Firewall and Hardening Systems

Discussion in 'other firewalls' started by sweater, Aug 28, 2005.

Thread Status:
Not open for further replies.
  1. Rilla927

    Rilla927 Registered Member

    Joined:
    May 12, 2005
    Posts:
    1,740
    I was just thinking, Arup mentioned that Samurai will pop up and ask if you want to allow/deny any drivers to be installed. Will samurai give an actual description of the driver, such as "Nastiedogs.exe" is trying to start?

    Since permissions are taken over by Samurai, when running ProcessGuard, wouldn't you have to take permissions away from ProcessGuard to install any type of drivers? Therefor, the two progies would clash in that respect? If so, how would you go about that?

    Thanks as always!
     
  2. Kerodo

    Kerodo Registered Member

    Joined:
    Oct 5, 2004
    Posts:
    8,007
    I think Arup meant that Antihook would popup and ask about any driver installations. Samurai isn't something that is resident and running. Samurai is similar to Harden-It in that it is a friendly interface for making changes to your system and registry. Neither Samurai or Harden-It will be running on your PC though.
     
  3. Rilla927

    Rilla927 Registered Member

    Joined:
    May 12, 2005
    Posts:
    1,740
    Hi Kerodo,

    What is Antihook? I may be misunderstanding, but he specified Samurai as popping up with permissions for drivers.

    I don't know Kerodo, I guess we'll see.
     
  4. Kerodo

    Kerodo Registered Member

    Joined:
    Oct 5, 2004
    Posts:
    8,007
    Here is a link to AntiHook, it's very good:

    http://www.infoprocess.com.au/

    Perhaps I am wrong, but I don't think Samurai is a resident program so it wouldn't be able to popup with anything.

    But I am sure Arup will clarify later tonight... :)
     
  5. WSFuser

    WSFuser Registered Member

    Joined:
    Oct 7, 2004
    Posts:
    10,638
    actually u have the option to let samurai run at startup and it does prompt for driver installation.
     
  6. Kerodo

    Kerodo Registered Member

    Joined:
    Oct 5, 2004
    Posts:
    8,007
    Ok, I thought that option was only for if you wanted to make sure the settings were reapplied after each bootup. Don't know what it would do in the way of driver prompts, and what if a piece of malware wanted to install a driver later? Or does it check for new drivers at every boot? I must be missing something.. ;)
     
  7. Rilla927

    Rilla927 Registered Member

    Joined:
    May 12, 2005
    Posts:
    1,740
    Kerodo you are right, Arup did say they weren't resident programs (Samurai and Harden-It) that run on your computer. But, the impression I got, Samurai ends up allow/denying permissions for drivers some how.

    Thanks for the link for Antihook. Looks like a great little progie.

    Call me paranoid, I don't know whether I'm going overboard or what, but I've had so many hardware issues (thanks to the manufacturer) and malware issues. I will give you a list of security apps I have, and believe it or not, all these progies have never made it on the system all at one given time together. I have had a lot of software issues as well, you know how it is when your first learning a new program, you make some mistakes as you go a long, well may be you guys haven't, but I have.

    Nod32 (will be purchased in next few days)
    Look'nStop (will be purchased in next few days)
    BOClean
    Online Armor
    Attack Shield Worm Suppression
    Worm Guard
    RegDefend
    ProcessGuard
    Port Explorer
    TDS-3
    Microsoft Anti Spy
    Spyware Doctor
    Spysweeper
    Pest Patrol
    Spycatcher
    Adaware SE Pro
    Benign
    Mailwasher Pro

    I was hoping by learning some different/better techniques to harden system, so I could eliminate some of these programs.
     
  8. Kerodo

    Kerodo Registered Member

    Joined:
    Oct 5, 2004
    Posts:
    8,007
    If you ask me, you could eliminate all of those, except:

    Nod32
    LookNStop

    and then add AntiHook as well. That would cover you. AntiHook will catch almost everything else.

    Could also apply Harden-It and Samurai for good measure.

    If you do use AntiHook, you really ought to start with a clean system, which means it'd be best to reformat and reinstall to make sure you've got no known malware/spyware on it from the start.
     
  9. Rilla927

    Rilla927 Registered Member

    Joined:
    May 12, 2005
    Posts:
    1,740
    Kerodo take a look at post # 32 in this thread.
     
  10. Kerodo

    Kerodo Registered Member

    Joined:
    Oct 5, 2004
    Posts:
    8,007
    Yes, I know.. Did see that already. We will have to wait for Arup's comments on it I guess.. :)
     
  11. Rilla927

    Rilla927 Registered Member

    Joined:
    May 12, 2005
    Posts:
    1,740
    Five of those progies I don't use anymore. I'm definitely going to apply Samurai and Harden-It before I even put any software on.

    I just hope I don't have a hard time setting up my router to work with Look'nStop. I understand everything up to a certain point and then I get lost.
     
  12. Notok

    Notok Registered Member

    Joined:
    May 28, 2004
    Posts:
    2,969
    Location:
    Portland, OR (USA)
    Do you have full versions of all of those, or are you trialing some to see which you want to buy? If you have the full version of PG, for example, there's no point is getting Anti-Hook with the other stuff you have. Also Online Armor 1.2 will cover a LOT more when it comes out, and will even let you trim down on some of the stuff you already have. It's not too far away, either, so I would wait before getting much else. Other than that it looks like a good setup :) You could probably keep your paid spyware scanners and cut out the free ones, if you wanted to.

    You may not have to do anything, I didn't.
     
  13. Rilla927

    Rilla927 Registered Member

    Joined:
    May 12, 2005
    Posts:
    1,740
    Hey, how could both of us have the same time zone when you're in LA and I'm in Ohio?

