DefenseWall - FW, or no FW?

Ilya Rabinovich i believe in you and i trust Defensewall,i know you can do a 64bit version of DW,go for it man

 

Tzuk at Sandboxie did a perfectly working x64 version with virtually the same high protection, so I think Ilya at DefenseWall is trying to figure out exactly how he did it. And once he does, he'll begin working on x64 version of DefenseWall.

This is my theory.

 

Nope,

It has to be perfect or it won't be done, it is zero or one, black or white, when it comes to security.

At least that is how I know him. It is not that he does not know to make a 95% version of DefenseWall for x64, he wants 100% or nothing. Virtually or in practise when looking at the chances/intrusion vectors remaining is not the real deal, so I am afraid it won't happen until it is possible to state DefenseWall provides same protection under x64 as under x32.

Sorry

 

Well said, Kees.

 

I think you put it very well ,Kees. And that is how it should be, who would trust anything less. That's what sets DefenseWall apart from the rest. If he decides to release 64 bit version it will be the real deal, pure protection.

 

Well,

There is another side to it. When you look at the flow of events of most intrusions, there is a basic question

a) Does the HIPS intercept all vectors in the sequential steps

b) Does it focus on one particular step, to intercept the intrusion

So I agree that DefenseWall is a great program, but on the same time I know that a light version of DefenseWall (using some of x64 internal mechanisms) pplus the firewall and some smart chosen defenses, would be as effective in daily practise as DefenseWall.

I even offered to invest in a x64 version (DefenseGuard) which had the DW FireWall and used some of the smart Admin settings plus a selection of the DefenseWall protection mechanisms which could be realised on x64.

But Ilya sticks to his principles

 

good idea my friend

 

But there are no more updates for DefenseWall regarding 32-bit version. Does it mean, the product is abandoned or it simply doesn't have any "holes" right now?

 

Hi, Kees.
Do you still use DefenseWall for yourself, or you changed it?
Sandboxie, perhaps?
I still trust DefenseWall the most, right now (when it comes to security).

 

Oh, that was good. I was rolling. I wish they could too.

 

3.16- very soon.

 

1. No, my mother of 78 uses DW for some years now (uses my old Vista x32 laptop)

2. No need for SBIE when Windows7 has low rights

3. Me to (for x32) that is

 

Looks like I won a DW w/fw on the softpedia giveaway. Does the DefenseWall firewall co-exist with built in Windows firewall?

 

What do you mean by: No need for SBIE when Windows7 has low rights?
Sorry, my computer language isn't that good anymore. I'm trying to follow it.

 

IE has protected mode using Low rights, Chrome has full containment (they call it sandboxing) using Low rights. When I use a program like DW or GeSWall I still can run IE and Chrome with low rights. Low rights objects and processes can't touch the rest of your Vista/Windows7 system.

Sandboxie (SBIE) forces IE9 and Chrome on Vista and Windows7 to run with medium rights (at best using the drop admin rights option of SBIE). What is the use of buying strong security (Sandboxie) when it weakens my security first (without SBIE, IE and Chrome run with Low right sandboxes, with SBIE at best with Medium rights).

See for instance difference in protection of a PoC running from a low rights Chrome download (through icacls.exe) https://www.wilderssecurity.com/showpost.php?p=1972548&postcount=24 or using both CIS and SBIE https://www.wilderssecurity.com/showpost.php?p=1971989&postcount=2 . You can try the hardway (tweaking Vista/Win7 with manual Safe-Admin setttings) or the easy way (DefenseWall and to a lesser degree in terms of user friendliness GeSWall) with more protection (no side by side intrusions with DW, which are still possible with Safe-Admin).

 

What about what gets downloaded from the internet? Downloading some questionable program via Sandboxie would be favored over nothing at all on Windows 7, no?

 

It is a DefenseWall thread, so let's keep stay on topic, sorry

DW protects all your downloads from doing harm to your PC. Look at the MRG tests in which DW has 100% protection (and Tzuk, the SBIE author himself asked to be removed from, because key-logger tests were out of scope of SBIE protection). look at AV special on DW in which DW has 100%.


Edit (Note)
I am not against SBIE. It is one of the best security solutions available. No argue about that. But it is not a solution against all threats (no product is)

 

Big thanks for this thorough explanation.

 

But what makes you think Sandboxie is not equally restrictive as DefenseWall?
What makes you think Sandboxie can't put entire computer system into a sandbox?
I did it several times (all my removable drives, C and D, all programs everything was sandboxed). Sure I restricted access to just about everything, so it was pretty much useless.
Also, you can configure in sandboxie to block all executables?
I read somewhere that in default settings, DefenseWall has better security than Sandboxie. If a keylogger activates and records your keystrokes and sends the information to a website, DefenseWall would have blocked the keylogger from activating in the first place, while Sandboxie would have allowed it to happen.
But you can configure Sandboxie to stop any executable from running except for certain programs, which should provide slightly better security than DefenseWall. But generally they both provide excellent protection.
It's harder to say which one gives more since no MRG test has been done with Sandboxie.
Any help?

 

That post must have been forever ago. I don't even remeber me saying that lol

 

But what is your opinion? And what about Sandboxie failing to protect against that network worm in the other thread:
https://www.wilderssecurity.com/showthread.php?t=307208

Thanks for the upcoming advice.

 

Hi, Kees didn't you say that Sandboxie is vulnerable to keyloggers-what type of key-loggers?
Is it vulnerable to rogue anti-virus/anti-spyware/anti-malware programs?
I'm asking this because I saw that previous versions didn't handle rogue programs that good.
What about DefenseWall?
How come Malware Research Group has never tested Sandboxie against all the threats they tested DefenseWall and all other anti-malware programs?
I wonder if Sandboxie (newest version) would pass all those tests that Malware Research Group has...

 

it will pass for sure but it requieres to be configure

 

Wait a minute, in Sandboxie you can enable drop rights, shouldn't that compensate this problem of medium security that Sandboxie provides?

Also, if you configure Sandboxie and DefensWall on maximum level, I wonder who would be the winner-it seems to me there is no winner.

 

The main question is which one is more configurable, DefenseWall is easier to use, no doubt, but which product is more configurable?