GeSWall Free

Discussion in 'other anti-malware software' started by ssj100, Apr 10, 2009.

Thread Status:
Not open for further replies.
  1. ssj100

    ssj100 Guest

    This is mainly directed at Kees1958 (but anyone else using the Pro version of GeSWall please feel free to comment).

    Is GeSWall Free sufficient and safe enough to use, compared to the Pro version? I haven't tried GeSWall yet, but I am interested in what people who are using it have to say.

    The original web site gives a breakdown of Free vs Pro here:
    http://www.gentlesecurity.com/professional.html

    So the following aren't in the Free version:

    1. Malware termination options (this sounds rather important?)
    2. Automatic update for Safe Applications (again, this sounds very useful)
    3. Custom Safe Applications (sounds like could get away with this one)
    4. Safe Applications Wizard (again, probably can get away with this)
    5. Pre-configured safe applications (this sounds important, especially if you are not sure how to configure applications)

    So my question is, for the average user, presumably the Free version would be dangerous if not configured properly? It sounds like there is much more manual configuration involved in the Free version, and thus would not suit the novice user at all.

    Are the above observations accurate?
     
  2. Kees1958

    Kees1958 Registered Member

    Joined:
    Jul 8, 2006
    Posts:
    5,857

    The only main limitation is its data base of preconfigured safe applications (free only webbrowsers), the application wizzard (only when you use unknown internet facing programs).

    I have set notifications off, auto terminate attacks and security to high (which makes GeSwall absolutely quiet), guess the free settings are the default ones (notify and interactive termnination), so I doubt you woud miss it.

    Regards Kees
    Regards Kees
     
  3. 1000db

    1000db Registered Member

    Joined:
    Jan 9, 2009
    Posts:
    718
    Location:
    Missouri
    The auto-termination is nice. I have the alerts disabled so I never hear (or see) anything happening from GW. I have also noticed zero slowdown on browsing too. I haven't used the application wizard very much but when I did it wasn't that useful to me, but you may be different. The customization of rules is pretty sweet too. Pro has alot more (60+/-) applications preconfigured than the Free version.
     
  4. Kees1958

    Kees1958 Registered Member

    Joined:
    Jul 8, 2006
    Posts:
    5,857
    Yep, very little slowdown with GW.

    My current security combo (GeSWall and Drive Sentry) loads Chromium cold in less than a second on a E5200 at 3,06 Ghz (a low cost, entry range dual core). I have GW also containing network traffic.

    Successive Chrome starts in the blink of an eye. Taking into consideration that you can configure GW to act as an virtualisation sandbox (using redirect option), I feel pitty for all the hardcore Sandboxie and FireFox users complaining about initial load times of more than 10 secs (usability lab testing uses a 3 sec respond as a workable maximum reference).

    Cheers
     
  5. TerryWood

    TerryWood Registered Member

    Joined:
    Jan 14, 2006
    Posts:
    703
    Hi Kees 1958

    How do you configure Geswall as a Sandbox using ReDirect.

    Could you walk me through the essential set up please?

    Thanks

    Terry
     
  6. IceCube1010

    IceCube1010 Registered Member

    Joined:
    Apr 26, 2008
    Posts:
    963
    Location:
    Earth
    Not to get off-topic for a bit but I have FF 3.1 beta #3 with SBIE and CIS 3.9(Safe MOde/Clean PC/Stateful) and my startup is 3secs from a cold start. I'm running it on Vista Home (sp1) with a dual core 3.0G and 4G of ddr2 ram. Once I'm in the sandbox browsing speeds are lightning fast.

    Back on topic, I really like Geswall free also and felt it was quicker on my laptop. My laptop runs WinXP pro (sp3) using IE8 and CIS 3.9 with a dual core 1.7G and 1G ddr ram. My cold startup would be about 3seconds. When I put SBIE in replace of Geswall Free, the startup went to 7secs.

    Ice
     
  7. Kees1958

    Kees1958 Registered Member

    Joined:
    Jul 8, 2006
    Posts:
    5,857
    Hi Terry,

    When you are willing to use Chromium (go to http://build.chromium.org/buildbot/snapshots/chromium-rel-xp/, download last build of previous day and install in C:\chrome, this would be the geswall settings

    %HKCU%\Software\Google% File Allow
    %HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders\Cache% File Allow
    %HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders\Cookies% File Allow
    %HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders\History% File Allow
    %HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders\Local AppData%\Google\Chromium\ File Allow
    %USERPROFILE%\Local Settings\Application Data\Chromium File Allow
    * Network Allow
    \Device\NamedPipe\chrome File Allow
    \Device\NamedPipe\lsass File Redirect
    C:\ File Read Only
    D:\ File Read Only
    D:\Downloads File Allow
    D:\TEMP File Allow
    HKEY_CURRENT_USER Registry Redirect
    HKEY_LOCAL_MACHINE Registry Read Only


    When you want to try geswall free PM me, I have some other tips
     
  8. TerryWood

    TerryWood Registered Member

    Joined:
    Jan 14, 2006
    Posts:
    703
    Hi Kees

    Thanks

    Terry
     
  9. dell boy

    dell boy Registered Member

    Joined:
    Apr 13, 2009
    Posts:
    240
    Location:
    uk, england
    im not familiar with geswall or how to work it but on youtube theres a reviewer guy who shows you how to use it as a sandbox and tests it on some nasty sites and shows how it protects.
    here
    watch some of his reviews hes actually quite good
     
  10. MagisDing

    MagisDing Registered Member

    Joined:
    Jan 6, 2009
    Posts:
    41
    Unfortunately, the link that you quote is unavailableo_O Being eagerly to see the attractive videos;)
    I am using Geswall with Firefox. I am wondering what configurations do I need to make it clear all the caches automatically after shutdown just like what sbie does(virtualization).
    I add two rules as followings, but it seems doesn't work:blink: :
    D:\Documents and Settings\Local Settings\Application Data\Mozilla\Firefox\Profiles\lce4hvjt.default\Cache Files Redirect
    D:\Documents and Settings\Local Settings\Application Data\Mozilla\Firefox\Profiles\lce4hvjt.default\OfflineCache Files Redirect

    (Those two folders above are where my caches are saved.)

