Is it me is or is SSM going mad.......

I have ssm 2.2.0.597 and I *did* get random restarts .It's annoying because if you are in the middle of typing up a paper or something and ur pc reboots you worked for nothing. I turned ssm off and no more restarts

 

They wouldn't accept "Old Monk" as your user name because someone else already has that name? Or does "Old Monk" mean something nasty in the Russian language?

Over at the ProSec thread, Stem just reported that SSM is offering a 50% discount to anyone who switches to SSM from a competing HIPS. Verrrry interesting. Nowadays it seems there is a new HIPS software on the market just about every day. The HIPS competition must be hot & heavy.

 

I think that some users of an application such as SSM will/may encounter problems at some time, be it from some (unseen) confilict or possible mis-config of SSM. I can fully understand that SSM does not want its users to lock themselves out of the OS,... but then again,... does SSM taking control of these applications give better protection, or just a case of possible less complaint from users of problems of lockout.

I hope you do,... some explanation from the SSM team, as to their dealings with these applications would be nice. I have again posted to thread at SSM.

 

This offer as always been available,... I just pointed to this due to the post by TECHWG

 

Hi

Thanks for your reponses Stem.

I posted in their forums this morning and have had two quick responses. Basically, it seems there is an issue in the config migration from 2.1 to 2.2 which I assume they have fixed or will fix.

As regards, csrss, lsass and smss their response was that they should reside in the System Group but that some changes in System Group will be done - are they maybe referring to what you and others have been pressing for ?

@bellgamin

I'm not even going to contemplate this at this stage If SSM doesn't come up trumps, this will be my last foray into the HIPS market for some time (a disappointment to Devils Advocate I've no doubt )and may just go back to PG .

It would seem that, 'Old Monk' contains something other than 'Latin letters or numbers according to their registration page

I'll see how we go and thanks to all.

 

Hello Old Monk,

There are some problems with the default config of the latest release (certainly on my setup), one which bugs me the most is the fact that for the "Normal" group I can only set Parent->child to either Allow or deny,... not ask. I did load up one of my old configs,.. and well,.. the setting where all over the place. The only way I could get to my previous settings, was to leave my config files after uninstalling the old version, then use this config file on new install,.. but even then some settings where changed.

There was a reply to my thread, but this just states that it is on the "TODO" list, which means nothing to me (they could of said what they will do),......... I can see this will go on and on.

 

Hi Stem

With the above in mind, and their apparent reluntance to go with the Big 3 suggestions, do you think there is a possible strategy in place to take user intervention away more and more in order to appeal to a larger market ?

If that was the case, IMHO they are a long, long, long way off creating a 'set and forget' type of program and again if that WAS the case, I can envisage all sorts of new beta's and development around the corner.

I would guess the typical user (and as yet I can't count myself among them ) have bought into SSM because of the amount of control that the user can bring to bear.

I do understand market forces but it would be a shame if such an advanced program were to be watered down.

I think they should leave well alone for a while and make this 2.2 nailed down hard and cater for the niche market where it could undoubtedly hold it's own.

 

Why shoot yourself in the foot? As things now stand, HIPS are one of the very best zero-day protections available. Besides which, they are jolly good fun to configure and mess around with.

DefenseWall, Sandboxie, ProSecurity, Prevx, Safe'N'Sec, SSM -- so many grrrreat choices. So little time to try 'em all.

When you get right down to it, all you really need right now is a router plus DeepFreeze when you're running frozen, and Prevx when you're running thawed -- and seldom ever a pop-up. That combo is 99.99999% bullet-proof for now, & mindless to boot -- but wait until next week. Computer security is a giant chess game, and the next move belongs to the bad guys.

 

Evening Bellgamin

Very good

Yep, I do like playing but sometimes it gets a tad frustrating.

Guess I meant, I'm not paying for any more !

Lol - tried DefenseWall - tried Prevx (preferred the old one before it was a true CIPS)

Run ShadowUser (like that).

Back to serious, I'm NOT going to jump ship to ProSecurity. I have had enough of BSODS's and I see on the related threads that there is just the merest mention of them, which is quite enough for me. The screenshots look to me almost the same in functionality so I'll stick with BSOD's from a prog I've paid for

I do like SSM and I just hope it starts getting stable.

Anyway, you can't beat a good game of chess

 

If you read on the threads, the reason BSOD occured was due to premature removal of learn mode contrary to the manual inscruction. In the new thread there are info's about the new version with some bug fixes. Please do not tar the program with the brush of its users. Minor user hitches can cause program problems.

New version is hot installable and uninstalable. Very nice indeed

do you feel SSM is more stable than Prosec ? i have tried both and having totally stable Prosec i cant see any flaw with it. I even did not have issues with 1.21 as some had, but 1.22 seems nicer somehow i cant explain

 

Hi TECHWG

 

Well old monk, as stem once said along the lines of that most HIPS seem to have set ridged rules about system resources, and in this case you can step by step if you want with no learn mode. there is a possibility that ps will have the answer to this with a default list of importable rules only for system items, at which point you could disable learn mode and take your chances

Also please check the forum area we are in here for another new thread with something cool to do with ProSecurity.

 

Oh bty the way, since its hot installable / uninstallable, as soon as you install PS you can instantly remove learn mode and continue from there, or import standard system rules when the dev adds this functionality of standard importable rules

 

Hi TECHWG

I can't help but admire your persistence

... but simply put, PS is payware and I won't be spending more money on HIP's at this stage. HIP's for me are a 'would like' rather than a 'must have'. I can live with A/V and firewall if I have to.

For that reason alone, it's SSM or nothing for me. I have a licence for PG which has served me well and if SSM let's me down I'll go back to that.

 

You got a PM.

Add me on yahoo or msn, you can get my msn from my profile, and to prove its you quote me what i typed in your PM

 

I feel the same about the learning mode as do you and with me turning it off in SSM at the earliest did not produce any problems and enabled me to see what is going on.

Apart from malware which you may or may not have on your machine, I have programs that want to install hooks. They function quite well without that priveledge and without turning off L/M I would not be aware of that going on.

I also have PG to fall back on should they decide to develop it further.

 

You do need to take into account that SSM does not control the loading of all DLL`s, I would need to ask, that if SSM controlled the loading of all DLL`s, would you be happy to have all the hundreds of popups?, and would you also check on each DLL to check on its validity.

 

Are you saying that PS does?

I have not seen, maybe missed it, a comparative between the two programs as to how they operate and what areas/items they each control.

You seem to be implying that PS is more thorough in its approach, but at the end of the day will I be better protected by it than with SSM. Probably in theory one will be better than the other but I doubt that it will be of great significance with my computing habits, but you are the expert so I accept what you say.

 

Yes, PS will control the loading of DLL`s(see pic),.. this was one of the main reason I suggested using learning mode in PS.

SSM (if I remember correctly) did mention that this control was on their "TODO" list.

No, I was asking if SSM controlled the loading of the DLL`s, would you still take the same approuch to the install of SSM, by wanting a popup on every event, and to take out of learning mode immediately.

 

I suppose probably not, but if I was presented with that I would probably work through them.

I do not fully understand the logic of this learning process. I would have thought that the legitimate processes to get the o/s up and running would be known to any HIPS program and these could be accepted. It is the extra programs that I feel need to be monitored.

There is another point about PS that I have noted. It was mentioned somewhere here that when installing PS that it does not need to be rebooted. Surely it is advisable with any security program that it is loaded with the system to establish a basic setup.