Beta-testing of the DefenseWall Host Intrusion Prevention System.

beetlejuice69 & WSFuser,
Thanks for explaining defense and defence LOL.
In Belgium, we learn English, not American and there are indeed some differences in spelling. This is probably one of them, like favourite and favorite.

I would have used the word "Defense" too, but I noticed the difference when I saw the names DefencePlus and DefenseWall, so I was confused as a foreigner LOL.

 

America changed the spelling of a lot of English words...not sure why.

eg. Many english words ending in 'our', translated into american, end in 'or' eg armour=armor honour=honor colour=color etc

There are numerous others that I keep meaning to keep a track of, but can never seem to remember them off the top of my head...heh, MS has language zones, but even then, for example, MS Office...I have it set to Australian/English spelling (exactly the same), but it still has occasional 'errors' marked in red, that are correctly spelt english, but would be an error in american spelling.

 

A fun Test with defensewall -

Run Advanced Process Termination v1.9 as untrusted, and you'll see it's got no game - that is to say, nothing to kill Except for untrusted applications of course. Looks good!

 

Perhaps you/richrf should specify what you want to know? The fact that Ilya found a major security flaw with KAV should say something. DefencePlus has also been around a bit, you might do some Googling on it.. apparently buffer overflows are all the buzz around the real security circles

I seem to be in the same boat.. no idea where the confusion would come from. DefencePlus is a separate program only mentioned on the website.

DefenseWall is really shaping up.. I've not had a single problem with the last couple of versions (of course I will as soon as I hit 'send').

 

Just wanted to know some background info like the name of this company, how long in business, endorsments for any of his other products. I think for some people like me, the more I know about the vendor the better. Especially when you have never heard of this person/software before. I thinks that's legitimate for anyone to ask.

It sounds like a nice product, thats why I said "I know you guys are in glory" because you all love testing this stuff out. You know, "the kid with the new toy".

 

I hope you are implying this isn't part of the 'real security circles'

Anyway I think I will trying out Defensewall this week. I'm looking for something that i can safely run untrusted freeware software.

 

I've sent him PM.

Look into your PM.

 

Ilya why so secretive? Why not post it here?

 

But why I should? This thread is about beta-testing of the product. Admins are watching! If you are interesting in some other information, not related to the topic- start the new thread or send me PM.

 

I've just added new item into explorer context menu+ some inner improvenemts. If you have had the beta with the error I was mentioned, you need to uninstall you current version of the DefenseWall, reboot, install this one, register and reboot.

 

There is one more improvement (the last one for today). I need your opinion about new untrusted windows caption view...

 

LOL, yeah, I suppose that was a bad choice of words.. I was reffering to the more technical/programming oriented circles where the developers and security professionals tend to discuss things.. you'll notice that I am here typing this, though, and not there talking about it

 

Subject matter of thread....Beta-testing of the DefenseWall Host Intrusion Prevention System....not Guest posting @ Wilders.

The posts with a side discussion concerning Guest posting were moved here.

 

thanks bubba, as always a wise decision.

 

Liked the sound of your program so I installed it.
Looked good at first, small memory use <3mb
First thing I noticed was my computer hard rebooting
when double clicking NFO files. Odd.
Then I tried to Zip a file using the right-click menu - you
guessed it - hard reboot.

I tried both those actions a number of times and same
result. Uninstalled DefenseWall and all is well.

Winzip wasn't in the restricted apps nor my default
NFO Viewer. Only the default apps and my internet apps
were restricted. Obviously a hook thing going on there.

Shame.

Any thoughts?


Would certainly try this again if there is a solution to the above.

 

You should realize that this and Anti-Malware (I'm assuming you're the same person that posted in their forum) are both still in beta. The solution at this point would be to report the problem to the developer and work with them to see it resolved. You would also be expected to report any other problems or ideas for improvment, in return you would be granted a free license to the program

 

Well said there Notok.

Man, I have not been around this place much lately. I must try to get back into the swing of things.

