DefenseWall - what use?

Discussion in 'other anti-malware software' started by rendez2k, Aug 15, 2008.

Thread Status:
Not open for further replies.
  1. rendez2k

    rendez2k Registered Member

    Joined:
    Aug 3, 2007
    Posts:
    315
    Location:
    UK
    This might be a stupid question, but I won a free licence for DefenseWall a while ago and never got round to installing it. I'm not that well up on what it actually does? More to the point, I'm running ESET Smart Security, BOClean and Sandboxie (when required) so do i need it or does it replace any of these?
     
  2. ambient_88

    ambient_88 Registered Member

    Joined:
    Jun 23, 2008
    Posts:
    854
    DefenseWall is a policy-based sandbox. What it does is separate untrusted and trusted processes. Threat gateways, such as a browser (and applications that connect online), are marked as untrusted so that any file it downloads won't be able to harm your system.

    Looking at your setup, you really don't need DefenseWall. Nevertheless, it is still a great addition to your security setup.
     
  3. Dark Shadow

    Dark Shadow Registered Member

    Joined:
    Oct 11, 2007
    Posts:
    4,553
    Location:
    USA
    As ambient said can't add any more to it other then you one Lucky person and congrats.I did not win:oops:
     
  4. chrome_sturmen

    chrome_sturmen Registered Member

    Joined:
    Apr 29, 2006
    Posts:
    785
    Location:
    Sverige
    Defensewall would be closer kin to sandboxie than an ativirus or antimalware product, but even being, that kinship would be somewhat removed.

    With sandboxie, you choose and configure what you want sandboxed, and sandboxie totally isolates these programs from the system.

    Defensewall, comes with an inbuilt list of programs it considers potential attack vectors, and automatically runs those programs with lowered rights, so they can't harm your system. It also employs some other defense tactics and to a limited extent, sandboxing. You can configure the inbuilt list of programs, and set exclusions or inclusions.

    One way you may use defensewall together with sandboxie, is to run your browser in sandboxie (and whatever else you want) exclude those same programs in defensewall, then let defensewall handle other potential attack vector programs. I mean I wouldn't take the time to sandbox every potentially threatening program on my system, so in this regard it's easier to let defensewall watch over things.

    Using the two together properly, it would probably be rare that you would ever even need your antivirus.

    I imagine there will be others that can give you some more in-depth information-good luck:thumb:
     
  5. ambient_88

    ambient_88 Registered Member

    Joined:
    Jun 23, 2008
    Posts:
    854
    DefenseWall is the only resident security application I use. So far, it works really great. No malware infection whatsoever.
     
  6. farmerlee

    farmerlee Registered Member

    Joined:
    Jul 1, 2006
    Posts:
    2,585
    It doesn't replace any of the apps you have but it would certainly help to secure your system more.

    Personally i find defensewall far more useful than resident scanners. Defensewall and sandboxie are my only resident security apps. I run my browser sandboxed and i run sandboxie restricted with defensewall. Theres minimal impact on my systems performance and stability is very good.
     
  7. chrome_sturmen

    chrome_sturmen Registered Member

    Joined:
    Apr 29, 2006
    Posts:
    785
    Location:
    Sverige
    what, no further responses? this program kills - i mean, it's not called defensewall for nothin:thumb:
     
    Last edited: Aug 17, 2008
  8. rendez2k

    rendez2k Registered Member

    Joined:
    Aug 3, 2007
    Posts:
    315
    Location:
    UK
    Well personally, I've had nothing but trouble with my PC since I posted the original message (hard disk corruption) but I did manage to give it a quick try before it died. I had some confusion about what it was doing. With say sandboxie, when I run my browser and say download a file, everything is protected and kept away from the 'real' system, and when I run the downloaded file its still in the sandbox correct? But with DW, the files appeared to be on the system - so in what way is it protecting me? It also killed Skype and stopped me from dialling out but I guess I can just omit that.
     
