NoVirusThanks OSArmor: An Additional Layer of Defense

Discussion in 'other anti-malware software' started by novirusthanks, Dec 17, 2017.

  1. Rasheed187

    Rasheed187 Registered Member

    Joined:
    Jul 10, 2004
    Posts:
    14,843
    Location:
    The Netherlands
    Great to hear from you and I hope your new service will be succesfull. BTW, what about EXE Radar, will this also be improved? To be fair, it's running just fine, but better "parent-child" process control would be nice. :thumb:
     
  2. novirusthanks

    novirusthanks Developer

    Joined:
    Nov 5, 2010
    Posts:
    1,136
    Location:
    Italy
    Thanks guys!

    We have some plans for our software (current and new ones), but lets first focus in OSArmor new version release.

    Once we have completed this "phase 1", more details and information will be explained.

    I tested OSA 1.4.3 in Windows 10 2004 (May 2020 Update) and works fine:

    win10-2004.png
    A small update:

    - Completely finished the auto-update feature
    - Added possibility to change connection settings (using a SOCKS4/5/HTTP proxy server + authentication)
    - Improved blocking of Microsoft Edge
    - New options to block Windows Store, Cortana, System Settings, System Security UI, etc.
    - Added Microsoft PDF Reader in Anti-Exploit tab
    - Added option to block Microsoft PDF Reader (in case you require users to use another one, i.e Foxit)
     
  3. pb1

    pb1 Registered Member

    Joined:
    Apr 4, 2014
    Posts:
    786
    Location:
    sweden
    Will Syshardener also be subscription based?
     
  4. bellgamin

    bellgamin Very Frequent Poster

    Joined:
    Aug 1, 2002
    Posts:
    7,383
    Location:
    Hawaii
    Overall updates by NVT are most desirable, of course, but user-developed Custom Block Rules are also very useful in keeping OSA effective in the interim.
     
  5. Buddel

    Buddel Registered Member

    Joined:
    Apr 28, 2015
    Posts:
    1,595
    Couldn't agree more, @bellgamin Anyway, I'm glad NVT is back.:)
     
  6. novirusthanks

    novirusthanks Developer

    Joined:
    Nov 5, 2010
    Posts:
    1,136
    Location:
    Italy
    @pb1

    We have not yet decided about the other software, after the new OSA version has been fully released we will discuss about them and I will post updates here.

    We just prepared some "todos/updates" for some of them.

    A small update about OSA:

    We've improved the CustomBlock and Exclusion rules by adding more variables:
    %USER%, %DOMAIN%, %PROCESSINTEGRITY%, %PARENTINTEGRITY%, %SYSTEMFILE%, %PARENTSYSTEMFILE%

    Here is an example of a new rule using the above new vars:

    Code:
    [%PROCESS%: C:\test.exe] [%PROCESSINTEGRITY%: High] [%PARENTINTEGRITY%:
    Medium] [%USER%: admin] [%DOMAIN%: DESKTOP-123C1GR] [%SYSTEMFILE%: False]
    [%PARENTSYSTEMFILE%: True]
    
    Useful to block processes for specific users/domains and write better rules.

    We also improved %SIGNER% and %PARENTSIGNER% vars, you can now detect unsigned processes like this:

    [%SIGNER%: <NULL>]
    [%PARENTSIGNER%: <NULL>]

    Example to block unsigned processes in C:\Folder\:

    Code:
    [%PROCESS%: C:\Folder\*] [%SIGNER%: <NULL>]
    
     
  7. n8chavez

    n8chavez Registered Member

    Joined:
    Jul 19, 2003
    Posts:
    2,986
    Location:
    Location Unknown
    Is there anything new that's going to be in the non-free OSA that might entice users to switch to it from the current free version. I'm very curious about this new version.
     
  8. bellgamin

    bellgamin Very Frequent Poster

    Joined:
    Aug 1, 2002
    Posts:
    7,383
    Location:
    Hawaii
    I will switch to the non-free version, regardless. Free versions are a death trap for niche software. I need OSA in my security wall.
     
  9. novirusthanks

    novirusthanks Developer

    Joined:
    Nov 5, 2010
    Posts:
    1,136
    Location:
    Italy
    A lot has been added and improved in the new version, we're currently adding possibility to hide "process blocked" notification dialog for specific processes.

    Will post here the full changelog and what's new very soon (just missing to add activation system).
     
