Need info about Shadow Defender

Discussion in 'sandboxing & virtualization' started by Fuzzfas, Jan 3, 2009.

Thread Status:
Not open for further replies.
  1. Fuzzfas

    Fuzzfas Registered Member

    Joined:
    Jun 24, 2007
    Posts:
    2,753
    Hi. I have recently installed the trial version and i really like it, for the fact, that it can automatically allow some folders to be written in the real file system, without me having to commit manually every time.

    My question is. I noticed that the latest version is indicated as released in June 2008. Is it still under development? Is there a support forum or something? Does it have a good track record with tests, vulnerabilities found and fixed?

    Thanks
     
  2. Long View

    Long View Registered Member

    Joined:
    Apr 30, 2004
    Posts:
    2,295
    Location:
    Cromwell Country
    I had a vista question just before Christmas and had a reply within a day or so.
    Allowing for the fact that I have paid for this program and have recommended it to numerous clients I would say that there are no other better programs of this type currently available.

    I installed SD on a laptop for a 9 year old telling her to click on SD before going to all the dangerous places that 9 year olds go. 5 minutes later she explained the procedure to her mother ( who took somewhat longer to get it)

    June is the latest because (1) it works as is and (2) the developer is working on
    protection beyond reboot.
     
  3. Fuzzfas

    Fuzzfas Registered Member

    Joined:
    Jun 24, 2007
    Posts:
    2,753
    Thank you Long View. It's the easiest software of its class to use, that's for sure. Easier than Returnil too, for those who want to automatically exclude folders.

    I don't mind long release times, as long as i know that there is development and there aren't known vulnerabilities that should be fixed urgently.

    For example Returnil's last stable release is a long time ago, but since Coldmoon posts in fora (this and others) i know he is working on it.

    Thanks for the info. I think SD is now on my crosshairs. :D

    EDIT: I also noticed that the date is in US and not european format, so it isn't 10 June 2008, but 6 October 2008. Which is much closer as a date. My fault.
     
  4. Saraceno

    Saraceno Registered Member

    Joined:
    Mar 24, 2008
    Posts:
    2,404
    Mr fuzz, see this thread, might have some info for you:
    https://www.wilderssecurity.com/showthread.php?t=228958&highlight=shadow defender

    Tony is great with replying to emails, but since the latest version is 'smooth sailing' and might not have any complaints, it probably doesn't need to be updated.

    Few tips:
    Personally, I don't exclude any folders anymore and just prefer to right-click any files I want to keep and select 'commit'.

    This is because, my brain thinking of other things, would forget shadow mode is on (I sometimes turn the desktop tip off) and make the mistake of dragging a few large files (several GB) from one area to the excluded area (desktop). This means these files will suddenly start being committed, and cause a slow down of several minutes or more (for several GB).

    For example, shadow defender is good with committing documents, mp3s, and small files instantly, and files up to 1-2GB don't take long at all, maybe a minute or so, but as you know, larger the file, longer the commit time.

    Otherwise, to keep your browser bookmarks while in shadow mode, just keep a text document on your desktop, with all the links and info you need. Then just right-click and commit the text document. Next time out of shadow mode, just add your bookmarks. Enjoy testing some software! :)
     
  5. Fuzzfas

    Fuzzfas Registered Member

    Joined:
    Jun 24, 2007
    Posts:
    2,753
    Thank you very much for the info and the link, Saraceno! :thumb:

    My setup works differently than yours. I have 2 hard disks, with 3 partitions, so i don't plan on saving big files on to the C: partition, which is the only that i want virtualized. I mainly want SD to exclude on C: Opera's bookmarks, firewall rules, TF and some minor directories.

    But good to know.
     
  6. Fuzzfas

    Fuzzfas Registered Member

    Joined:
    Jun 24, 2007
    Posts:
    2,753
    Heh, i bought a license. It's also lifetime... I couldn't resist. 32 euros (vat inc.) isn't too bad.
     
  7. Saraceno

    Saraceno Registered Member

    Joined:
    Mar 24, 2008
    Posts:
    2,404
    Good stuff Fuzzfas, you'll find it to be very stable.