 

I was just checking .nfo and winzip work. Everything is fine. I would advize you to download the latest beta (maybe, you have not the latest one?) and check if you still have problems. If you have any, I need your minidump files (.dmp files within %windir%\minidump folder).

 

Cheers for the replies

was using
DefenseWall_v1_00.exe: 172,363 bytes
MD5: 1bc6ab460111bed93631e09994960a80

have downloaded the latest one and will give it a wirl
MD5: 7cc2162684a2c94f762c904b4d6cf119

if I have the same problem I'll dig out the minidump

===

Notk

I'm well aware these are betas

'The solution at this point would be to report the problem
to the developer and work with them to see it resolved.'

Mmmh, I thought that's what I was doing here and over at the
BufferZone

 

Btw, I was getting hard reboots with these two programs especially not too long ago as well, it turned out to be one of the sticks of my RAM dying.. you might want to give something like MemTest86+ a go, just to be sure. My RAM was 6 month old Kingston RAM, so I wouldn't have expected it.

 

Notok

Thanx for the reply

Installed the latest version and everything is working
as it should be
NFO's and context Zipping are fine

fingers crossed

If those problems come back I'll keep your experience in mind
and check with that little proggy.

========

I notice that the icons for Untrusted apps often disappear
when you click on the Event Log then back to Untrusted.

No biggy

I see there are 10 files added to Untrusted by default.
Which apps (or type of apps) are recommended for inclusion
in the Untrusted group? I presume browsers, ftp, p2p apps etc.
What else do other testers put in there?

=========

There's a spelling error on the Close All Untrusted page
2nd line '... - trusted and untrusted...'
looks like you need to add a space just before the dash as well
'... two groups - trusted and untrusted.'
and maybe the start of the next sentence needs a space too, it's
hard to tell though.

I know these things can be difficult to spot as I've worked
as a proof-reader

=========

The following sentence after this doesn't read very well.
May I suggest
'Your system is protected from untrusted applications by preventing
the modification of sensitive system areas.'

or

'Your system is protected from untrusted applications by preventing
them modifying sensitive system areas.'

It's one of those awkward sentences

 

I would suggest giving it a go anyway.. trust me, it sucks to find out the hard way Once you get the CD burned, you just boot up and go.. If I remember right, you pretty much just hit 'enter' to confirm it to go, very easy. Just let it run for a good hour or so.

Yup, pretty much anything that communicates over the internet.. include IM and email.

 

All the applications are connected with the dangerous Internet content.

Thanks a lot for your suggestions.
If you still intend to test DW, contact me (support [at] softsphere [dot] com) and I will send you your 100-year key.

 

Testing right now

It just caught Firefox trying to do a bunch of stuff with
tftp, wscript, cscript, outlook & IE etc
while I was browsing
This could be quite normal and only brought to my attention
because I'm using DefenseWall.

Attempt to delete key HKCR\GOPHER\shell\open\ddeexec\Application\
Attempt to delete key HKCR\CHROME\shell\open\ddeexec\Application\
Attempt to delete key HKCR\FTP\shell\open\ddeexec\Application\
Attempt to delete key HKCR\HTTPS\shell\open\ddeexec\Application\
Attempt to delete key HKCR\http\shell\open\ddeexec\Application\

=======

Is there anyway for the program to list which Untrusted app
is registered as running? Perhaps some indicator in the
Untrusted window.

==========

I also noticed that the Firefox icon is sometimes shown against
the Untrusted app that it tried to use/run. It doesn't display this
all the time though. Ditto for the Event window. Sometimes it's
just the offending apps icon (Firefox) and sometimes the icon
of the Untrusted app e.g. IE, Outlook etc

Something similar to the report in my first post

'I notice that the icons for Untrusted apps often disappear
when you click on the Event Log then back to Untrusted.'

Not a Biggy

 

Very strage. I have no such the messages with the FF and even have no such the reg. keys! Do you have the messages just running the FF or during the browsing?

In the next version. Now I'm too busy by applyeing skin with my interface and running version 1.0.

Will be fixed with release version (it has another GUI structure).