    I'm sorry this was mean't for Kerodo, but Notok beat me to punch.
     
    Last edited: Oct 5, 2005
  14. Rilla927

    Rilla927 Registered Member

    Joined:
    May 12, 2005
    Posts:
    1,740
    Yes Notok those are all full versions, no trials.

    Mike is adding some more real nice features for Online Armor I hear.

    And your right, I said no more.
     
  15. Rilla927

    Rilla927 Registered Member

    Joined:
    May 12, 2005
    Posts:
    1,740
    Notok I just spotted what you said about the router and LNS. I'm sorry forgive me, I'm blind as a bat sometimes.

    You didn't have to do any configuration from Patrice's Sticky for your Router?
     
  16. hollywoodpc

    hollywoodpc Registered Member

    Joined:
    Feb 14, 2005
    Posts:
    1,325
    Hi Rilla .
    Online Armor is very good as it is now . And Samurai works as is . No need to reconfigure . Set it up and it goes . As for the popups , I never get any . I am confused as to why others would get pop ups from Samurai . I would certainly keep Online Armour , along with Nod and the firewall you chose . As Notok mentioned , PG is not worth disissing if it is the pay version .
    Hope that helps
     
  17. Notok

    Notok Registered Member

    Joined:
    May 28, 2004
    Posts:
    2,969
    Location:
    Portland, OR (USA)
    Lol, np.. happens to everyone from time to time, I think :) Nope, I didn't have to configure anything for the router at all. I use Phant0m's ruleset, so I did put in my DNS server addresses, and imported the rule for FTP clients becuase some download sites use FTP, but that was about it. Your router may work differently, however, so I can't guarantee that you won't need it, but there is a chance you won't.

    Yup, and if you've got PG full there's no reason to use Samurai's driver blocker anyway.
     
  18. Rilla927

    Rilla927 Registered Member

    Joined:
    May 12, 2005
    Posts:
    1,740
    Thanks to both of you fellas for your replies.

    Notok, the problem is I haven't had PG installed for a while, so I need to re-learn the program. I also discovered I was giving a lot of permissions that were wrong in PG.

    So as an extra layer of defense that's why I wanted to use Samurai and Harden-It.

    @Hollywood

    Online Armor is an excellent progie, but I had to uninstall it because it kept looking for an internet connection everytime I would restart, so that was interfering with my installs of progies and also, I couldn't finish that last snapshot for my uninstaller program that I used for all my installs of programs. Mike said this would be resolved in v1.2 in about six weeks.
     
  19. Notok

    Notok Registered Member

    Joined:
    May 28, 2004
    Posts:
    2,969
    Location:
    Portland, OR (USA)
    I would use Harden-It anyway, nothing else is going to cover that stuff. But for PG, just turn execution protection off and set it in learning mode for a while and you should be good. There's nothing wrong with Samurai, PG is a lot more fine tuned at this point. I mainly recommend Samurai for experienced users, moreso than PG, until it becomes a more 'mature' program.

    This can also be resolved by changing the auto-update to manual only. Just remember to check for updates once in a while.
     
  20. Rilla927

    Rilla927 Registered Member

    Joined:
    May 12, 2005
    Posts:
    1,740
    Ya know what's really funny, I was going through some posts to PG and discovered that your browser should not have global hooks, access physical memory, and there were some other stuff but I don't remember off hand what they were. After reading all this, this was the same set up I had.

    The person that posted said PG was in learning mode and these were the permissions that were set by being in learning mode, not the user. Then you have the moderators stepping in saying these settings/permissions were wrong. According to them these permissions that were given would allow anything to by pass AV,FW and any other security apps you have. My mouth hit the floor because that the same permissions I had for PG.

    I have a copy of the post because I subscribed to it. That's why I'm a bit confused about PG now.

    So you think Samurai may be a bit to much? I know I'm not as experienced as you guys, no where close, but I'm the type of person that's game for anything the first time around, and if I find it isn't for me I will 86 it. For all I know it could be so complex I would never understand it.

    And thanks for the tip for OA. Thanks for the chat Notok! :)
     
  21. Arup

    Arup Guest

    Rilla,

    I am behind a router so my inbound is protected and also being an eternal leach, always look for quality freebies and believe it or not, good quality ones do exist,just have to look for them, so all I use is Antihook and Samurai with Tea Timer from Spybot and for anti-virus, I use free Avast. When I was on dial up, I used the wonderful CHX for inbound protection. Both my PCs are dual CPU, one is a dual P-III with 1GB memory, other a dual Athlon 64 with 2GB memory and even then, I try to keep the application load as light as possible so that I can have the full potential for these PCs for their intended work.
     
  22. Rilla927

    Rilla927 Registered Member

    Joined:
    May 12, 2005
    Posts:
    1,740
    I fully agree with you, it's just I was never brave enough before to do that. Since coming to Wilders I have found a lot of really nice free progies with no junkware, thanks to all the members suggestions. Hey, I'm a late bloomer!

    Arup can you comment on post # 51? ;)

    Thanks so much!
     
  23. Arup

    Arup Guest

    Samurai checks for particular Rootkit behaviour so if you are installing any kind of drivers, it will pop up and ask.
     
  24. Rilla927

    Rilla927 Registered Member

    Joined:
    May 12, 2005
    Posts:
    1,740
    That's exactly what I thought. Kerodo was unsure.

    Thanks Arup
     
  25. Tom772

    Tom772 Guest

    Hi guys, This thread has been really interesting to read through. I have used Safe XP and Harden IT and they both seem to be working well on my system, but I tend to set to the default setting and adjust to suite my needs. One thing i wanted to ask is does Samuri detect any setting that have already taken place while using SafeXP and harden It? Also are there any users who would give a few screen shots of Samuri if possible.

    Thanks Tom
     
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.