Is Antiexecutable enough or good enough against Vruses.

Discussion in 'other anti-malware software' started by pinso, Feb 6, 2012.

Thread Status:
Not open for further replies.
  1. pinso

    pinso Registered Member

    Joined:
    Jun 28, 2009
    Posts:
    247
    Hello folks,
    i was thinking that is Faronics Anti-Executable V.3.50 or any other versions of AE along with an Antivirus and a virtualization software along with some common sense enough to get you away from those nasty virus and malwares.
     
  2. ams963

    ams963 Registered Member

    Joined:
    May 3, 2011
    Posts:
    5,965
    Location:
    Parallel Universe
    yeah totally :thumb:.......heck some users here solely rely on ae like appguard........and don't forget imaging software......it's the most effective and easy to use weapon against malware imo......
     
  3. Osaban

    Osaban Registered Member

    Joined:
    Apr 11, 2005
    Posts:
    4,213
    Anti-executable + Virtualization makes a system almost impenetrable. An antivirus (real time or on demand) would be useful to check anything that you want to download and keep in the real volume.

    It certainly works, in practice it is irritating to allow things continuously from AE. It is a suitable combination for static systems. As an alternative one can use Sandboxie and configure restrictions to what programs can execute within the sandbox. Last but not least AE has had a lot of problems with Vista and Win7, but it works very well with XP.
     
  4. pegr

    pegr Registered Member

    Joined:
    Apr 8, 2008
    Posts:
    2,279
    Location:
    UK
    I agree with the other posters that a combination of virtualization, anti-executable, and antivirus (plus imaging software and some common sense) is all you need. It's interesting to note that this is the strategy that Returnil have adopted with their Returnil System Safe product which aims to be a complete security solution so they obviously believe it's sufficient.
     
  5. STV0726

    STV0726 Registered Member

    Joined:
    Jul 29, 2010
    Posts:
    900
    There are people that do the same thing with Software Restriction Policies and AppLocker (Windows 7). SRP is built into XP and is essentially the same as it is in Vista/7. You could use that as well, but I understand some people prefer to use a separate application.
     
  6. Kees1958

    Kees1958 Registered Member

    Joined:
    Jul 8, 2006
    Posts:
    5,857
  7. pinso

    pinso Registered Member

    Joined:
    Jun 28, 2009
    Posts:
    247
    Thank you all for your feedback, although i am using AE 3.50 and Avira and good old Returnil 2008 for my Security setup and although i hadn't used AE for quite a while and still i wasn't infected by viruses, although Avira did show some malicious files but they did not pose some problems for me.

    But from not onwards these would be my setup in my future PC as well.
    Thank you all.
     
  8. LoneWolf

    LoneWolf Registered Member

    Joined:
    Jan 2, 2006
    Posts:
    3,408
    That would be a very good and secure setup.
    I use HIPS + AE + Light Virtualization + System Imaging with an occasional scan or two and when downloading something I plan on putting on the real system, It's been working like a charm for quite some time.

    You should be fine with that setup. :thumb:
     
  9. J_L

    J_L Registered Member

    Joined:
    Nov 6, 2009
    Posts:
    8,516
    Only risks are network information stealing and specific exploits outside of the coverage of both programs (like running an infected script-enabled word document without sandboxing).
     
  10. badkins79

    badkins79 Registered Member

    Joined:
    Dec 23, 2011
    Posts:
    60
    Location:
    Maryland
    What about bad code being injected into authorized executables? What about an authorized executable having its import table modified to load a bad dll? What about kernel based malware?

    Can AE do anything about these?
     
  11. blacknight

    blacknight Registered Member

    Joined:
    Sep 25, 2007
    Posts:
    2,433
    Location:
    Europe
    No conflict ?
     
  12. Hungry Man

    Hungry Man Registered Member

    Joined:
    May 11, 2011
    Posts:
    9,148
    If your Firefox or whatever gets exploited and instead of dropping a payload it just has Firefox start running malicious instructions/ hops to other processes I doubt AE will do anything.
     
  13. 1000db

    1000db Registered Member

    Joined:
    Jan 9, 2009
    Posts:
    718
    Location:
    Missouri
    Appguard prevents code injection as well as trusted executables being tampered with. AG prevents malware from reaching the kernel under normal circumstances. I can't speak regarding other anti-exe's as AG is the only one I've any experience with.
     
