DefenceWall and OA HIPS overlap

Discussion in 'other anti-malware software' started by Juha L, Apr 20, 2009.

Thread Status:
Not open for further replies.
  1. Juha L

    Juha L Registered Member

    Joined:
    Dec 25, 2007
    Posts:
    48
    Many people seem to use both DW and Online Armor (paid) at the same time. Is there some significant benefit in it? OA HIPS has the "run safer" option which I believe is close or equivalent with DW´s untrusted processes in practise cause both are lowering the rights of the processes if I understood correctly.

    Why use these programs together? Isn´t there much overlap also with other HIPS functions like keylogger detection?

    Also, has anybody compared DW HIPS and OA (paid) HIPS against each others in real life testing?

    I would understand if some Kerio or other pure firewall users want to add HIPS-functionality with DW, but I don´t quite understand why you would need/want DW, if you use OA paid which already has HIPS and "run safer" options?
     
    Last edited: Apr 20, 2009
  2. twl845

    twl845 Registered Member

    Joined:
    Apr 12, 2005
    Posts:
    4,186
    Location:
    USA
    It was explained to me that they will run nicely side by side, but might conflict with each other if there is an attempt to infect your computer. In this case, instead of having the protection of 2, you wind up with the protection of 1. I ran them together for about 10 days with no problems. I finally uninstalled DW in favor of OA.:)
     
    Last edited: Apr 20, 2009
  3. Creer

    Creer Registered Member

    Joined:
    Jun 29, 2008
    Posts:
    1,345
    Hello Juha,

    i use both OA paid and DW. I use that combo because:
    1. OA is a classical HIPS which i like,
    2. I like idea of Banking Mode in OA,
    3. OA is a firewall, DW not yet (in future will offer OP)

    Since i have DW i never use Run Safer option in OA because DW offers it for me - restriction based policy. In my opinion DW protection is better (stronger) in this case.

    As i mentioned - OA offers classical HIPS which will give you more details about any action on your computer.
    DW offers 'smart' - very silent HIPS, which inform you about for example keyloggers, unauthorized access to protected datas, etc.
     
  4. Kees1958

    Kees1958 Registered Member

    Joined:
    Jul 8, 2006
    Posts:
    5,857
    Downloaded files are contained in a limited environment by DW, OA focusses on processes, that is why people like to run them together (both user friendly), so you have got a double proctection
     
  5. jmonge

    jmonge Registered Member

    Joined:
    Mar 20, 2008
    Posts:
    12,883
    Location:
    Canada
    exactly and that's why i run DefenseWall and MalWare Dender(doble layer)
     
  6. Blackcat

    Blackcat Registered Member

    Joined:
    Nov 22, 2002
    Posts:
    4,010
    Location:
    Christchurch, UK
    What's the CPU time usage running these two together?
     
  7. Creer

    Creer Registered Member

    Joined:
    Jun 29, 2008
    Posts:
    1,345
    In my case - 2 hours after reboot (~1h TV streaming, 1h browsing):

    defensewall.exe - 2min 48sec
    defensewall_serv.exe - 0min 0sec

    oacat - 0min 0sec
    oahlp - 0min 1sec
    oasrv - 0min 20sec
    oaui - 0min 42sec

    opera.exe - 19min 7sec
     
  8. starfish_001

    starfish_001 Registered Member

    Joined:
    Jan 31, 2005
    Posts:
    1,041
    Last time I played with OA run safer was basic like DropMyRights, sysInternal's psexec, wtc ........ simply running progs with LUA token for that particular instance, not when started as a child process of some other program

    Defensewall or Geswall should be much stronger in this respect
     
  9. Ed_H

    Ed_H Registered Member

    Joined:
    Nov 10, 2004
    Posts:
    662
    Location:
    Chicago, IL
    I also am using DW along with OA paid. They seem to get along fine with only a very slight slowdown. Has anyone here been able to conclude thru testing that they will not conflict in the event of malware detection?
     
