Configuring SSM

Discussion in 'other anti-malware software' started by WilliamP, Oct 4, 2006.

Thread Status:
Not open for further replies.
  1. WilliamP

    WilliamP Registered Member

    Joined:
    Jun 1, 2003
    Posts:
    2,201
    Location:
    Fayetteville, Ga
    I am an old PG user and had PG figured out as to configuring it. I want to get SSM configured to provide good security. I have been looking at the manual and tutorial ,but I would appreciate help. PG would give a popup if a program wanted to install a driver or access memory or what ever and I could go in and ok it. I'm not getting popups like that with SSM. When I click on Rules,Applications then click on an application I get Logging,System Control,Code/Dll injection,Process Control and Protection. All of these have little boxes and most have question marks in them. Am I supposed to do anything with these?
     
  2. Minimax2000

    Minimax2000 Registered Member

    Joined:
    Jun 11, 2006
    Posts:
    204
    Location:
    Switzerland
    Hello William

    please ensure that SSM is not in "Learning Mode" (green tray icon with red spot). In Learning Mode SSM logs all actions on your PC and automatically creates corresponding application rules behind the scene. No popup is generated in this mode. This mode is recommended if you are sure that you have a clean system without malicious code (trojans etc) and using SSM the first time.

    Once you have performed all your usual PC routines in Learning Mode(i.e. starting applications) deactivate Learning Mode (the red spot vanishes). You are now in SSM's attack detection mode. By the way you can find "Learning Mode" by right mouse clicking the system tray icon.

    Without "Learning Mode" (= pure green tray icon) perform some leak tests.

    For example zapass test:
    http://www.whirlywiryweb.com/article.asp?id=/trojanimplant

    Or from SSM's website:
    http://www.syssafety.com/leaktests.html

    SSM should now report suspicious activity (code injection, keylogging etc.) and prompt for Allow, Block, Create Rule.


    If you click on an application rule you see the current rules for system actions assigned to this application. For example a question mark in "Allow remote code control" means prompt for this action when this particular application tries to perform remote code control. A checkmark in the box allows remote code control and if the box is empty then the action is blocked.


    Hope this helps.

    Regards
    Frank (dedicated SSM user)
     
    Last edited: Oct 4, 2006
  3. WilliamP

    WilliamP Registered Member

    Joined:
    Jun 1, 2003
    Posts:
    2,201
    Location:
    Fayetteville, Ga
    Thank you Frank.
     
  4. Old Monk

    Old Monk Registered Member

    Joined:
    Feb 8, 2005
    Posts:
    633
    Location:
    Sheffield, UK
    Hi

    This looks a good thread for my requests.

    Like WilliamP I've used the paid version of PG for some time.

    I've recently downloaded the free version of SSM and started to configure it by way of the tutorial.

    Would any of you experienced SSM users out there mind me posting what I've done so far and give me advice as to whether I'm on the right track and also some advice on the more advanced tweaks for parent/ child permissions?

    Also, if I'm getting things right, if I download the trial of the paid version, will I have to start from scratch again?

    It seems a very powerful application and really like the involvement of the user. I've tried out one or two of the more community based HIPS but I just prefer the feeing of being in control myself.

    PS I'm asking here because the SSM forums do seem a little quiet at this stage and I know there are experienced users at Wilders

    Thanks for reading.
     
  5. WilliamP

    WilliamP Registered Member

    Joined:
    Jun 1, 2003
    Posts:
    2,201
    Location:
    Fayetteville, Ga
    Say Monk . It seems SSM doesn't need that much configuring. I have the full version on this comp. and the free on my older computer. I may go full on the other but I probably don't need to.
     
  6. herbalist

    herbalist Guest

    Old Monk,
    I'm pretty certain the trial version will import the ruleset made by the free version. The uninstaller for the free version asks if you want to delete the configuration files when uninstalling. They had updating and carrying rulesets forward in mind.
    That's the whole point of the forums, helping each other and learning from each other.
    SSM doesn't actually "need" to be configured to the point of specifying what every executable can do individually. It will let you configure to that level if you want to, but you don't have to.
    You mentioned using the free version on an older computer. The pay/trial version won't work on DOS based systems, Win95, 98, ME. Wasn't sure what you meant by "older computer".
    Rick
     
  7. WilliamP

    WilliamP Registered Member

    Joined:
    Jun 1, 2003
    Posts:
    2,201
    Location:
    Fayetteville, Ga
    Both my computers are XP. One ,the older is Home and the newer one is Pro. Both are SP2 up to date. I just wanted a newer /faster one.
     
  8. Old Monk

    Old Monk Registered Member

    Joined:
    Feb 8, 2005
    Posts:
    633
    Location:
    Sheffield, UK
    Thanks Herbalist and WilliamP for your replies.

    @ Herbalist - (quote tags not working) I agree but I was just a bit concerned about asking for help on a product here when an official forum exists. I know some members can be a sensitive about that sort of thing.

    Anyway, I'm going to install the trial version of the paid product and see if my config is imported.

    I'll post in a couple of days or sooner with the way I've set up SSM and your feedback would be appreciated if you could keep a look out on this thread.

    Thanks again.
     
Thread Status:
Not open for further replies.