DefenseWall Single Product Reviews

Single Product Review by AV-Comparatives.

http://www.av-comparatives.org/comparativesreviews/single-product-reviews

 

Thanks Lone Wolf. Would have liked to seen more details on the malware tests. Overall good review though.

 

Thanks for the link LoneWolf.

Overall an excellent review...congrats to Ilya.

 

100% on zero day threats, what else had you expected

 

Did they ask for support? If I'm unaware of a problem, I can't fix it.

 

meaning everything is ok
nothing broke here so far since i got DefenseWall for about a year

 

Excellent review, congratulation Ilya!

 

Great thanks

 

Well done Ilya.
You deserve all of the accolades for the tireless work for your product

 

@Ilya: Yes: Nice review congrats. Didn't really cover anything anyone didn't already know.
I hope this helps raise the profile.
They could have expanded some comments re Developer who never sleeps.

Re:

Is that a typo, or am I missing something ??

oops; Had to correct my own typo.

 

DefenseWall HIPS will be 50% off on 05/29/09 at www.iconico.com.

 

Most of software can be installed as untrusted. DefenseWall is designed this way. This will gives no protection for the files and registry keys, but it is possible.

 

With av-comparatives.org showing defense wall, this could make defense wall
more popular on the internet. The problem with this is it could create a target for malware writers to try and find ways to bypass defense wall, so we could end up with malware on the net able to bypass defense wall. even tho this may only be a small possibility atm but personally I prefer the powerful abilities of defense wall to remain a secret only to a few rather than it becoming as popular as normal AV's. The last thing we want is hackers and malware writers finding ways to bypass sandbox programs.

 

av-comparatives.org is for avs arran
why u think DW should even get there ? its NOT avs
i think arran need to get 1 weak (ban) vacation for stupid spreading

cheers

 

@Ilya; ah yes, see it now; I interpreted that as a 'test' of 'untrusted'
Thanks

 

I stand corrected then, Defense wall has not at all been mentioned on av-comparatives.org. because like you say it is not an AV.

 

Pity they didn't test if any malware droppers can be harvested with ease and complete safety like you can with the best security app ever in being Sandboxie.

 

Please stop your Sandboxie troll behaviour, this is a DefenseWall thread, go parroting Sandboxie elsewhere or put a sock in it

 

Pity they didn't test if any malware droppers can be harvested with ease and complete safety like you can do with only one other security app that happens to be the best available.

 

i geuez franklyn likes sandboxie alot like i do like defensewall but he got in the wrong place and in the wrong time
maybe he didnt noticed that we are celebrating another defensewall's victory here

 

Hello,
Can anybody explain why I am getting this error ??
Is DefenseWall incompatible with KIS 2010 ??
I have selected allow option from it.
Everything is working fine till now.

 

I believe the original Defensewall setup file is packed as a self-extracting rar file. During installation, it extracts another setup executable into a subdirectory inside the user's profile directory (shown partially as c:\documents and settings\.... in your picture). The setup executable will then install DW's driver into the Windows system32 directory and KIS finds this driver creation suspicious. KIS is doing its job here but the DW driver is legit also, so an Allow operation is OK.

 

Hi,

Just a few subjective comments.

"Even though a protection rate of 100% was achieved at this test, it should be clarified that in reality, there is no 100% protection with any product. "
Any serious test methodology should be elaborated to validate this affirmation:100% security is off course an Heresy.
Any tester should forget testing if he can not defeat/bypass/evade/elude/escape the product he wishes to test.

"What should be emphasized is that the soft-ware should be regarded as being a supplement to an Anti-Virus product and not as a replacement."
Fully subjective comment which can be discussed under technical perspective.
Fully subjective because AV-Comparatives (like most av test organizations) plays the game of the AV industry since its creation.
Fully subjective for interest conflict reasons: financial deals/partnerships between AV editors and the AV test organizations.
Technically, an antivirus is not necessary in combination with DefenseWall: it is not a question of product, but mainly a question of user (skills/experience/habits).
For a P2P user who often download cracked video games for instance, an av is more suited.
For a basic use of the computer, or for an experimented user, an av is not necessary, and DW is self-sufficient by itself (case of Ilya who-correct me if i'm wrong-does not use an antivirus).
I would personally recommend a rollback/instant recovery solution as plus to DefenseWall.
On the other hand this review is not intended for technicians and experts but mostly for the mass, and in this case AV Comparatives comments are totally legitimate.

"DefenseWall HIPS does not block e.g. buffer overflows (so far), phishing attacks, Internet connections/browser hijacks. "
It is of course not new.
DW does not protect against BO simply because Softsphere sells a specific product (Defense Plus) devoted for Buffer Overflow protection.
More over, most HIPS are designed, as suggested by the terminology, to protect the local host against intrusion by malwares.
And most HIPS, for desktop or corporate environment, are vulnerable to many client-server side attacks.

I might be wrong, but this review has been done with a little financial donation from Softsphere.
Now very jalous i am waiting for the 500 kg of Beluga, a set of Matrioshka made in gold and diamond, and 100 bottles of Diva vodka for my friends...
More seriously, with Ilya (as for many HIPS dev. like Ivo/AntiHook, Vassili/SSM or Mike/OA) i have not been confronted to the pathetic ego and the bad faith of some big av editors devs: once an issue is reported, he takes a look at it and come back a few hours later with a new fixed version..maybe because he knows that security soft development is a Sisyphus job...
It's highly difficult to design a very effective security soft (AV or HIPS or firewall) that will combine ease of use, freedom and limited user interaction.
DefenseWall is one of them (Sandboxie, Geswall, BZ and PrevX can also be mentioned).
No time to look seriously to DW in order to answer by ABC to Ilya one years old PM, but more isolation with virtualization and more browsers restrictions would not be too much for improving the security features.

Rgds

 

Donation? It's not a secret, I suppose, that, nowadays, all the AV-Comparatives tests (at least, single-product test definitely) are paid. But I doubt Andreas hides problems of the products tested. The MS Installer issue, discovered by the tester, was here and displayed with the review.

As about samples testing- it's quite hard to find one can penetrate DefenseWall. And I do my best to keep the things this way.

 

Remember this Ilya from several years ago.

I will ask clearly and conciseley:

Is it possible to havest any malware droppers in complete safety if allowed to execute as trusted or untrusted?