    If you're using a laptop with 'sleep' or 'hibernate' settings, make sure you set say all lid close, or idle settings to 'sleep' instead of 'hibernate'. Hibernate seems to shutdown all your programs, for example, my wireless connection goes down as well. With settings set to 'sleep', you'll have no problems with SD being on all the time.

    Slightly off-topic. How's TF running these days, no noticeable slowdowns, or any problems with SD or sandboxie?
     
  8. Fuzzfas

    Fuzzfas Registered Member

    Joined:
    Jun 24, 2007
    Posts:
    2,753
    Yeah, i know it's stable alright. I have tried it before in December. For some weird reason, i hadn't tried it before. I was almost ignoring its existance...

    Thanks for the hibernate tip, i will keep it in mind just in case. Fortunately i hate the hibernation thing. I always disable it.

    Right now, Twister + SD + TF 4.0.0.10 + SB 3.32 + Ashampoo Firewall = no problem.

    I am also impressed on how light this setup is. Threatfire is the one eating the most CPU, but at acceptable levels. TF behaves well. Only updates seem to take too long (i update on demand). I like this setup. It's "pop-up free" and very secure.

    Shadow Defender had the main feature that i always missed from Returnil. The folder exclusion. It's great! It's so relaxing not having to remember to manually commit changes before reboot or shutdown! :thumb: :argh: Twister's updated definitions don't work in that mode, but Ashampoo's rules do and i suspect TF too. (not tested it yet in that).

    It's great product, well worth the money. (Besides, i love lifetime licenses!).
     
  9. Saraceno

    Saraceno Registered Member

    Joined:
    Mar 24, 2008
    Posts:
    2,404
    I had TF running for a long while there, and kind of miss playing around with it so I'm thinking of using it again.

    I noticed your firewall has changed a few times, but you change between the straight-up basic firewalls (eg. pctools) but have returned to ashampoo a couple of times. With a behaviour blocker, I do prefer just the barebones firewall (must be the old sygate fan in me). How's the ashampoo firewall, runs light, alerts clear to read?
     
  10. Fuzzfas

    Fuzzfas Registered Member

    Joined:
    Jun 24, 2007
    Posts:
    2,753
    Yeah, TF is fun to have. If it only had also the resource usage of Mamutu, it would be perfect!

    Yeah, i change security setups once or twice a week, i am an addict. That's why i bought First Defense PC Rescue. I have an "image" with freshly installed Windows + all normal applications + Twister (that needs activation). Each time i want to change setup, i revert to the "backup" , copy it to the "original" and add the "new" security application setup. In that way, i have no leftovers from previous security apps. It's like having a clean installation from scratch.

    My usual strategy with firewalls is : For virtualized systems, go with the barebones. For non virtualized, go with Comodo with D+ or other HIPS. Basically, i follow a line of "no pop security" or a "pop up security".

    For the virtualized setup, Ashampoo free is very nice barebone firewall. Doesn't stealth ports, but i don't care, i have a router. It got 100% in Matousec perfTCP and UDP tests. It consumes very little CPU (almost nothing, as matter of fact much lighter than Sygate in p2p) even with heavy p2p and about 12 MB RAM. It has pleasant GUI, any new rules can be saved in "folder exclusion" in SD, so it's perfect. Sometimes a pop up asking for a new connection can have a small delay, but no serious bugs.

    Operation is very simple. This is the classical pop up that you get for an application with no rules yet:

    http://img148.imageshack.us/img148/8229/15525790bv1.png

    The "apply to all ports" never worked for me, but it doesn't matter. If you click "Allow" and "create rule, don't ask again", which is the typical situation, this is how the new rule will be created by default:

    http://img148.imageshack.us/img148/9607/34812293sk4.png

    So you basically just need to uncheck the "allow incoming" (just like Sygate used to give server rights automatically).

    The general rules window is very well laid, you can see at a glance all rules and ports allowed:

    http://img148.imageshack.us/img148/7151/32274281zh7.png

    If an application existing in the rules window, needs a new port, you will get a new pop up for that port.

    It also has a decent log:
    http://img176.imageshack.us/img176/1298/59716878xu3.png


    Now, sometimes Ashampoo had conflicts with other security programs, but when it works, it works fine.
     
    Last edited: Jan 3, 2009
Loading...
Thread Status:
Not open for further replies.