Defensewall

Don't forget- HIPS version will be available even after the Persona Firewall one will comes out. Just one registry value set- and that's it.

 

See my answer to Lebowsky.

 

Ilya I think some of the questions and answers asked above, should be in FAQ on your website

 

Yes, and they will be there. In time, naturally.

 

Thanks Ilya for making DefenseWall

 

Hello Ilia,
The programs is Great(for me)!
I like Sandboxing programs and i think this way is the future of all Antivirus Software.
Ilias sdelai vsio akyratno i tolko ne speshi.Programa doljna buit somoia lucheia ot vseh.
Ydachi.

 

good choice and welcome to wilders by the way is that italian language what you typed? cool

 

Non...
But Ilia got to understend me!

 

russia

 

Spasibo. Yest luchshaya i budet luchshaya. A menyshe mne ne interesno.

 

Ia brosola vseh ostelnuie radi DefenseWall.
Ne razocharovai menia.Moia nedejda y tebia.Ia ystala ot ostelnuih Antivirosof_oni tejeliue dlia sistema i postoianno skaniryet.Ochen mnogo resursov e na konets nichego.
Bolshoe sposibo.DefenseWall ochen leghoia.

 

stas, remember Ilya has never promoted DefenseWall as the be all of anti-malware products. He has mentioned on many occasions to use it as a layer, with another program, an AV for example.

You're right in that you wouldn't show the rollback feature to someone who's relatively a novice. They could remove important files that were downloaded and so on.

The way I see it, and has been pointed out on the forum many times, yes, malware can exist on a system with DefenseWall, and can be passed on to others, through copying/sharing files from one system (with DefenseWall) to another (without protection). And yes running files as 'trusted' from an unknown source can cause problems.

But for the majority of users who have DW installed and apply a small amount of common sense (checking downloads are from trusted sources), these people should have worry-free computing, no damage to the system, no down-time, no barrage of alerts asking complex questions, but a system that keeps on working.

And it'd be a light system too, without slowdowns. Your average-joe user can open email attachments, run files from their browser and keep on going without calling the local IT dude.

In my opinion, all a user has to do is run a couple of weekly scans, either online scans (Eset/A-squared), or with MBAM and a-squared free for example, or even a daily scan with Hitman Pro, and they should be fine.

Regarding the rollback function, after a few days, I found it easy to use. There are two approaches I think users can take, 1) scan the list and allow the files you want to keep, and discard the rest - I'd do this on a daily basis so the list was quite small each time I loaded it 2) scan the list (on an as-required basis) and delete only the files you think are untrustworthy and were installed without your knowledge.

I always chose the first, but the majority of users don't have to use it at all. If they were concerned something dangerous may have been download, all they would have to do is apply option two on an as-required basis.

See these threads here and here. Ideally, I don't think a user has to touch file and registry tacks at all.

 

The files I delete are usually related to browser settings, game settings, msn settings and so on. Usually only say 15 entries, and two of these might be pdfs I downloaded and want to keep.

Another pro to using DW, compared to other programs, is you can actually use all the files you download, they're right in front of you on the desktop for example. I can use these files for a week or so (or however long), and they can't cause any system damage whatsoever. And instead of then having to go and delete say 20 downloaded files from the desktop, 3 installation files and a whole program's installation, 10 music files I no longer want in another folder, I can remove them all in one hit.

It's similar to why people use CCleaner, to clear temp files they don't want on their computer. For example, while using DW and using aMSN, a clone of msn, and having it untrusted, I noticed every contact's photo is stored in a temp directory - and instead of having a whole pile of small thumbnail sized pics of a whole bunch of people you don't need to store on your system, you can clear them out in one go.

In sandboxie, you have to recover the file. In the paid version, you can recover the file to another folder which always runs sandboxed. Paid version of sandboxie to me can be setup similar to DW, but DW would be easier to understand from a novice perspective. Just download and run files.

 

True, but say a user wants to recover a few video files from sandboxie, once the files are recovered, there is the potential that they could have something else packaged with them.

In DW, these files can be on the desktop, you can use them for days, weeks, no matter how harmful they are, and after a week (for example) you decide to say 'see you later' to them through files and registry tracks.

Both programs have their pros and cons. As I said, the paid version of sandboxie, where I'd recover a file to another location which was always set to run as sandboxed, that was similar to DW. I'd recover files to say 'temp' on the desktop, and I could click on these and they'd always be sandboxed.

