DefenseWall Limations

Discussion in 'other anti-malware software' started by starfish_001, Jan 1, 2006.

Thread Status:
Not open for further replies.
  1. starfish_001

    starfish_001 Registered Member

    Joined:
    Jan 31, 2005
    Posts:
    1,041
    I've just bought DW - liked what how it seems to do, I'm aware of a number of similar applications - what is not clear to me is the extent of protection that DW offers.

    Anything running in the DW has certain restrictions place on it

    Can't modify trusted files (eg virus behavior, or Trojan injection etc)
    Can't create hooks (keyloggers)
    Can't autostart
    Can't install drivers

    But can copy&paste from trusted files - or are there limits

    DW does not require a reboot because it sandboxes access to files? Unlike apps that sandbox the disk as a whole.

    So the thing that confuses me most is how are changes to the OS environment are dealt with for untrusted apps they must eventually make their way to disk storage, if they are to be permanent. for example favourites are saved without complication. What can and can not be written?


    Other apps like this include, but not the same might be:


    BufferZone
    Creates a virtual zone in the PC, this Zone is separated from the real OS, however it's very flexible and transparent to the user, in the virtual zone named BufferZone you can do whatever you want, even run viruses and they will not effect the real OS , where all you vital info is located. Seems most like DW to me.

    Sandboxie
    extends the operating system (OS) with sandboxing capabilities by blending into it. Applications can never access hardware such as disk storage directly, they have to ask the OS to do it for them. Since Sandboxie integrates into the OS, it can do what it does without risk of being circumvented. Sandboxie also prevents programs executing inside the sandbox from loading drivers directly. It also prevents programs from asking a central system component, known as the Service Control Manager, to load drivers on their behalf. In this way, drivers, and more importantly, rootkits, cannot be installed by a sandboxed program.

    ShadowSurfer™ provides secure and easy to use PC protection. ShadowSurfer is the best way to prevent accidental or malicious changes to your PC. Require a reboot before each use, because they sandbox disk storage as a whole. They provide the operating system and everything in it with a single virtual disk?



    As I said I like DW but ...I am not clear on the extent of protection that DW offers. Any helpfiul thoughts
     
  2. Zhen-Xjell

    Zhen-Xjell Security Expert

    Joined:
    Feb 8, 2002
    Posts:
    1,397
    Location:
    Ohio
  3. starfish_001

    starfish_001 Registered Member

    Joined:
    Jan 31, 2005
    Posts:
    1,041
    Thanks interesting
     
Thread Status:
Not open for further replies.