New trojan Software -Sentinel2

Discussion in 'other anti-trojan software' started by tsr, Nov 8, 2002.

Thread Status:
Not open for further replies.
  1. tsr

    tsr Guest

    I'd like to share this info with our members, as there is quite a bit of trojan software on the web. Security I'm sure is all of our main concern and to some degree you can't protect enough against all the malicous virus,worms,and trojans on the web. Here is a new software by runtimware called Sentinel2. I've been using this software since its conception and find it to be a excellent addition to my anti-virus software,and firewall :) Here is a small excerpt from their site on Sentinel2
    What is Sentinel?
    Sentinel is the result of our frustration over sneaky viruses and trojans. This program will scan your computer for all loaded applications, and has an advanced Integrity Checker that will validate your System files. This program is very simple and easy to use, and if used correctly, you should be able to pinpoint and terminate malicious viruses, before they cause serious damage.

    Will Sentinel Replace my Anti-Virus program?
    No it will not. Sentinel cannot determine if a file is in fact a virus, it acts as a supplement to your existing anti-virus program. Sentinel will aide anti-virus programs by making it scan potential threats.

    How does it work?
    Sentinel uses an extremely quick CRC32 (Cyclical Redundancy Checksum) algorithm to determine if a file has been modified or not (using pre-compiled assembly code - in other words, it doesn't get any faster). Users can set Sentinel to scan specific folders at Startup; or use the new 'Secure Shut Down' shortcut to scan files at Shut Down
    You can download and try it out for a trial peroid cost of the appl is minimal the site is http:// runtimeware.com
     
  2. Paul Wilders

    Paul Wilders Administrator

    Joined:
    Jul 1, 2001
    Posts:
    12,472
    Location:
    The Netherlands
    Thanks for the contribution, tsr!

    An open question though: do you regard CRC32 strong enough, taking MD5 of Reyndael in consideration?

    regards.

    paul
     
  3. tsr

    tsr Guest

    Hi Paul :)
    Based on my testing with Sentinel2 it has held up to all I've thrown at it. I've discussed this software with the developer on a on going basis as this software was being developed, and the scan will check every bit for th slightest change and alert you. It can be configured automatically to scan with ones anti-virus software :D Also Paul just for the record I'm not a programmer.....I work with and test security software for a living....so based on your question this is over my head but I appreciate the interest in this, just thought I could help the members out. Questions on the technical can be directed to the web site. Oh yes...this software detected a trojan which was part of a zip program that I had installed on my pc...it caught it...got past my anti-virus software....
     
  4. snowy

    snowy Guest

    ***POSTED AT THE <RUNTIME> WEBSITE***


    ************************

    Important Note: Prior to purchasing sentinel 2.0, you will need to disable any software firewalls or the order will not go through.

    ***********************


    WHOOOOA.......imo it would be EXTREMELY IRRESPONIBLE to disable a firewall UNDER ANY CIRCUMSTANCES!!!


    snowman
     
  5. Gladiator

    Gladiator Guest

    I think it will help to accept the outgoing connection from this program.
    If you have to disable the whole firewall yum... i dunno...

    Michael
     
  6. Paul Wilders

    Paul Wilders Administrator

    Joined:
    Jul 1, 2001
    Posts:
    12,472
    Location:
    The Netherlands
    Hi tsr,

    There's at the least logic in comments made by snowy and Gladiator.

    Good! don't hesitate to inform the developper to drop me an email.

    regards.

    paul
     
  7. Hey everyone,

    This is Derek (the guy who developed Sentinel). I understand many of you have had questions about the purchase process in Sentinel. To make things less complicated for me, I chose to use eSellerate's SDK (http://www.eSellerate.net) for the credit card purchases.

    I'm not exactly sure how their technology works; but for some reason it has problems with some firewall software (not sure about hardware firewalls) - eSellerate establishes a secure encrypted connection with their servers to send over the information required to complete the purchase. A couple of people have sent me emails saying something to the effect of "I get an error in the purchase process" or "The purchase process does not complete; and does not allow me to purchase Sentinel". I emailed another developer (who uses eSellerate) and he told me that some firewalls just don't let it through. He told me that the easiest thing to do is to tell people to 'temporarily disable' your firewall software before going through the purchase process.

