GeSWall v2.1

Discussion in 'other anti-malware software' started by AvianFlux, Nov 30, 2005.

Thread Status:
Not open for further replies.
  1. AvianFlux

    AvianFlux Registered Member

    Joined:
    Dec 7, 2004
    Posts:
    237
    GeSWall v2.1

    GeSWall ensures safe use of the internet in a gentle way!

    With GeSWall (GentleSecurityWall), you can safely surf the web, open e-mail attachments, chat, exchange files etc, regardless of the security threats posed by the internet. GeSWall protects you from intrusions and malicious software by isolating vulnerable applications. Isolation applies an access restriction policy that effectively prevents all kinds of attacks, known and unknown.

    Key Features

    Prevents key loggers, rootkits, backdoors.
    Prevents confidential file disclosure.
    Prevents intrusions.
    Prevents malicious software spreading.
    Independent of attack techniques.
    Easy to use - fully non-intrusive, no configuration required.
     
  2. beetlejuice69

    beetlejuice69 Registered Member

    Joined:
    Mar 16, 2005
    Posts:
    780
    Now this looks like a proggy to try out. Thanks.
     
  3. Arup

    Arup Guest

    Let me try it out, looks like the perfect thing to run with routers, thanks AvianFlux.
     
  4. ErikAlbert

    ErikAlbert Registered Member

    Joined:
    Jun 16, 2005
    Posts:
    9,455
    Is this a firewall (without fire) o_O
     
  5. WSFuser

    WSFuser Registered Member

    Joined:
    Oct 7, 2004
    Posts:
    10,632
    at its default level, when i launched IE and firefox, a dialog box poped up asking permission for the browser to access the internet. its options are difficult to access. u have to go into the program folder and run gswmmcsa.msc. it has a limited database of applications.

    heres gswmmcsa.msc (default is isolate known apps):
    http://img221.imageshack.us/img221/6519/geswall13ry.jpg

    and heres the green bar that appears on isolated apps:
    http://img221.imageshack.us/img221/5739/geswall25db.jpg

    if u hover ur cursor on it, a menu will appear in a few seconds where u can change a few settings about it:
    http://img221.imageshack.us/img221/2509/geswall35wf.jpg

    blink algo lets u change the transperency of the bar.
     
    Last edited: Nov 30, 2005
  6. rdsu

    rdsu Registered Member

    Joined:
    Jun 28, 2003
    Posts:
    4,456
    What a program...
    Database for applications!

    Definitively it's not for me...
     
  7. Notok

    Notok Registered Member

    Joined:
    May 28, 2004
    Posts:
    2,969
    Location:
    Portland, OR (USA)
    It's a sandbox that is preconfigured for several internet apps (which is standard among the sandbox apps like DefenseWall and BufferZone), and that prompts you to allow or deny actions taken (which is unique). It looks pretty cool, but it conflicts with my current betas, so I'll have to wait a bit before I can try it out. Looks pretty good, though :) (I did get to see a bit in safe-mode before I reimaged my drive.)
     
  8. rdsu

    rdsu Registered Member

    Joined:
    Jun 28, 2003
    Posts:
    4,456
    It damaged my Firefox profile...

    Very good...
     
  9. AvianFlux

    AvianFlux Registered Member

    Joined:
    Dec 7, 2004
    Posts:
    237
    Thanks. I didn't know exactly what catagory of software it fell under.
     
  10. AvianFlux

    AvianFlux Registered Member

    Joined:
    Dec 7, 2004
    Posts:
    237
    How did IT damage your profile? Did you fiddle around with the configuration at all?
     
  11. rdsu

    rdsu Registered Member

    Joined:
    Jun 28, 2003
    Posts:
    4,456
    All my extenstions disapear, my bookmarks are broken, and than I have to set a new profile...
     
  12. Notok

    Notok Registered Member

    Joined:
    May 28, 2004
    Posts:
    2,969
    Location:
    Portland, OR (USA)
    It probably redirects Firefox to look in the virtual area for your profile information. I believe you can put folders into the isolated area, you might back up your profile and try it. Once "isolated", the apps inside the GeSWall aren't going to be able to see anything outside of that isolated area.

    Yeah, they don't make that very clear, which does not lend to it's usability, but all the same features are there as BufferZone and DefenseWall.. the implementation just allows for more control, which is nice.
     
  13. GeSWall Team

    GeSWall Team Guest

    Hi everybody,

    about category, that is easy - Intrusion Prevention. The rest is all about methods.

    GeSWall does it by mandatory access policy also well known as
    multilevel security, particularly it uses standard information flow
    control and Bella-LaPadula models. For more details have a look at
    http://opensource.nailabs.com/lomac/ project.
    The traditional policy is extended in order to "mitigate" access decisions
    and make it less intrusive.

    Stricly speacking Sandbox is a "virtual machine". Though, it would be
    correct to say that GeSWall uses sandboxing approach to mitigate
    mandatory access policy decisions. So, sandboxing is just one of the
    technology GeSWall uses, but not main one.

