Defensewall whitelist questions

Discussion in 'other anti-malware software' started by Monkey_Feces, Apr 10, 2007.

Thread Status:
Not open for further replies.
  1. Monkey_Feces

    Monkey_Feces Registered Member

    Joined:
    Aug 24, 2006
    Posts:
    52
    I'm a lazy ass and don't want to use DW's expert mode since I am no expert. Are the whitelisted program lists proactively created after some sort of application analysis? What if I accidentally run an altered version of a default whitelisted app? Would DW catch it and make it run untrusted? Basically, how safe am I when I use default mode vs expert?
     
  2. Kees1958

    Kees1958 Registered Member

    Joined:
    Jul 8, 2006
    Posts:
    5,857
    HI,

    You only have to enter the untrusted aps. There are some defaults, but make sure all your e-mail, chat, skype, webbrowser, p2p, gamespeak, phone download softeware is added (via a standard add file windows dialogue).
     
  3. Monkey_Feces

    Monkey_Feces Registered Member

    Joined:
    Aug 24, 2006
    Posts:
    52
    Are you saying I should manually run all apps I open with the right click menu as untrusted? Secondly, does defensewall offer any user aid or information via context menus/tooltips? I find that its interface and help file are lacking. How will I know if I'm infected with anything if everything is done manually with defensewall? If that's the case, I'm thinking of sticking exclusively with Prevx1. Out of every other HIPS, it wasn't too intrusive like SSM or a resource hog like CyberHawk.
     
  4. Ilya Rabinovich

    Ilya Rabinovich Developer

    Joined:
    Sep 13, 2005
    Posts:
    1,543
    There are four ways to run application as untrusted.

    1. There is built-in list of known threatgate applications. It installs on demand or during installation process.
    2. Add in into untrusted list manually.
    3. With right-click menu.
    4. Application have been created by untrusted process and already in untrusted list (default mode).

    Yes, via Explorer's context menu.

    Will be improved for v2.0.

    1. If malware is within untrusted area- you will never been infected as malware won't be able install itself propertly into your system.

    2. Definition of penetration is a not DW's job as it is not an expert HIPS. At least, current versions...
     
  5. ErikAlbert

    ErikAlbert Registered Member

    Joined:
    Jun 16, 2005
    Posts:
    9,455
    That's what I need in my frozen FDISR-snapshot, to protect me against infections in the period between TWO reboots.
    Security softwares that prevent the installation and execution of malware have my full attention.
    I have Anti-Executable and DefenseWall on my wish list already. Now I'm trying Sandboxie.
    Even when these three softwares fail, I still have my frozen snapshot to remove the rest.
     
  6. Kees1958

    Kees1958 Registered Member

    Joined:
    Jul 8, 2006
    Posts:
    5,857
    HI, Monkey face

    Defensewall is real easy. The default programs marked by DW as untrusted my wife uses are:
    - MS outlook express mail
    - MS internet explorer
    - MS media player

    Some weak programs are added by DW to this list by default
    - hh.exe
    - winhlp.exe
    - tftp.exe
    - ftp.exe
    - ntvdm.exe

    I added:
    - LimeWire as her P2P program
    - Scriptdefender (it intercepts all scripts, now all scripts run untrusted)
    - 7Zip (is my default unzip program, DW handles windows zip, but with
    this 'trick' all archives unpacked files are untrusted)
    - DVD/CD Rom, the 2 USB-stick drives and the floppy drive
    - The shared directory of limewire and the incomplete download directory
    - Her Nokia 73 download manager

    So all is very limited and very transparent.

    Erik Albert,
    When you use an anti-excutable (AE of FD which would be your first choice due to its compatibility with frozen snapshots, on-line armour, primary response safe connect) with default white and black lists and DefenseWall
    you problably have the safest and user friendliest defense on top of your R.I.P.S protection
     
    Last edited: Apr 11, 2007
  7. ErikAlbert

    ErikAlbert Registered Member

    Joined:
    Jun 16, 2005
    Posts:
    9,455
    Finally somebody at Wilders, who fully understands me. :)

    P.S. for all members :
    R.I.P.S. doesn't exist, I heard about H.I.P.S. and C.I.P.S., but never R.I.P.S.
    It's my sense of humor. LOL.
     
  8. Peter2150

    Peter2150 Global Moderator

    Joined:
    Sep 20, 2003
    Posts:
    17,039
    Aren't Rest In Peace Systems run by funeral directors:D
     
  9. ErikAlbert

    ErikAlbert Registered Member

    Joined:
    Jun 16, 2005
    Posts:
    9,455
    That is a part of the joke, my R.I.P.S. can also end up in a complete disaster. :D
     
Thread Status:
Not open for further replies.