    I haven't had the time to follow through with eSellerate's Technical Support (namely their developers) to see what can be done to give users more faith in the eSellerate system (like snowy said - that it is irresonsible to disable your firewall under any circumstances) - or what can be done to avoid firewall problems....I'll try to do that this weekend and follow up in this thread.

    Derek
     
  8. Paul Wilders

    Paul Wilders Administrator

    Joined:
    Jul 1, 2001
    Posts:
    12,472
    Location:
    The Netherlands
    Hello Derek, and welcome.

    For the benefit of your company, that surely will be an improvement.

    Looking forward to your follow up!

    regards.

    paul
     
  9. RuntimeWare

    RuntimeWare Registered Member

    Joined:
    Nov 9, 2002
    Posts:
    24
    Allright - I got a reply back from eSellerate's support:

    "
    Hello Derek,

    When an integrated purchase is initiated, there are several checks that
    occur for it to attempt to access http. If all of those checks fail, there
    should be a dialog box that pops up allowing the user to hand input the
    Proxy settings. The default port is listed as port 80. If inputting
    specific settings still doesn't allow for the intetgrated purchase to occur,
    then they will receive a dialog to that effect. Occassionally we have had
    purchaser's disable a Firewall as a last resort. Since we cannot control
    what their Firewall is set up to do or what restrictions/settings are
    placed, there is a possibility that this could be an issue to a purchaser.
    It is very very rare that this occurs. If you do see it happening often and
    can send the purchaser's email address or information to our support
    department we can look into it on a case per case basis. I would be
    interested in knowing the number of sales that you see through your
    integrated application versus the number of purchases that you feel are
    failing or are alerted to failing due to a firewall issue. We definitely
    appreciate the feedback and want to do as much research if possible if this
    is a frequent issue that arises from attempted purchases.

    eSellerate Support"

    Thats the entire email. It looks like I'll have to see what people can tell me (regarding their experiences purchasing Sentinel) - and then work from there with eSellerate's Tech support to see if there can be any alternative. For the time being, I will modify that "Firewall" warning with something that is a little bit more accurate..."If all else fails...try to disable your firewall" :)

    Derek
     
  10. Paul Wilders

    Paul Wilders Administrator

    Joined:
    Jul 1, 2001
    Posts:
    12,472
    Location:
    The Netherlands
    Hello Derek,

    Sounds like a perfectly reasonable way to go.

    A modification seems in place indeed. IMO you should emphasize the risks involved in disabling a running firewall, so people can make up their mind if they are willing to take the risk in doing so.

    Thanks for dropping by and posting as you did.

    regards.

    paul
     
  11. bellgamin

    bellgamin Very Frequent Poster

    Joined:
    Aug 1, 2002
    Posts:
    5,648
    Location:
    Hawaii
    I have been using Sentinel2 for about a month now. It runs smooth as silk. One thing it lacks, in comparison with ADinf [for instance] is that it doesn't report deletions of key files. I corresponded with Derek about this & he said that he is going to add this capability. I was amazed at the friendly, fast, personal response.

    On the plus side Sentinel works perfectly with MANY more AV programs than does ADinf. I am glad to be a dedicated user & advocate of Sentinel. I still use ADinf & shall continue to do so, but Sentinel is -- in my view -- a bright new star on the integrity-checker horizon. I do hope that Paul will continue to advise & encourage them.

    aloha.....bellgamin
     
  12. Paul Wilders

    Paul Wilders Administrator

    Joined:
    Jul 1, 2001
    Posts:
    12,472
    Location:
    The Netherlands
    Hi bellgamin,

    Glad to hear you're a happy camper ;).

    As for:

    In case it's appreciated by the designers: sure! We're in the habit of testing security apps first, before reviewing/rating. The software designers can drop me an email in this regard.

    regards.

    paul
     
Thread Status:
Not open for further replies.