  14. Hungry Man

    Hungry Man Registered Member

    Joined:
    May 11, 2011
    Posts:
    9,148
    AG is a lot more than an AE.
     
  15. noons

    noons Registered Member

    Joined:
    Apr 27, 2007
    Posts:
    115
    You might want to look into voodooshield also. Although still in beta its pretty stable and a fully release should be out hopefully soon. Also the developer is pretty active in these forums and.
     
  16. badkins79

    badkins79 Registered Member

    Joined:
    Dec 23, 2011
    Posts:
    60
    Location:
    Maryland
    There are lots of security products that prevent anything bad from happening... Until someone figures out a way to beat it.
     
  17. STV0726

    STV0726 Registered Member

    Joined:
    Jul 29, 2010
    Posts:
    900
    How are they implementing the kernel-level protection on Windows 7 64 systems? Or aren't they? Their website was not specific as to what OSs were supported by their help page said Windows 7 is in fact supported.

    I have been hearing more and more positive things about AppGuard and DefenseWall and they are both good whitelist-based measures (my favorite) that are alternatives to Software Restriction Policies and/or just using Sandboxie (selective/app whitelisting) and I might be interested in using this on a machine in the future.

    Thanks!
     
  18. LoneWolf

    LoneWolf Registered Member

    Joined:
    Jan 2, 2006
    Posts:
    3,408
    None whatsoever.
     
  19. Baserk

    Baserk Registered Member

    Joined:
    Apr 14, 2008
    Posts:
    1,317
    Location:
    AmstelodamUM
    Like bad guys figuring out when a consumer uses a browser on a virtual PC in the cloud? ;)

    Btw, per your site; 'All of your web browsing activity will be SSL encrypted, even for sites that do not support HTTPS. You no longer have to worry about an unsecured network exposing your online information.' link
    How do you enforce HTTPS traffic from your cloud-based virtual PC's to the final destination sites if those sites don't offer HTTPS?
    Or do you mean that all traffic between the customer and the cloud based 'browser-PC' is over HTTPS and further traffic from cloud VM PC-> final destination site might be over HTTP?
     
  20. badkins79

    badkins79 Registered Member

    Joined:
    Dec 23, 2011
    Posts:
    60
    Location:
    Maryland
    Exactly :)

    In our case, I don't pretend that any one part of our system is 100% impossible to beat. My approach is to make an attacker have to beat several layers of protection before they get a chance to attack a user's pc.

    For the SSL question, your assumption is correct. The goal being to protect traffic visible on the users network. So it is secure from the user's computer to ours, and then whatever the webserver uses from our server to the webserver.
     
  21. Zyrtec

    Zyrtec Registered Member

    Joined:
    Mar 4, 2008
    Posts:
    534
    Location:
    USA
    I had tested Faronics Anti-Executable about 9 or 10 months ago and I thought the interface was kind of awkward at that time.

    I had been using AppGuard on my Windows 7 Pro SP-1 box but since it's been giving me headaches due to conflicts with other applications I have installed and, every now and then it locks me up from logging on to my computer when resuming from “Sleep Mode”, I'm giving A-E [version 4.21] a second chance and so far, I haven't seen any conflicts and it works as advertised.

    Although, I'm waiting for the Blue Ridge Networks people to come up with an AG update to fix the problems that have been reported.

    But, bottom line: Faronics A-E is very good when protecting your PC from attacks. After the trial, if I like it, I might as well purchase a license.
    I believe that our security expert Rich still uses it on Win XP.


    Carlos
     
  22. nikanthpromod

    nikanthpromod Registered Member

    Joined:
    Oct 9, 2009
    Posts:
    1,369
    Location:
    India
    consider NVT exeradarpro also.. its great ..:thumb: :thumb:
    use an ondemand scanner with it.. no need for other realtime softs.;)
     
  23. jmonge

    jmonge Registered Member

    Joined:
    Mar 20, 2008
    Posts:
    12,883
    Location:
    Canada
    :thumb: :thumb: agree
     
  24. Function

    Function Registered Member

    Joined:
    Feb 5, 2012
    Posts:
    76
    Location:
    UK
    I have appguard as my anti excutable. I think its a brilliant tool.

    Its very "user heavy" though. So if you don't like being notified etc so much it might not be something for you.
     
  25. trismegistos

    trismegistos Registered Member

    Joined:
    Jan 29, 2009
    Posts:
    365
Loading...
Thread Status:
Not open for further replies.