How to properly set up Geswall

Discussion in 'other anti-malware software' started by trjam, Jul 10, 2008.

Thread Status:
Not open for further replies.
  1. trjam

    trjam Registered Member

    Joined:
    Aug 18, 2006
    Posts:
    9,057
    Location:
    North Carolina
    Ok, I have had numerous PMs of late from folks wanting to use this program but are hesitant on how to set it up. As with all programs, there is a easy way, and the involved, very secure way. I use the easy out of the box way.

    After installing, when I open IE7, Vista Mail and Media player, a box pops up asking if you want to add them to Geswalls protection, which, duh, ya do.

    After that, nadda, I dont do anything. My web browsing, email are all protected from the dreaded, "Malicious Process".;)

    This method works. Is it the best setup? Duh no, but look at who is posting this, the Avatar Man.:cautious:

    So my dear friends, the real purpose of this thread is to start getting those of you, who use the paid version, to offer advice into your settings, so that we all may benefit. Well, that and so people will quit sending me PMs.:argh:
     
    Last edited: Jul 11, 2008
  2. Ohmy

    Ohmy Guest

    Hi,
    I'm looking forward to this thread. :)
     
  3. trjam

    trjam Registered Member

    Joined:
    Aug 18, 2006
    Posts:
    9,057
    Location:
    North Carolina
    I no nothing about partitions. Aigle, jump in anytime here and a couple of you, behind the scences users. Ya know who you are.
     
  4. Seer

    Seer Registered Member

    Joined:
    Feb 12, 2007
    Posts:
    1,596
    Location:
    Singidunum
    I'm not one of them, just stopped to say big

    LMAO :D :D

    to this thread.

    Cheers,
     
  5. Kees1958

    Kees1958 Registered Member

    Joined:
    Jul 8, 2006
    Posts:
    5,857
    Guys,

    haha I got you, I will remove my post, was just teasing, the only solution is buying another policy sandbox with nearlly the same name :D

    TIP: change the name of this thread from improperly to properly (your are asking to get your leg pulled this way);)

    Cheers Kees
     
  6. Page42

    Page42 Registered Member

    Joined:
    Jun 18, 2007
    Posts:
    5,829
    Location:
    Last Breath Farm
    I found that I had to start creating rules in order for certain things to work right. At first I was taken aback by the process, but reviewing the logs proved to be the key. Basically, I just looked at the log before the action in question and then immediately after, and usually I could find the info I needed right there in order to add a rule.
     
  7. aigle

    aigle Registered Member

    Joined:
    Dec 14, 2005
    Posts:
    11,047
    Location:
    Saudi Arabia/ Pakistan
    U moved the file urself. If so, mark it untrusted again at the same time.
    If file is moved by malware, it will not be marked trusted anyway.
     
  8. Kees1958

    Kees1958 Registered Member

    Joined:
    Jul 8, 2006
    Posts:
    5,857
    GW does not know malware, so it can not know when moved by malware.
     
  9. hammerman

    hammerman Registered Member

    Joined:
    Jul 14, 2007
    Posts:
    283
    Location:
    UK
    I know this topic is about Geswall, but Defensewall seems to do the same thing. If I copy an untrusted file, the copy becomes trusted. Does this mean if I copy malware.exe from one location to another and then run it, it now runs trusted?
     
  10. Ilya Rabinovich

    Ilya Rabinovich Developer

    Joined:
    Sep 13, 2005
    Posts:
    1,543
    What is your version of DefenseWall? Total untrusted files copy control is from 2.30 version.
     
