Hints on using Online Armor FW-a Learning Thread 4

The restore of the Hybrid Settings (excluding the OA FW engine)

worked with one exception.

The restore of the previous OA190 (with OA FW engine) also worked with the same exception.

The exception was the 4 Keyloggers identified earlier are NOW missing in both cases. So users should watch out for this.

Next I will test if the 190 settings will work in the public beta.

But the results of that test will be reported over at TalEmu as per OA's request. But anybody can view that there if they care.

 

Well, if I thought this testing was useless I wouldn't do it.

I know nada about any new release just what is on the OA Public Web site.

I want to know if these options I've never tested actually work on the official releases we do have.

When the results are in they become hints for this thread.

 

For thread information OA has released a public beta at:

http://support.tallemu.com/vbforum/showthread.php?t=6706

OA's change log is encouraging as it includes some fixes related to Key Loggers (KL) or if you prefer Key Logger Behavior (KLB)

One of OA's strengths IMHO is they do read and listen to user input even if it tough to read.

I'm about to save my settings and will test them on the newest public beta.

Any specific results I get will be posted over there not here.

 

http://support.tallemu.com/vbforum/showpost.php?p=71693&postcount=10

 

I have some questions about RunSafer. Is runsafering a program every bit as safe as running it LUA? Are there any vulnerabilities? Any way a piece of malware can break out of RunSafer and infect my system?

 

RunSafer is completely the same as LUA, and even more restricted than just regular user. Is it safer ? Yes, It is MUCH safer than running with admin rights and it is safer than running with regular user rights. Are there any vulnerabilities ? How can we know ? All the known vulnerabilities are covered by additional OA protection (RunSafer does not exclude OA protection, it supplements it). But who can say about unknown vulnerabilities ?

 

Thanks for all the info Peter and Alex!

 

In OA, there is a web shield here is the help link for it.

http://www.tallemu.com/webhelp3/KF-Web.html

The way I understand it is that it is a "behavior" based site shield and doesn't rely on either a black list or a white list.

So given that, it means we still benefit from FF's Phish Tank (or other browser equivalent checks of visited sites) since the methods are different and using 2 should be more effective than just one site checking method.

I have both on and see no noticeable surfing slow down.

 

What kind of anti-logging protection does OA paid offer?

 

Hi Dregg Heda:

I assume you mean anti Keylogger parasites?

See attached link comparing the features:

http://www.tallemu.com/comparisons.html

I think the beta versions are working on KLB upgrades but Mike Nash should be the one who answers this over at the support forum.

 

A word to the unwise.

Keep images of your os partition.

To error on the side of security after an reinstall or upgrade from one OA version/build to the next check that the restored settings still match your own security policy settings.

I suggest users check computer interface to ensure it is still NOT trusted. If you turn off auto configure trusted programs and turn off automatically allow trusted programs to access the www. Make sure these are still intact after the reboot and the upgrade or reinstall.

Save your settings. The current formal release is still at 190.

Support is available at:
http://support.tallemu.com/vbforum/

 

OA paid stops all the known loggers available. If you find the one OA cannot handle feel free to submit it to Tall Emu and in a day or two it will be handled properly

 

Does this include screen loggers, clipboard loggers and SSL loggers?

 

It includes screen, clipboard and webcam, though I'm not sure about SSL. If you provide an example of SSL logger I can test it and report outcome

 

Hi Alex,

From what I've read, SSL loggers are supposed to be apps capable of logging SSL packets by capturing the information before it enters the SSL algorithm, hence before its encrypted. Zemana Anti-logger claims to be able to protect against this and you can read more about it at:

http://www.zemana.com/list/list.aspx?ktgr_id=354

I myself know no ssl loggers but perhaps you can find one for testing purposes.

Also has OA passed any tests against movie style screen recorders?

 

I dunno about all the tests, but I tested OA with Zemana Webcam logger and it cateched and disabled the test.

 

Cool! Have you tried it with the SSL logger test?

 

When I downloaded Zemana tests, SSL test was "under construction". Is it ready already ?

 

No idea Alex. I just saw the ssl logger icon on the screenie you posted and assumed that such a test was available.

Oh and I wasnt talking about a webcam logger when I said movie style screen recorder. I meant a screen logger which recorded everything that appeared on your screen like a running movie. Have you tested OA against those?

 

I can run any test, just tell me where can I get it.

 

Hi alex:

What version of OA did you use for the Zemana logger test? I want to see if I can reproduce your results.

 

I always use the latest beta. Now it is 3.1.0.26. But I think any beta from 3.1.* serie would be the same regarding keyloggers.

 

Maybe, but there maybe a problem then, as per the OP #1 we only post using the latest formal release and not use beta or even public beta results I ran into that one myself. Beta results are kept in the forums over there.

So unless the WSF moderators tells us otherwise I think we must limit our findings to 190 which I think is the last release. Otherwise users may think beta findings apply to 190!

This is also not a support thread, merely a hints or learning thread.

Moderator, please advise.

 

To assist in future direction of this thread please see:

https://www.wilderssecurity.com/showthread.php?t=233804

Thank you