Found a random Defensewall test

Discussion in 'other anti-malware software' started by chris2busy, Dec 24, 2008.

Thread Status:
Not open for further replies.
  1. chris2busy

    chris2busy Registered Member

    Joined:
    Jun 14, 2007
    Posts:
    477
  2. egghead

    egghead Registered Member

    Joined:
    Aug 27, 2005
    Posts:
    443
    Location:
    The Netherlands
    This is an old test from Kareldjag, a well known and knowledgeable tester.
     
  3. Murderlove

    Murderlove Registered Member

    Joined:
    Jul 18, 2008
    Posts:
    99
    Yes, it not really a random test. The test is also listed on the Defensewall site:
    http://www.softsphere.com/programs/ --> Test by Kareldjag (Definitively Excellent Product)

    Great test and excellent performance, eventhough it was a dated version of DW.
     
  4. chris2busy

    chris2busy Registered Member

    Joined:
    Jun 14, 2007
    Posts:
    477
    Well you never stop learning huh? :)
     
  5. demoneye

    demoneye Registered Member

    Joined:
    Dec 30, 2007
    Posts:
    1,356
    Location:
    ISRHell
    some major important stuff from test URL


    In the wild with real malwares


    "DefenseWall does not provide boot sector protection, and most of all, its service/driver is not a boot start but a system start: consequently, the protection during the boot is limited. Failed."

    b) Rootkit technology detection: failed.

    Trojans and backdoors

    * With BasicBackdoor : The file is launched ‘untrusted, and listens on local connections. As the backdoor just do open a connection, nothing is blocked by DefenseWall. Failed.

    * With Tx backdoor : This backdoor merely opens a connection, then nothing particular is blocked by DefenseWall. Failed.
     
  6. chris2busy

    chris2busy Registered Member

    Joined:
    Jun 14, 2007
    Posts:
    477
    i posted this although dated,to show how good DW did even from back then.It turns out i was the least informed here anyway.DW now has gotten ALOT better (version 1.4 is tested there while the current version is 2.x) and version 3.x is planned to have outbound(backdoor) protection too..
     
  7. Ilya Rabinovich

    Ilya Rabinovich Developer

    Joined:
    Sep 13, 2005
    Posts:
    1,543
    Correction- 2.50 will get outbound protection onboard.
     
  8. chris2busy

    chris2busy Registered Member

    Joined:
    Jun 14, 2007
    Posts:
    477
    Thats even greater..Ilya i'd like to hear a comment about the rootkit detection shown from these test from you :S anything improved since then?any plans to?
     
  9. Ilya Rabinovich

    Ilya Rabinovich Developer

    Joined:
    Sep 13, 2005
    Posts:
    1,543
    DefenseWall do not detect anything, it just blocks potential malicious activity. As about rootkits- it block both driver installations (ring0 rootkits) and process injections (ring3 rootkits).
     
  10. Cutting_Edgetech

    Cutting_Edgetech Registered Member

    Joined:
    Mar 30, 2006
    Posts:
    4,950
    Location:
    USA
    I gave defense wall V2.45 a try a month ago, and found out that every time i tried to block anything from launching it locked up my computer, and i would have to kill the program all together. Thus not offering me any real protection. Has anyone else had this problem?
     
  11. chris2busy

    chris2busy Registered Member

    Joined:
    Jun 14, 2007
    Posts:
    477
    no..definately a conflict :/ sorry this didn't work for ya
     
  12. Tony

    Tony Registered Member

    Joined:
    Feb 9, 2003
    Posts:
    721
    Location:
    Cumbria, England
    never had a problem like this.
    Contact Ilya though.
    If there are any problems with the program then he does want to get them fixed even if it is only one individual that is having the problem.

    His support really is first class.
     
  13. Ilya Rabinovich

    Ilya Rabinovich Developer

    Joined:
    Sep 13, 2005
    Posts:
    1,543
    Contact me, this must be a kind of conflict with your security setup programs.
     
  14. chris2busy

    chris2busy Registered Member

    Joined:
    Jun 14, 2007
    Posts:
    477
    Wow..i decided to re-trial dw(last time i did was over a year ago) and my eye caught that sandbox folder of sandboxie is by default set to untrusted..surprised me really(in a good way)..will full trial it and see if anything else arises and then probably go for it..

    The only drawback i noticed is that sometimes the gui grays out and no text is shown(although the ok and terminate buttons are still there) on alerts...
    I guessed that this must be the famous activeskin issue others are talking about..well since im on LUA+SRP even if it crashes its no biggy for me,because im much covered anyways..just wanted something for dll injections and i believe i have found it ;)

    (i know this might be irritating because others must be asking too,but when is this issue going to be resolved?)

    when vacations are over i will probably do some tests with it further.




    EDIT: under vista winamp is untrusted by default yet no asterisk ( * ) is shown nether in the taskbar or the window title (its nothing really,but everything counts :p u can add it in the next build i guess) :) really good impressions so far
     
    Last edited: Dec 25, 2008
  15. Ilya Rabinovich

    Ilya Rabinovich Developer

    Joined:
    Sep 13, 2005
    Posts:
    1,543
    WinAmp is using skin engine, so, asterisks are obsfufated and invisible.
     
  16. chris2busy

    chris2busy Registered Member

    Joined:
    Jun 14, 2007
    Posts:
    477
    That was fast :D thank you..i can also see it in the untrusted processes.everything is smooth!
     
Loading...
Thread Status:
Not open for further replies.