Process Guard and Integrity Checkers

Discussion in 'ProcessGuard' started by FanJ, Feb 19, 2004.

Thread Status:
Not open for further replies.
  1. FanJ

    FanJ Guest

    First a disclaimer: I don't know much about Process Guard because I can't use it on my W 98 SE system; if I would start using anywhere in the future another Windows-system, I certainly would use Process Guard.


    OK, here are some thoughts only for the paranoids :D

    1.
    If you use a "real-time" File-Integrity-Checker (like for example File Checker from Javacool) to watch for changes in certain files, let Process Guard protect File Checker so it cannot be terminated.

    2.
    Maybe let File Checker watch important files of Process Guard.

    3.
    If you use an on-demand File-Integrity-Checker (like for example the CRC32-test in TDS-3, NISFileCheck, or Adinf32), let File Checker from Javacool watch the important files of that on-demand File-Integrity-Checker.

    4.
    If you use a "real-time" Registry-Integrity-Checker (like for example RegProt from DiamondCS or RegRun from Greatis), let Process Guard protect that Registry-Integrity-Checker.

    5.
    If you use a Registry-Integrity-Checker and a File-Integrity-Checker, all the above, and let the File-Integrity-Checker watch the important files of the Registry-Integrity-Checker.


    As I said: I am in no way an expert on Process Guard, and it's just for the paranoids between us :D
     
  2. Pilli

    Pilli Registered Member

    Joined:
    Feb 13, 2002
    Posts:
    6,217
    Location:
    Hampshire UK
    Hi Jan, A touch of Roman thought I think :) Quis Custodiet ipsos custodes
    "Who shall guard the guards?" :D
     
  3. gkweb

    gkweb Expert Firewall Tester

    Joined:
    Aug 29, 2003
    Posts:
    1,932
    Location:
    FRANCE, Rouen (76)
    what born first ? the egg or the Hen ? :)
     
  4. FanJ

    FanJ Guest

  5. mglenn

    mglenn Registered Member

    Joined:
    Feb 25, 2004
    Posts:
    3
    Just because you're paranoid doesn't mean someone isn't out to get you.
    And by the the way rooster came first. ;-)
     
  6. Rod S

    Rod S Registered Member

    Joined:
    Feb 5, 2004
    Posts:
    7
    heh, reminds me of a saying I came across a long time ago. Along the same lines as mglenn.

    Just because your paranoid, doesn't mean they're not after you, besides, you're not paranoid, everyone just thinks you are.
     
  7. Jason_DiamondCS

    Jason_DiamondCS Former DCS Moderator

    Joined:
    Nov 11, 2002
    Posts:
    1,046
    Location:
    Perth, Western Australia
    :eek: That is pretty funny Rod :eek: :)

    A healthy dose of paranoia is always good when dealing with computers, it also seems computing attracts people who have tendencies for paranoia, but that is another discussion.

    PG will have checksumming in the next version, of any process which gets run.

    -Jason-
     
  8. FanJ

    FanJ Guest

    ~grin~ :D

    Save those checksums secure Jason ;)
    Rod and Wayne might remember a very old discussion at the private board ;) ;)

    Cheers, Jan.
     
  9. Jason_DiamondCS

    Jason_DiamondCS Former DCS Moderator

    Joined:
    Nov 11, 2002
    Posts:
    1,046
    Location:
    Perth, Western Australia
    Since the file won't be able to be read or modified I don't think it is an issue Jan. :)

    -Jason-
     
  10. hojtsy

    hojtsy Registered Member

    Joined:
    Dec 28, 2003
    Posts:
    351
    I have read it several times that next PG will have checksums. May I have more details here? Will PG only check the checksum of the executable file itself or the loaded dlls too?

    regards,
    hojtsy
     
Thread Status:
Not open for further replies.