Difference/Conflicts PG and TPF2005Pro

Hi,
Is there anyone here who can inform me what the difference is between
PG and the way Tiny Personal Firewall 2005 System 'Security Guards'
part of process protection works?

I am testing both together for quitte a while now, and i can see some overlap.
But is there anything that one of the two progs to better REGARDING processes?

Are there any known conflicts if you are using both (did not found them yet).

Thanks.

 

TPF is more complicated. On the other hand, it offers many features which PG does not offer (e.g., you can set rules that disallow internet applications to access sensitive folders or partitions, you have control over the registry (similar to RegDefend) and much more).

PG has been (sucessfully) attacked in many ways (e.g., http://www.security.org.sg/code/sdtrestore.html). But now it seems that no major security holes are left.

Although it seems that TPF has not been seriously attacked so far I believe it is also quite secure.

I use PG and TPF simultaneously. It works.

 

hi, IIIIIIII,

Yes i know the differences between the rest of the software.
but i don't want to discuss the rest of TPF here.

The question was... Is the way that the process protection works, the
same in both products? ( prevent stop/injection etc.)

Yes i know that this works, but WHY do you run both
is there a reason other then it 'feels' more secure?

 

This site doen't mention PG at all. Any other sources for your assertion? A (rather) quick search on Google didn't give any results.

 

@tuatara

I prefer PG for process protection (execution, termination, injection etc.) & driver control, hook control. I (almost) trust PG because it has been attacked so many times that there is reason to believe that no further security holes are left. Moreover, it is stable and uncomplicated.

I use TPF because it offers features which PG does not offer. I do not completely replace PG because I do not completely trust TPF (although I have tried many many attacks w/o success). Probably, it is as safe as PG (but less convenient).

@tlu

http://www.security.org.sg/vuln/procguard.html

 

Thanks. I now remember that I had seen that site before.

 

Tuatara wrote:

IIIIIIIIIIIIIII wrote:

Oke, that is an honest and clear answer.

IIIIIIIIIIIIIII also wrote (about):

I didn't found anything in their (Tiny Personal Firewall 200 Pro) documentation/faqs etc. regarding this subject, so i think that there is no
such thing in TPF2005Pro as in Process Guard.

.....but i am not sure ...

So i also keep them running both.
And i don't know if there can be any conflicts, you might expect them.
But until now, i could not find them.

 

- some functions (is this the right word?) of PG and TPF2005 overlap. However, I do find that TPF asks me for my input before PG so perhaps TPF2005 is protecting at a lower level. However, I may be wrong here.

- PG is good in that it is a 'set and forget' it app. TPF requires a lot more tweaking.

- used to run PG and TPF together. But that slows down my system (a AMD64, 1GB RAM). And its not only because I have to allow a certain process twice.

- still trying to figure out how to protect certain apps from modification for TPF, which PG does quite well.

 

I don't know all the technical details about whats under the hood of each prog, but imo, it's overkill and a waste of resources to run both Tiny & PG. Both are very good progs, but I think the overlap would be great. The little bit of extra coverage would not be worth the resource use and risk of system instability.

 

This is near my opinion one of the most undocumented parts of the
Security Software area.

Which programs have conflicts if used together,
and how great is the overlap in %.

Since nobody has given any difference between PG and TPF2005PRO's process protection i must conclude that they are both the same,
and will disable a module in TPF2005 or PG.

I did a lot of tests the last days, but couldn't find a diff.

If there are others that are better informed please let me know
(can't really believe this meself).