  11. trjam

    trjam Registered Member

    Joined:
    Aug 18, 2006
    Posts:
    9,057
    Location:
    North Carolina
    ahem, Geswall thread here.:cautious:
     
  12. Kees1958

    Kees1958 Registered Member

    Joined:
    Jul 8, 2006
    Posts:
    5,857
    What a good idea is with GeSWall is to define your documents, mail directory and Windows Address Book as confidential

    AND

    A) allow you e-mail application to access your mail directory and WAB (e.g Outlook Express)
    B) allow uour webbrowser access to your download directory only (e.g. IE, FF or Opera)
    C) allow your shared directory only to your P2P application (eg LimeWire)
    D) allow your media player to music and movie directory (e.g. WMPlayer)

    In this way you strengthen the policy management with access limitation to personal folders with a specific allow policy for specific untrusted aps to specific folders (sort of SRP-light)

    @Trjam, noticed the change in the header RE: how to properly setup . . . ;)
     
    Last edited: Jul 11, 2008
  13. trjam

    trjam Registered Member

    Joined:
    Aug 18, 2006
    Posts:
    9,057
    Location:
    North Carolina
  14. Kees1958

    Kees1958 Registered Member

    Joined:
    Jul 8, 2006
    Posts:
    5,857
    Now I am proud on yeh!
     
  15. aigle

    aigle Registered Member

    Joined:
    Dec 14, 2005
    Posts:
    11,047
    Location:
    Saudi Arabia/ Pakistan
    In a way it knows. :) If moved by malware( untrusted), file will remian untrusted.
    Whe u move via explorer( exploer being always trusted), the file tagging is gone. Malware is not allowed to tamper trusted explorer.exe as well.

    So all in all it,s OK though I agree that retaining the tags might be better.
     
  16. Kees1958

    Kees1958 Registered Member

    Joined:
    Jul 8, 2006
    Posts:
    5,857
    :thumb: settled than ;)
     
  17. Dark Shadow

    Dark Shadow Registered Member

    Joined:
    Oct 11, 2007
    Posts:
    4,553
    Location:
    USA
    I have a question.How can I islolate email with out the right click in all programs.
     
  18. trjam

    trjam Registered Member

    Joined:
    Aug 18, 2006
    Posts:
    9,057
    Location:
    North Carolina
    when your email program firsts opens, you are giving the option to have it enclosed in Geswall. Or click the tray icon then applications and your email program and right click to isolate it.
     
  19. Dark Shadow

    Dark Shadow Registered Member

    Joined:
    Oct 11, 2007
    Posts:
    4,553
    Location:
    USA
    when I first opened window mail there was no option or pop up.If I right click on icon on desk top the option is there but it does not open.It only opens from All Programs.
     
  20. aigle

    aigle Registered Member

    Joined:
    Dec 14, 2005
    Posts:
    11,047
    Location:
    Saudi Arabia/ Pakistan
    How to set up Custom Rules in GesWall?, see here:

    https://www.wilderssecurity.com/showthread.php?t=180489
     
    Last edited by a moderator: Jul 11, 2008
  21. Page42

    Page42 Registered Member

    Joined:
    Jun 18, 2007
    Posts:
    5,829
    Location:
    Last Breath Farm
    Open GeSWall Console. In the Console Root Directory, expand Applications, expand Email and News. Right-click your email client and select Properties. Select Always start isolated and then OK.
     
  22. Dark Shadow

    Dark Shadow Registered Member

    Joined:
    Oct 11, 2007
    Posts:
    4,553
    Location:
    USA
    Ah thank you kindly
     
  23. Page42

    Page42 Registered Member

    Joined:
    Jun 18, 2007
    Posts:
    5,829
    Location:
    Last Breath Farm
    Anyone running GeSWall on security level High? I use the default medium level (Isolate known applications).
     
  24. Dark Shadow

    Dark Shadow Registered Member

    Joined:
    Oct 11, 2007
    Posts:
    4,553
    Location:
    USA
    I Use medium.
     
  25. LoneWolf

    LoneWolf Registered Member

    Joined:
    Jan 2, 2006
    Posts:
    3,408
    When I did use GesWall (and I may again)
    It was set to medium, except when my wife (the happy clicker) was using the pc, then I set it to high, so no pop ups with excellent protection.
     
Loading...
Thread Status:
Not open for further replies.