" everything, disable plugins and sockets - and in Scans enable everything except for Memory Space Scanning.

    b) There is an example script that does (almost) exactly what you need: TDS-Folder/Scripts/Examples/Misc/TDS Console Lock.ss3. Edit this in notepad and load it in TDS. Then you can Lock TDS by typing LockTDS in TDS's command line.
    Unfortunately, you'll have to cater with the password prompt that stays open until you enter the correct one and if you try to auto-run it (by calling the first Sub "Main" instead of "LockTDS" and registering it as autostart script), you will lock it before it gets to doing its startup scans...
    Thus, i'm not sure if this is of much help to you.

    See you,
    Andreas
     
Thread Status:
Not open for further replies.