defeating GSS

Discussion in 'Ghost Security Suite (GSS)' started by Devil's Advocate, Oct 11, 2006.

Thread Status:
Not open for further replies.
  1. Devil's Advocate

    Devil's Advocate Registered Member

    Joined:
    Feb 5, 2006
    Posts:
    549
    I notice the new morgud test makes a mickey out of GSS by using faked mouse clicks to kill GSS. Not that only GSS is vulnerable (they list a lot of your competitors as well), but they showcase GSS on the website with screenshots.

    http://www.morgud.com/interests/security/dfk-threat-simulator-v2.asp

    Any plans on adding a password option? That should handle the mouse click problems

    I notice that they can beat PG even if you lock it, cos it is able to replace the files. It works for GSS too. Any defense to that? Or is it beyond the job scope of GSS ~snip~?
     
    Last edited by a moderator: Oct 11, 2006
  2. sukarof

    sukarof Registered Member

    Joined:
    Jun 22, 2004
    Posts:
    1,714
    Location:
    Stockholm Sweden
    I dont see the need for GSS add anything because of that simulator. Or maybe you could explain how I do the mouseclicks so that GSS gets terminated? As I posted here https://www.wilderssecurity.com/showthread.php?p=855827#post855827

     
  3. Devil's Advocate

    Devil's Advocate Registered Member

    Joined:
    Feb 5, 2006
    Posts:
    549
    Your reasoning is strange

    Don't tell me you belong to the school of through that believes execution control is the be all and end all of everything. Clearly the test isn't one about process creation or execution.

    BTW The fact that it starts a second process is incidental it could easily have done all the dirty work without starting another process.

    Anyway if you believe that all that is needed is for the app to provide protection is to stop any unwanted process from running, one wonders why you use a software that blocks process termination, changes to registry and dozen of other changes.

    Surely this means that there is an expection for your security program to mitigate damage done by any malicious exe. The fact that it can be taken down so easily isn't a problem to you, really?

    When the cure (or at least one of them) is so easy?
     
  4. Bubba

    Bubba Updates Team

    Joined:
    Apr 15, 2002
    Posts:
    11,271
    To all:

    As this is not the support forum for PG....let's confine our discussion as it relates to GSS only Please....otherwise We'll need to move this thread to a more appropriate forum for that discussion.

    Thanks,
    Bubba
     
  5. yankinNcrankin

    yankinNcrankin Registered Member

    Joined:
    May 6, 2006
    Posts:
    406
    LOL is all I got to say. Oh wait theres more, I downloaded dfk unlocked it then ran the Ipod-commercial.exe GSS flagged it and I didnt run it. I guess any moron would initially download a exe file and put full trust in it and run it before scanning. My point, I would never let anything execute if it got flagged by my scans or I did'nt recognize the file, hence nothing starts nothing happens, and if it does then simple restore is in order. GSS gets breached simply cuz you allow it to, after testing this further It took 4 allowed executions for it to tickle my system. Show me some real life examples of GSS getting breached or bypassed with out having to allow executions then we can have a debate about GSS being made a MICKEY
     
Thread Status:
Not open for further replies.