LUA/SRP/Kafu/DEP/SuRun Explanation

Discussion in 'other anti-malware software' started by sourav_gho, Sep 18, 2009.

Thread Status:
Not open for further replies.
  1. sourav_gho

    sourav_gho Registered Member

    Joined:
    May 22, 2009
    Posts:
    141
    Hi guys, Can anybody through light on these technologies and how to apply these on Windows system.
    Expecially ssj100.. Buddy can you help me..:)
     
  2. sourav_gho

    sourav_gho Registered Member

    Joined:
    May 22, 2009
    Posts:
    141
    Thanks Ssj100 Haha your style :p
     
  3. demoneye

    demoneye Registered Member

    Joined:
    Dec 30, 2007
    Posts:
    1,356
    Location:
    ISRHell
    good reply Sj100 , nothing more to add just GO FOR IT ! IT OWNZ! :)
     
  4. testsoso

    testsoso Registered Member

    Joined:
    Feb 10, 2007
    Posts:
    137
    SRP is too difficult, i have some software installed in different partitions, how to allow them? for exsample s:\program files? And I tried it with PGS, but can't understand it.
     
  5. Kees1958

    Kees1958 Registered Member

    Joined:
    Jul 8, 2006
    Posts:
    5,857
    Use NAME (abc.exe) in stead of PATH within PGS
     
  6. Windchild

    Windchild Registered Member

    Joined:
    Jun 16, 2009
    Posts:
    571
    It's really simple: Just create a new path rule that sets S:\Program Files to "Unrestricted." That allows everything inside that folder and any subfolders to run. Note, that if your user has write access to that folder, it also means that it provides a very easy way to bypass SRP.
     
  7. Sully

    Sully Registered Member

    Joined:
    Dec 23, 2005
    Posts:
    3,719
    You might wish to clarify that a 'program files' directory should not have write access, but it is not a global mindset. Profile directories, custom directories, directories on storage drives will likely need write access. It is because a User by default cannot create/modify in c:\ , c:\windows and c:\program files that LUA is 'more' safe. If you have a custom 'program files' directory on another drive, to be as secure as LUA it is this directory that should be set with the same permissions as c:\program files, which means read or execute only.

    Does that make sense?

    Sul.
     
  8. Joeythedude

    Joeythedude Registered Member

    Joined:
    Apr 19, 2007
    Posts:
    519
    You don't need to do it all at once !! :)

    Just try one bit at a time and see if it suits you.
    See if you can switch your habits a bit. ;)

    Any one will significantly help your computer security and you don't need to use them all.
    And of course you can still use security programs and mix them in too.
     
  9. Joeythedude

    Joeythedude Registered Member

    Joined:
    Apr 19, 2007
    Posts:
    519
    Why have you quoted my post ?
     
  10. testsoso

    testsoso Registered Member

    Joined:
    Feb 10, 2007
    Posts:
    137
    I can't find any Options in PGS, about subpath, and there are only deny allow and restrict, so i guess you didn't use PGS, but windows own tools to do this?
     
  11. Kees1958

    Kees1958 Registered Member

    Joined:
    Jul 8, 2006
    Posts:
    5,857
    Nope, PGS is easier to use than XP Pro's own, Read the tutorial

    For restricted/denied/allowed you can enter a variable or a path or a name
     

    Attached Files:

    • 1.jpg
      1.jpg
      File size:
      53.8 KB
      Views:
      1,064
    Last edited: Sep 18, 2009
  12. reinwald

    reinwald Registered Member

    Joined:
    Apr 4, 2009
    Posts:
    54
    Location:
    Philippines
    uhm... does this work on XP Home?
     
  13. Joeythedude

    Joeythedude Registered Member

    Joined:
    Apr 19, 2007
    Posts:
    519
    Just seemed odd to me.
    My point was that you can be more secure with just part of that setup than not at all.
    Pretty uncontroversial I would have thought !
     
  14. Sully

    Sully Registered Member

    Joined:
    Dec 23, 2005
    Posts:
    3,719
    A path rule in SRP is a rule that points to an executable or a directory. A path rule may be notated in the following manners:
    simple name: notepad.exe
    simple name with wildcards: *pat.exe, note*.exe, notepad.*

    Environment Variables: %sysdir%\solitaire.exe, %windir%\notepad.exe, %programfiles%\mozilla firefox\firefox.exe
    Environment Variables with wildcards: %sysdir%\sol*.exe, %windir%\note*.exe, %programfiles%\mozilla\firefox.*

    A path can be what is known as 'Fully Qualified', meaning it must contain the entire path, such as c:\program files\mozilla\firefox.exe.

    SRP can implement a policy rule on just names, full paths or environment variables. But it can also implement on just a full path of a directory, without an executable mentioned. Such as the default Allow rule for c:\program files. This rule allows any executable in any subdirectory of c:\program files to execute. It is important to note that if you are not using a simple name you must use a fully qualified path, but in SRP's case you MAY USE environment variables.

    In PGS you must choose a TYPE of path rule, Simple, Full or Env Var. It is this way so that it may check to be sure if you are wanting a full path, that the path exists. You may drag and drop a directory or executable to the text box rather than typing it in if you would like.

    Sul.
     
  15. sourav_gho

    sourav_gho Registered Member

    Joined:
    May 22, 2009
    Posts:
    141
    Is there some security measure we can implement in Vista/Windows 7 also?
    I can do SRP in here what about the others??
     
  16. Sully

    Sully Registered Member

    Joined:
    Dec 23, 2005
    Posts:
    3,719
    If you are referring to using SRP in vista or 7, it is ready to do so. You can use Lucy's reg file method, if you have the right version you can use secpol.msc to implement it or you can use PGS. All the info you need is in the 'recommended threads' sticky thread in the 'other security software' forum.

    Sul.
     
  17. sourav_gho

    sourav_gho Registered Member

    Joined:
    May 22, 2009
    Posts:
    141
    Hey sul, could you please post the links of these...
     
  18. Sully

    Sully Registered Member

    Joined:
    Dec 23, 2005
    Posts:
    3,719
Loading...
Similar Threads
  1. waters
    Replies:
    3
    Views:
    384
Thread Status:
Not open for further replies.