    To VaMPiRiC_CRoW: we would be pleased if you could a little more details on your issue (http://www.gentlesecurity.com/support.php), so we can repro it. You could expirience some misbehaviour while application running isolated, but damaging something is not normal. To clarify, here is no so called "isolated area". Thanks!
     
  14. Notok

    Notok Registered Member

    Joined:
    May 28, 2004
    Posts:
    2,969
    Location:
    Portland, OR (USA)
    Last edited: Dec 6, 2005
  15. GeSWall Team

    GeSWall Team Guest

    We have fixed the issue with Firefox, (version 1.5 uses new directory for profile). The corrected Firefox rules comes with recent Apllication Database update, you need just click on “Update GeSWall” in tray icon menu. ( http://www.gentlesecurity.com/docs/update.html ).

    We would pleased if you will report found problems to us. If we know – we can fix.
    Thanks!
     
  16. toploader

    toploader Registered Member

    Joined:
    Aug 19, 2005
    Posts:
    707
    ok lets say an apparently safe program (but it contains a kernel mode stealth keylogger) is downloaded and run. can you explain how GeSWall detects/alerts/deals with it? thanks.
     
    Last edited: Dec 5, 2005
  17. GeSWall Team

    GeSWall Team Guest

    if the program is downloaded by an isolated browser, GeSWall will track it and ask for isolation when it runs. Once it is isolated, following rules applied to the program http://www.gentlesecurity.com/restriction.html
    1) it will not be able to install or run kernel mode that immediately stops keylogger
    2) it will not be able to run as user-mode key-logger as will not be able to inject its code or send messages (shatter attacks) to other running processes
    3) it will not be able to infect other programs in system
    4) it will not be able to schedule its running on the system after completion through Run key and so on.

    We have a demo http://www.gentlesecurity.com/demo.html that go through some common attack scenarios and let you evaluate how GeSWall protects from them. The demo is just a VBS script so you may easily extend it by your own tests. In principal, you may use the demo for evaluating other products as well.
     
  18. toploader

    toploader Registered Member

    Joined:
    Aug 19, 2005
    Posts:
    707
    thanks for the reply and demo link GT
     
  19. bigbridge

    bigbridge Guest

    Any opinions of the free Geswall anti-malware?

    Anybody given this free anti-malware program a trial run? http://www.gentlesecurity.com/index.html In your expert opinions is it as good as some of the other recommended programs around here, like Prevx1 OnlineArmor etc? It sounds sorta like a sandbox app but better. It claims to stop all kinds of malware from spyware to rootkits and Windows exploits etc.

    To give credit to the original poster, I first saw it posted about here https://www.wilderssecurity.com/showthread.php?t=114843 by Arup, post #11.

    Thanks for any replies about the program.
     
  20. Franklin

    Franklin Registered Member

    Joined:
    May 12, 2005
    Posts:
    2,517
    Location:
    West Aussie
    Re: Any opinions of the free Geswall anti-malware?

    I like the idea of non-signature based security.

    Gunna give this proggy a whirl and hopefully an expert such as Kareldjag will give it a thorough testing and let us know their opinion.
     
  21. WSFuser

    WSFuser Registered Member

    Joined:
    Oct 7, 2004
    Posts:
    10,632
    Re: Any opinions of the free Geswall anti-malware?

    i tried it tho i found the green bar on title bars for isolated apps, slightly annoying. other than that it works well. depending on which level u set it to, u can have it work automatically or prompt u (like outbound protection). also look in this thread. i also posted a few screenshots there if u wanna have a look.
     
  22. zapjb

    zapjb Registered Member

    Joined:
    Nov 15, 2005
    Posts:
    3,518
    Location:
    USA - Back in a real State in time for a real Pres
    Re: Any opinions of the free Geswall anti-malware?

    I don't get it. Went to the site. At the comparison page, is it just me or did they imply with this installed theres no need for AV, PF or any other security program? I'd like to know from some of the experts here.:eek:
     
  23. hollywoodpc

    hollywoodpc Registered Member

    Joined:
    Feb 14, 2005
    Posts:
    1,325
    Re: Any opinions of the free Geswall anti-malware?

    Hi zapjb .
    With this type of program , it can be used in place of the other apps you mentioned . You can be fairly safe that way . One advantage of having LAYERED protection however , is that if you make a mistake , other apps might catch the problem and stop it . Confusing I am sure but , to answer your question , It CAN be used in place of AVs , a firewall , and so on .
     
  24. Franklin

    Franklin Registered Member

    Joined:
    May 12, 2005
    Posts:
    2,517
    Location:
    West Aussie
    Re: Any opinions of the free Geswall anti-malware?

    You can hover your mouse on the title bar and change the colour.

    Having a coupla issues running with Sandboxie.
     
  25. texux3000

    texux3000 Guest

    So what is the best of these sandbox type programs? Like GeSWall, SandboxIE, BufferZone, DefenseWall, (did I miss any others?) ? Thanx.
     
Loading...
Thread Status:
Not open for further replies.