DefenseWall HIPS v2.54 released

Discussion in 'other anti-malware software' started by Creer, May 1, 2009.

Thread Status:
Not open for further replies.
  1. Creer

    Creer Registered Member

    Joined:
    Jun 29, 2008
    Posts:
    1,345
    Changelog:
    This version fixes various issues alongside with sandbox defense hardening. Atlantics Word Processor support is added.

    Added new languages, from now DW is available in these languages:
    English,
    German,
    Polish,
    Brasilian Portuguese,
    French,
    Swedish,
    Traditional Chinese,
    Simplified Chinese,
    Estonian.

    http://www.softsphere.com/news/
     
  2. LoneWolf

    LoneWolf Registered Member

    Joined:
    Jan 2, 2006
    Posts:
    3,408
    Thanks for the heads up. :thumb:
     
  3. arran

    arran Registered Member

    Joined:
    Feb 5, 2008
    Posts:
    1,139
    Thanks, the latest version now passes the stop2.exe test.

    I have a question for every one.
    when venders make patches where their products have failed tests like in this case defense wall has fixed its product. Do they fix and patch up the Actual Method that the test used to bypass it so as other tests and malware can't use the same method?? or do they just simply block the test program from bypassing their security product??

    Ilya Rabinovich can you give us a Technical explanation
    of the method used and how defense wall got it fixed?
     
  4. Franklin

    Franklin Registered Member

    Joined:
    May 12, 2005
    Posts:
    2,517
    Location:
    West Aussie
    Not familiar with Defensewall.

    If I run FF as untrusted it runs fine but if I run an app that locks the desktop as untrusted it doesn't run at all.

    If I run it without any Defensewall input it locks/unlocks the desktop no probs.

    Is that how it's supposed to work?

    By the way this lock desktop app seems to do nearly the same as those other 5 tests that include the stop.exes.

    Won't post a link to the app as it gets quite a few hits over at VT.
     
  5. arran

    arran Registered Member

    Joined:
    Feb 5, 2008
    Posts:
    1,139
    No its not supposed to work like that. it should be able to run in untrusted mode but without being able to lock up the desktop, unless defense wall is doing some thing like terminating the app after 1 second of it running??

    Can you pm me the app?
     
  6. Kees1958

    Kees1958 Registered Member

    Joined:
    Jul 8, 2006
    Posts:
    5,857
    I don't know about vendors, but Ilya normally provides a real solution for the actual intrusion method.
     
  7. demoneye

    demoneye Registered Member

    Joined:
    Dec 30, 2007
    Posts:
    1,356
    Location:
    ISRHell
    very interesting point !! as far i know ilya and defensewall , ilya aint gona go for the easy way, unlike other big company that can go for it :D

    anyway arran , i dont think any software developer ever admit he block the software symptom and not actually fix the security issue :D :D :D
     
  8. ruinebabine

    ruinebabine Registered Member

    Joined:
    Aug 6, 2007
    Posts:
    1,097
    Location:
    QC
    Interesting idea, could we know the name of this program?

    EDIT: I read some reviews of it, d*mn, crazy stuff, imho!
     
    Last edited: May 2, 2009
  9. Ilya Rabinovich

    Ilya Rabinovich Developer

    Joined:
    Sep 13, 2005
    Posts:
    1,543
    DefenseWall's defense is purely driver-level. As about stop2- it's using EnableWindow API function to disable window's elements. To provide a protection, I have traced EnableWindow's SSDT number, hooked the function and implemented protection routine. Easy and simple, it took about 10 minutes to make it work.
     
  10. Ilya Rabinovich

    Ilya Rabinovich Developer

    Joined:
    Sep 13, 2005
    Posts:
    1,543
    Please, send me a link to the support e-mail, I'll check it out.
     
  11. ruinebabine

    ruinebabine Registered Member

    Joined:
    Aug 6, 2007
    Posts:
    1,097
    Location:
    QC
    Never mind. Btw, there is 1st Screen Lock that can do that, among others of this kind.
     
  12. arran

    arran Registered Member

    Joined:
    Feb 5, 2008
    Posts:
    1,139
    Thanks for the explanation Ilya Rabinovich.

    and while you are here I have found that defense wall fails the system shut down simulator test http://zeroday-software.110mb.com/
    so we may also need a fix for this in the next version.

    my pc doesn't get shut down but things do get terminated. can you guys here test this if u have defense wall?


    also what does the setting Expert mode do?? I can't find any xtra advanced settings when I select Expert mode.
     
  13. LoneWolf

    LoneWolf Registered Member

    Joined:
    Jan 2, 2006
    Posts:
    3,408
    From the help file............

    2009-05-02_075021.png

    You should really take the time to read the help file accessable from DW's tray icon. Very educational.
     
Loading...
Thread Status:
Not open for further replies.