  10. n8chavez

    n8chavez Registered Member

    Joined:
    Jul 19, 2003
    Posts:
    2,986
    Location:
    Location Unknown
    Thanks for the non-answer answer, I guess.
     
  11. polly77

    polly77 Registered Member

    Joined:
    Jan 13, 2014
    Posts:
    63
    Hi just curious will there also be free version of NVT or OSA?
     
  12. act8192

    act8192 Registered Member

    Joined:
    Nov 9, 2006
    Posts:
    1,762
    Agree.
    How will we know when it becomes paid and how to send money?
     
  13. n8chavez

    n8chavez Registered Member

    Joined:
    Jul 19, 2003
    Posts:
    2,986
    Location:
    Location Unknown
    I'm assuming novirusthanks will post here. Alternatively, you can check the site from time to time.
     
  14. digmor crusher

    digmor crusher Registered Member

    Joined:
    Jul 6, 2012
    Posts:
    950
    Location:
    Canada
    Everyone is quivering for a free version, but hey, if you like it , buy it, whats it going to cost you, equivalent to 3 or 4 beers, a good meal?
     
  15. n8chavez

    n8chavez Registered Member

    Joined:
    Jul 19, 2003
    Posts:
    2,986
    Location:
    Location Unknown
    I agree. But I do want to know what I'm going to be buying, before I shill.
     
  16. digmor crusher

    digmor crusher Registered Member

    Joined:
    Jul 6, 2012
    Posts:
    950
    Location:
    Canada
    delete
     
    Last edited: Jul 11, 2020
  17. bellgamin

    bellgamin Very Frequent Poster

    Joined:
    Aug 1, 2002
    Posts:
    7,383
    Location:
    Hawaii
    I'm 99.999% certain NVT (Andreas) will post the news here. However, I will periodically check his site at HERE or THERE.

    Present Version = 1.4.3
    NEW Version = ??
     
  18. plat1098

    plat1098 Registered Member

    Joined:
    Dec 19, 2018
    Posts:
    1,231
    Location:
    Brooklyn, NY
    Hi there. Is it possible to explain this in greater detail? Which one, the legacy? This was a pickle for me if it was running in the background, as Krusty pointed out. Or, do you mean the chromium Edge if/when it is included in the OS like the legacy was?

    Looking forward to any stuff you re-mastered but hopefully sooner rather than later. :thumb:
     
  19. imdb

    imdb Registered Member

    Joined:
    Nov 2, 2011
    Posts:
    3,291
    his post reads "improved blocking of edge". the c-edge does not autostart/run in the bg unlike the legacy edge. so it must be the legacy edge. also, the word "improved" gives us a hint i think.
     
  20. Buddel

    Buddel Registered Member

    Joined:
    Apr 28, 2015
    Posts:
    1,595
    +1
    Will it be possible/necessary to use SysHardener alongside OSA? BTW, it would be great if it were possible to see what has been blocked by SysHardener. OSA always tells me when it has blocked something, but SH doesn't. Maybe you could build some kind of a block list into SH, so that the user knows what has been blocked and why.
     
  21. aldist

    aldist Registered Member

    Joined:
    Nov 8, 2017
    Posts:
    881
    Location:
    Lunar module
    If it becomes possible, it will be OSArmor, not SysHardener :D
     
  22. Buddel

    Buddel Registered Member

    Joined:
    Apr 28, 2015
    Posts:
    1,595
    Not really. OSA block rules and SH block rules are not 100 per cent identical, so it would it would not be identical to OSArmor; it would be SH with a block list.
     
  23. Bertazzone

    Bertazzone Registered Member

    Joined:
    Apr 13, 2018
    Posts:
    424
    Location:
    Milan, Italia
    It will never happen. I think it would be impossible because of how SysHardener settings are applied.

    You would need to use Hard_Configurator or Simple Windows Hardening if you want logs.
     
  24. Buddel

    Buddel Registered Member

    Joined:
    Apr 28, 2015
    Posts:
    1,595
    If Hard_Configurator and Simple Windows Hardening can generate logs, why shouldn't it be possible for SysHardener?
     
  25. Krusty

    Krusty Registered Member

    Joined:
    Feb 3, 2012
    Posts:
    9,292
    Location:
    Among the gum trees
    SysHardener does not run in real-time. It makes changes to the Operating System, then you reboot. SysHardener is no longer running, so how could it possibly notify or log anything??
     
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.