  9. CogitoErgoSum

    CogitoErgoSum Registered Member

    Joined:
    Aug 22, 2005
    Posts:
    641
    Location:
    Cerritos, California
    Hello rendez2k,

    With experience, knowledge, common sense and/or practicing safe hex, DefenseWall(DW) can effectively replace all of the above except for the firewall. The good news is that Ilya will be incorporating outbound network control for "untrusted" applications or processes in the not too distant future. For more information regarding DW, please take a look at the following links below.

    http://gladiator-antivirus.com/forum/index.php?showtopic=76205&st=0&p=211890&#entry211890 (Post #5)
    http://gladiator-antivirus.com/forum/index.php?showtopic=76205&st=0&p=211899&#entry211899 (Post #9)
    http://gladiator-antivirus.com/forum/index.php?showtopic=76205&st=0&p=211920&#entry211920 (Post #11)

    Hope this helps.


    Peace & Gratitude,

    CogitoErgoSum
     
  10. LoneWolf

    LoneWolf Registered Member

    Joined:
    Jan 2, 2006
    Posts:
    3,408
    Have you posted your problems with DefenseWall at thier forums?
    Ilya is a very active/helpful developer.
     
  11. rendez2k

    rendez2k Registered Member

    Joined:
    Aug 3, 2007
    Posts:
    315
    Location:
    UK
    Problems? Only Skype was the issue and I'm sure I could have sorted that out with a little more playing. The others were just usability questions really but might be worth a post.
     
  12. muf

    muf Registered Member

    Joined:
    Dec 30, 2003
    Posts:
    926
    Location:
    Manchester, England
    When you run your browser 'untrusted' by DW then EVERY file downloaded through your browser is 'untrusted'. That means that those file can't get access to do any damage to sensitive area's of your system.

    muf
     
  13. Ilya Rabinovich

    Ilya Rabinovich Developer

    Joined:
    Sep 13, 2005
    Posts:
    1,543
    In fact, there are two main sandboxing approach- keep everything into the virtualization contained (that cause a need of trashing it out from time to time, in fact, very frequently) or keep the trusted/untrusted file status and run aplications according it.
     
  14. rendez2k

    rendez2k Registered Member

    Joined:
    Aug 3, 2007
    Posts:
    315
    Location:
    UK
    OK, so I'm in a protected FF. I download say an exe and that now has a protected tag applied to it (how can I tell though - does the icon change for example?). Surely when I install the download it may not work if it can't have access to say the registry or certain parts of Windows? Or is it best to remove the protected status first? Sorry if these are all obvious questions but I'm just trying to get my head around whats going on before I trust it 100% ;)
     
  15. Ilya Rabinovich

    Ilya Rabinovich Developer

    Joined:
    Sep 13, 2005
    Posts:
    1,543
    If you trust to software- install as trusted.
     
  16. CogitoErgoSum

    CogitoErgoSum Registered Member

    Joined:
    Aug 22, 2005
    Posts:
    641
    Location:
    Cerritos, California
    Hello rendez2k,

    When one downloads an .exe or program via a threatgate application(web browser or email client) it will be marked as "untrusted" which is considered DefenseWall's(DW) protected tag. One can determine if this .exe has "untrusted" status by one of three ways. First of all, by right-clicking the .exe in question, hovering one's mouse pointer over "DefenseWall HIPS" and then clicking upon "File properties". Secondly, by right-clicking the DW system tray icon, clicking upon "Main", clicking upon the "Untrusted applications" tab and checking to see that the .exe in question appears in this list. Lastly, by physically opening the .exe in question you should see "(DefenseWall Status: Untrusted)" somewhere on the top-most edge of the windows border.

    Provided that the .exe in question was downloaded from a legitimate, reputable and trusted source and scanned with VirusTotal or one's resident antivirus scanner or other means, if one is still intent on installing this .exe all one needs to do is right-click this .exe, hover one's mouse pointer over "DefenseWall HIPS" and then click upon "Run as trusted".

    If you have not yet done so, please take a look at the following link below.

    http://gladiator-antivirus.com/forum/index.php?showtopic=74162&st=0&p=208009&#entry208009 (Post #4)

    Hope this helps.


    Peace & Gratitude,

    CogitoErgoSum
     
    Last edited: Aug 17, 2008
Loading...
Thread Status:
Not open for further replies.