Just installed RegDefend...

Discussion in 'Ghost Security Suite (GSS)' started by TonyKlein, May 23, 2005.

Thread Status:
Not open for further replies.
Page 2 of 2
  1. puff-m-d

    puff-m-d Registered Member

    Joined:
    Feb 13, 2002
    Posts:
    5,703
    Location:
    North Carolina, USA
    Congratulations!!! Now it only gets easier ;) ...
     
    puff-m-d, May 23, 2005
    #26
  2. TonyKlein

    TonyKlein Security Expert

    Joined:
    Feb 9, 2002
    Posts:
    4,361
    Location:
    The Netherlands
    Allrighty! :) I'll just have a hard look at the keys and values already protected; that should clarify things...

    Thanks again. I really like this app. It's FAST to react!
     
    TonyKlein, May 23, 2005
    #27
  3. TonyKlein

    TonyKlein Security Expert

    Joined:
    Feb 9, 2002
    Posts:
    4,361
    Location:
    The Netherlands
    Nuther question (yes, I do keep you guys busy... )

    Every time I launch IE, RD warns me that IE is trying to delete the (nonexisting) Googldcclient reg value in the HKCU Run key.

    Now do I understand correctly, that if I allow it to always do that, that gives IE a "wild card" (yes.. :D ) to in the future delete/modify ANY other reg value it chooses?

    If so, can this maybe in the future be fine tuned so that one can allow just one particular reg value to be deleted/modified?
     

    Attached Files:

    • RD.gif
      RD.gif
      File size:
      20.1 KB
      Views:
      181
    Last edited: May 23, 2005
    TonyKlein, May 23, 2005
    #28
  4. gottadoit

    gottadoit Security Expert

    Joined:
    Jul 12, 2004
    Posts:
    605
    Location:
    Australia
    Tony,
    It actually gives permissions to the application(s) for the group that the entry is in (the "AUTO STARTS" registry group in this case)
    The way to achieve what you want and be precise about it is to create a new group and call it "AP IE Specific" (so that it sorts earlier than AUTO)
    Add your rule to the new group and add IE as an APO (Application Permissions Override) in there as well

    If you write the rule to be very specific and just match what you have been alerted on then the wildcard match in "AUTO STARTS" will take take of everything else

    Group design is a key thing to consider in regdefend because everything that is grouped together becomes exposed at the same time when an APO is created
    The way I am approaching it is that anything that requires an APO is moved out of a common group into a new one so that things are still tightly specified

    Regards
     
    gottadoit, May 24, 2005
    #29
  5. TonyKlein

    TonyKlein Security Expert

    Joined:
    Feb 9, 2002
    Posts:
    4,361
    Location:
    The Netherlands
    You, my friend are a genius! :D

    Granted, I've only had RD installed for half a day, and I may not have read the manual thoroughly enough, but nowhere I saw any mention of group priority...

    It works perfectly.. thanks heaps!
     
    Last edited: May 27, 2005
    TonyKlein, May 24, 2005
    #30
  6. puff-m-d

    puff-m-d Registered Member

    Joined:
    Feb 13, 2002
    Posts:
    5,703
    Location:
    North Carolina, USA
    A new RegRun ghost file has been posted and you may get it HERE. This should fix all problems with multiple accounts and fast user switching.
     
    puff-m-d, May 25, 2005
    #31
  7. TonyKlein

    TonyKlein Security Expert

    Joined:
    Feb 9, 2002
    Posts:
    4,361
    Location:
    The Netherlands
    Yes I saw that, thanks! :D I also noticed you included the BHO key. Very useful indeed!

    I really like this application. It's like RegProt on steroids. LOL!
     
    TonyKlein, May 25, 2005
    #32
Page 2 of 2
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Accept Learn More...