    BTW: the private message system is unavailable too...:'( I am really learn the precious tips from Kees:rolleyes: )


    And I compared the rules that Kees gave and the ones Geswall pro has and found :
    By default,FF(isolated) can read only the trusted resource "\Device\NamedPipe\lsass"(file),but in the Kees's rules, the access rights are "redirect", does it make any differences?
     
    Last edited: Apr 16, 2009
  11. Blackcat

    Blackcat Registered Member

    Joined:
    Nov 22, 2002
    Posts:
    4,010
    Location:
    Christchurch, UK
    It's fine here ;)
     
  12. 1000db

    1000db Registered Member

    Joined:
    Jan 9, 2009
    Posts:
    718
    Location:
    Missouri
    In the Tools>Options>Privacy tab in FF there are options to clear browsing data upon exit of FF. It doesn't have to be done through GW. All of the files in your cache are untrusted anyway so they can't infect your system files.
     
  13. MagisDing

    MagisDing Registered Member

    Joined:
    Jan 6, 2009
    Posts:
    41
    Yeah, that's a simple and good method but I am still confused why my rules didn't take effecto_O
     
  14. 1000db

    1000db Registered Member

    Joined:
    Jan 9, 2009
    Posts:
    718
    Location:
    Missouri
    You might need to have %USERPROFILE% before the rules. Also, that rule will only apply to new files being added to the cache and won't delete the files that were in there before the rule was created. Kees and Aigle seem to know the most about GW though.
     
  15. Kees1958

    Kees1958 Registered Member

    Joined:
    Jul 8, 2006
    Posts:
    5,857
    Better, Try the GesWall forum. Henk is a real configuration expert (I am more into usability). I do not use FF, so have no idea how to. Easiest way to achieve that is by using Chromium or Iron. The way FF is designed (a monolith) with plug ins etc not clearly seperated et cetera. They (FF) could have taken a lesson in clear design by looking at Opera in the past, today [I think] Chromium is the one with advantage through software architecture, Opera has the advantage of a well settled past, not ruining the good initial software architecture is also a credit to the Opera developers. But when I criticise FF I will problably asked to POQ soon. :p
     
    Last edited: Apr 16, 2009
  16. aigle

    aigle Registered Member

    Joined:
    Dec 14, 2005
    Posts:
    11,047
    Location:
    Saudi Arabia/ Pakistan
    Did you delete the default Allow rule for FF profile( including the cache)?
     
  17. MagisDing

    MagisDing Registered Member

    Joined:
    Jan 6, 2009
    Posts:
    41
    That's probably the point:)
    There exists one default rules as follows:
    And I add new rules under that one. So here comes another question, what is the priority of the rules? From the top to the bottom or some else?:blink:
     
  18. aigle

    aigle Registered Member

    Joined:
    Dec 14, 2005
    Posts:
    11,047
    Location:
    Saudi Arabia/ Pakistan
    I don,t know. Try deleting the default rule and then add ur rules to see if they work.
     
  19. metalforlife

    metalforlife Registered Member

    Joined:
    Mar 29, 2009
    Posts:
    96
    Does GeSWall provide outbound filtering? If not, then, is there a software which does? Basically, I am looking for protection against data thieving malware - keyloggers, screen loggers, etc.
     
  20. jmonge

    jmonge Registered Member

    Joined:
    Mar 20, 2008
    Posts:
    12,883
    Location:
    Canada
    yes it does;)
     
  21. aigle

    aigle Registered Member

    Joined:
    Dec 14, 2005
    Posts:
    11,047
    Location:
    Saudi Arabia/ Pakistan
    Hmmm. Yes it does but it,s not a piece of cake. You need to configure it.
     
  22. metalforlife

    metalforlife Registered Member

    Joined:
    Mar 29, 2009
    Posts:
    96
    Brilliant. System wide?
     
  23. jmonge

    jmonge Registered Member

    Joined:
    Mar 20, 2008
    Posts:
    12,883
    Location:
    Canada
    that will depend how you configure it and that is not easy, have to dig in the app alitle:)
     
  24. metalforlife

    metalforlife Registered Member

    Joined:
    Mar 29, 2009
    Posts:
    96
    From "system wide", I meant, a complete substitute for a software firewall. Like the XP firewall, except outbound, in place of outbound monitoring.
     
  25. jmonge

    jmonge Registered Member

    Joined:
    Mar 20, 2008
    Posts:
    12,883
    Location:
    Canada
    oh no,if you want to have a complete solution for your system "Comodo" is for you and free cause geswall is only a sandbox type protection and has outbound protection for applications that are sandbox
     
Loading...
Thread Status:
Not open for further replies.