DefenseWall FW- some questions!

Discussion in 'other anti-malware software' started by ams963, Sep 2, 2012.

Thread Status:
Not open for further replies.
  1. ams963

    ams963 Registered Member

    Joined:
    May 3, 2011
    Posts:
    5,965
    Location:
    Parallel Universe
    Hi,

    As far as I understand DefenseWall FW sandboxes untrusted processes and apps. But it does not delete the contents of a sandbox like sbie does. Simply restricts the access by process to certain areas of Windows.

    What will happen if a malware infects my pc? System will not be damaged as malware is sandboxed and perfectly safe. But it will remain there right? And the moment I uninstall DefenseWall FW the malware sees the light of my system right? What happens if that malware of a keylogger type? Or screen grabbing type? Does DefenseWall FW protect browser from MITB and MITM?

    Best Wishes,
    Amit
     
  2. biscuits

    biscuits Registered Member

    Joined:
    Feb 16, 2010
    Posts:
    111
    Has Defensewall lost its rollback feature? You have tried using Defensewall right?
     
    Last edited: Sep 2, 2012
  3. G1111

    G1111 Registered Member

    Joined:
    May 11, 2005
    Posts:
    2,127
    Location:
    USA
    Yes it sandboxes any untrusted (usually Internet facing) programs and with the firewall option does not all it to call out (it has both inbound and outbound application control). To empty the sandbox either use delete or rollback functions.

    I have not seen any malware that can get around it. If malware runs within its restricted zone just hit "stop attack" button and it will stop/freeze. You can then rollback or do scan with something like HitmanPro to get ride of the malware. It can not affect your computer or send any information out.
     
  4. ams963

    ams963 Registered Member

    Joined:
    May 3, 2011
    Posts:
    5,965
    Location:
    Parallel Universe
    I'm currently using DefenseWall FW. I didn't know it had a rollback feature. I could not find it mentioned anywhere on the interface.
     
  5. ams963

    ams963 Registered Member

    Joined:
    May 3, 2011
    Posts:
    5,965
    Location:
    Parallel Universe
    How do I rollback or delete to empty the sandbox? I could not find them mentioned anywhere on the interface.
     
  6. Solarlynx

    Solarlynx Registered Member

    Joined:
    Jun 25, 2011
    Posts:
    1,919
    Yes.

    Yes, but remains inactive, only the "dead body" of the malware.

    No, since it failed to really infect the system and to run the process. You got only a dead remnant of the malware in the HD.


    Afaik it's the same as I told before. I have never seen that DW somehow fails any antimalware test. :thumb:

    Though its creator insists on multilayer protection - add some free av even if its not resident, just for detection and cleaning of dead remnants of malware.



    [MOVE]DefenseWall Personal Firewall is GREAT ! ! ![/MOVE]


    .
     
    Last edited: Sep 2, 2012
  7. Ilya Rabinovich

    Ilya Rabinovich Developer

    Joined:
    Sep 13, 2005
    Posts:
    1,543
    You can't empty the sandbox as there is no sandbox (virtualization container, in fact). There is rollback, its onto the "Stop attack" sheet, "File and Registry Rollback", but it's a partial solution.

    The main idea of DW is to prevent users from being infected with 0 to 6 hours malwares, taking into account that an average user will fail with properly operating virtualization container. Because, after this time, anti-virus is entering this "cat-mouse" game (referring to MRG Flash Test) and can clean up malware files from untrusted zone automatically, without user's interaction.
     
  8. ams963

    ams963 Registered Member

    Joined:
    May 3, 2011
    Posts:
    5,965
    Location:
    Parallel Universe
    Okay got it.
     
  9. ams963

    ams963 Registered Member

    Joined:
    May 3, 2011
    Posts:
    5,965
    Location:
    Parallel Universe
    Ah I understand now. So I've to use an AV with DefenseWall FW to get proper protection. Okay thanks.
     
  10. G1111

    G1111 Registered Member

    Joined:
    May 11, 2005
    Posts:
    2,127
    Location:
    USA
    You may not need an AV as DW is that good. I use what's in my signature because I love to be paranoid :cool:
     
  11. ams963

    ams963 Registered Member

    Joined:
    May 3, 2011
    Posts:
    5,965
    Location:
    Parallel Universe
    Okay thanks.:)
     
  12. jmonge

    jmonge Registered Member

    Joined:
    Mar 20, 2008
    Posts:
    12,883
    Location:
    Canada
    it is very strong i tell you;) :thumb:just learn how to use the roll back feature and you have some thing like sandboxie
     
  13. ams963

    ams963 Registered Member

    Joined:
    May 3, 2011
    Posts:
    5,965
    Location:
    Parallel Universe
    Thanks. I don't need Rollback and Ilya said it's a partial solution. I'm safe and secured with my setup I guess.:)
     
  14. jmonge

    jmonge Registered Member

    Joined:
    Mar 20, 2008
    Posts:
    12,883
    Location:
    Canada
  15. waters

    waters Registered Member

    Joined:
    Nov 8, 2004
    Posts:
    934
    If the rollback feature is never used ,how much history accumulates,isnt that a problem
     
  16. Ilya Rabinovich

    Ilya Rabinovich Developer

    Joined:
    Sep 13, 2005
    Posts:
    1,543
    Nope as this list saves entries only for 30 days (can be switched off).
     
  17. ams963

    ams963 Registered Member

    Joined:
    May 3, 2011
    Posts:
    5,965
    Location:
    Parallel Universe
    What do you mean? Kindly elaborate.
     
  18. Creer

    Creer Registered Member

    Joined:
    Jun 29, 2008
    Posts:
    1,345
  19. Ilya Rabinovich

    Ilya Rabinovich Developer

    Joined:
    Sep 13, 2005
    Posts:
    1,543
    I mean that 30-days old entries in the list removes by the program in case "Automatically remove items from rollback list" is on (it is by default).
     
  20. ams963

    ams963 Registered Member

    Joined:
    May 3, 2011
    Posts:
    5,965
    Location:
    Parallel Universe
    @Creer and @Ilya Rabinovich

    Thanks a lot guys. :thumb:
     
  21. AaLF

    AaLF Registered Member

    Joined:
    Feb 20, 2005
    Posts:
    986
    Location:
    Sydney
    Is LnS a carry over from an old love affair or is there benefit in keeping it running alongside DW?

    (Just asking as I've yet to delve into DW)
     
  22. G1111

    G1111 Registered Member

    Joined:
    May 11, 2005
    Posts:
    2,127
    Location:
    USA
    A little of both. LnS is a true firewall with SPI and DW is more of an application permission. There is some overlap with application control, but they have no conflicts with each other.
     
  23. waters

    waters Registered Member

    Joined:
    Nov 8, 2004
    Posts:
    934
    Thanks never knew that,i will buy when a 64 version is out
     
  24. jmonge

    jmonge Registered Member

    Joined:
    Mar 20, 2008
    Posts:
    12,883
    Location:
    Canada
    me too;)
     
Loading...
Thread Status:
Not open for further replies.