But novice users, could they be trusted in downloading attachments and always saving to the 'always sandboxed' folder, or would they suit DW, where they can use these attachments, for an infinite amount of time without any system damage occurring.

Depends on the skill of the user.

 

I found with sandboxie, there were times a file might have saved somewhere else and not to a recoverable folder.

Just using an example, awhile ago I used a p2p program, and files that were 98 per cent complete would suddenly disconnect.

I'd think, I got to listen to what that sounded like, the whole song was almost there! And I'd have to dig through in sandboxie, and recover this file from an 'incomplete' folder that I didn't have set to auto-recover (for obvious reasons, you don't want incomplete files being recovered).

Where in DW, using this same p2p program, I could see the downloads in front of me just by going to the incomplete file folder, and they're all there to listen to.

I can then decide to not touch DW's file and registry tracks, and just do the usual functions, delete files I don't want to keep, leave ones I want to keep.

Or, I could load up files and registry tracks, allow the files I want, and delete all the settings and other junk. Each to their own. Gave me something to do for a minute each day. ha! Sometimes you'd I'd an update, for example, and decide to keep it. Where in sandboxie, this update would be lost. Pros and cons to both.

 

i have used the rollback feature in defensewall for about 2 years now without any trouble it is very easy if one wants to pay attention

 

Not sure if you have the paid version of sandboxie, but if not, I'd recommend getting it to set up a folder to always run sandboxed, so you can test downloaded files out.

But DW has other features, such as letting the user know when keystrokes were being monitored and so on. I'm no expert in DW or sandboxie, all I can say, try one of them and you'll find you might prefer one or the other.

Many users here use and run both, sandboxie to dump all the temporary files on closing the browser, and DW to protect the system against any files recovered or any file run outside the sandboxed environment.

And have to make an edit - Ilya is on here every minute of the day, or close to, so if something does need fixing, he does his best to ensure it's fixed.

 

And without hijacking the topic, some users prefer shadow defender, reboot to clear away and dump everything.

I haven't tested the new version of DW, but hope it continues to do well.

 

Nail versus Screw arguments


DW is designed for protection not privacy
DefenseWall runs great with the default autoclean option of the registry and file track. Most junk will be removed by system cleaners anyway or your browser itself. DW paralyses any malware being zoo or zero day. it covers the zero day protection gap in a transparent, seamless and user friendly way.

Virtualisation session protection with zero trace privacy
Virtualisation (such as Returnil or Sandboxie) are great for clearing your ass after dodgy browsing/surfing. While they also serve a great protection feature during application or harddisk virtualisation, they require knowledge of the session/state (Am I in 'shadow' mode or is the file in the ´sandbox´), so they are for different usage and target audience.

Conclusion
A screw and a nail can both be used for securing paintings on a wall, but they serve different purposes. But you can use them for you house in any combination, depending your skills and needs/paranoia (Returnil + DW, DW + Sandboxie, etc)

 

i have trialed and tested dwsome time ago..great piece of software..definately in my top 3.the only reason i didnt buy it is because it couldnt cover the browser based vectors(xss,malware that read pc contents - like).and the fact that it used a lot of disk i/o which drained my laptop battery noticeably faster (i hear this was solved much time ago,tho)..i will definately be one of the first to try v3 when it comes out..oh and the other + of dw is Ilya..search all you want,you will never ever find that kind of fast and effective support in any other security product.

 

As it is for novice users, that's why I spent time in file and registry tracks, gave me control over what was being kept on the system.

I admit, first time I tried DW, I didn't like it. After a couple of months, came back to it, understood it better, and from then on, was hooked.

 

That is a wise policy. Many people (including me) are satisfied with DW the way it is now. IMO, DefenseWall is an excellent policy based sandbox and that's what users expect it to be.

Personally, I am not interested in firewall just because I am happy with the firewall I am using now. That said, I am always open minded and could change my views. If Ilya makes some pleasent surprise and proves his firewall concept is better than my current firewall, I'll buy it.

 

Same here.

 

Me to.
I think Ilia got to do something for cleaning the sandboxing.That will be great.
When we have a viruses on the sandbox got to be good to clean this sandbox(like Sandboxie)
Ilia are is this possible to do.
We can't stay with the viruses on the box.

 

hey i know what a folder is