  10. Creer

    Creer Registered Member

    Joined:
    Jun 29, 2008
    Posts:
    1,345
    I did it. Please look at my video on YT:
    http://www.youtube.com/watch?v=LRcxMhiHXGQ
     
  11. Ed_H

    Ed_H Registered Member

    Joined:
    Nov 10, 2004
    Posts:
    662
    Location:
    Chicago, IL
    Creer...thanks for the link to your video. That answered all my questions. It seems that the combination of OA plus DW should be just about impenetrable. :thumb:
     
  12. jmonge

    jmonge Registered Member

    Joined:
    Mar 20, 2008
    Posts:
    12,883
    Location:
    Canada
    iin one of my pc's i use malware defender with defensewall and very ligth and tight security;) good job ilya and xiolin:)
     
  13. Creer

    Creer Registered Member

    Joined:
    Jun 29, 2008
    Posts:
    1,345
    You are welcome, I am glad i could help.
    Yes, exactly, thats why i very like this combo - it gives me peace of mind without any additional resident AV or AS/AM - simply the best :thumb:
     
  14. Ed_H

    Ed_H Registered Member

    Joined:
    Nov 10, 2004
    Posts:
    662
    Location:
    Chicago, IL
    I am curious...did you by chance test while using run safer to see what would happen with DW?
     
  15. Creer

    Creer Registered Member

    Joined:
    Jun 29, 2008
    Posts:
    1,345
    Not yet :D because with installed DW i have never used Run Safer mode which is implemented in OA - this is unnecessary in my point of view. I can only imagine that with Run Safer enabled and DW installed - still everything should be ok, without any negative impact.
     
  16. Creer

    Creer Registered Member

    Joined:
    Jun 29, 2008
    Posts:
    1,345
    Oh and i didn't mentioned that i have disabled in OA two modules, i mean Web Shield and Mail Shield.
     
  17. twl845

    twl845 Registered Member

    Joined:
    Apr 12, 2005
    Posts:
    4,186
    Location:
    USA
    So you disabled those features in OA and are using DW to replace that protection? Then in essense OA and DW aren't truly running side by side.
     
  18. Creer

    Creer Registered Member

    Joined:
    Jun 29, 2008
    Posts:
    1,345
    Correct i disabled both of them because with OA WebShield i noticed slow down during browsing Internet via my browsers, Web Shield takes also much higher CPU time when it is enabled.
    Mail Shield i disabled because i don't need this... mostly i use webmail or just use WLM.
    On the other hand - yes i also believe that DW covers me very well on this protection level.
    Please note that when i was running OA with all shields enabled along side with DW i didn't notice any issues.
     
  19. Ed_H

    Ed_H Registered Member

    Joined:
    Nov 10, 2004
    Posts:
    662
    Location:
    Chicago, IL
    I installed the final release version, 3.5.0.9 and now I have some slowdown issues. Release Candidate 3.5.0.6 worked great but now there seems to be a conflict of sorts.
     
  20. Creer

    Creer Registered Member

    Joined:
    Jun 29, 2008
    Posts:
    1,345
    Yes i know what you mean, in my opinion 3.5.0.6 was a bit lighter than final release 3.5.0.9.
    Did you try disable DW protection and than check if any slowdowns are still there? Or if you have enabled Web Shield - disable them and than checked with DW enabled.
     
  21. Ed_H

    Ed_H Registered Member

    Joined:
    Nov 10, 2004
    Posts:
    662
    Location:
    Chicago, IL
    I am also getting longer boot times. If I disable DW the slowdowns are not as significant but still there. I have also disabled OA's web shield and mail shield. For the time being, I am going back to 3.5.0.6.
     
    Last edited: Apr 22, 2009
  22. Creer

    Creer Registered Member

    Joined:
    Jun 29, 2008
    Posts:
    1,345
    Well i noticed significant slowdowns only in one case - at the beginning after installation OA and that was because OA blocked one DW service (defensewall_srv.exe) make sure you have this service running. Maybe this is the reason... i have no idea o_O
     
Loading...
Thread Status:
Not open for further replies.