ProcessGuard v3.xxx Suggestions / Wishlist

Discussion in 'ProcessGuard' started by Jason_DiamondCS, Nov 3, 2004.

  1. ambolu

    ambolu Registered Member

    Joined:
    Apr 8, 2006
    Posts:
    14
    Not sure if this have been requested before.

    Future PG should allow you to block extension(s). For example: Block *.WMF files from running. It does not matter the name, as long it ended with *.WMF it stops right there.
     
  2. ejr

    ejr Registered Member

    Joined:
    Nov 19, 2005
    Posts:
    538
    I haven't used any of the versions of Process Guard. Why? Becuase I am intimidated by it. Same reason I won't use Jetico or Outpost pro firewalls. All of these programs are probably excellent security programs, I just don't have the technical knowledge to run them.

    So I would like to see a version of Process Guard that makes most of the decisions for you. Supposedly Prevx has done this with PrevxABC mode. Blackspears settings do this for NOD32. Sure would be nice to see a newbie friendly version of PG. Of couse, you must keep in mind that this is coming from someone who is too intimidated to even download and try the current version.
     
  3. Paranoid2000

    Paranoid2000 Registered Member

    Joined:
    May 2, 2004
    Posts:
    2,839
    Location:
    North West, United Kingdom
    It already does - via its Learning Mode feature (which creates permissions for any program that you run). Of course, you have to switch off Learning Mode before you can gain any protection since malware would be given access also (which is why DiamondCS recommend installing PG on a clean system).
     
  4. StriderSkorpion

    StriderSkorpion Registered Member

    Joined:
    Feb 24, 2006
    Posts:
    54
    Would it possible to add detection and prevention of OLE automation of an application as used by PCFlank's leak test? Also, what's the likelyhood of implementing an API protection scheme? Such as disallowing SendMessage to be used with Internet Explorer as is done with the first breakout leak test and some trojans.
     
  5. Ontrack16

    Ontrack16 Registered Member

    Joined:
    Jun 18, 2006
    Posts:
    5
    Allow programs to run between xxxx and yyy

    Maybe it's not the goal of the program.
    I think it's techniques could be used for management purposes.
    Eg allow programs (eg solitaire.exe) to run between xxxx (12.00) and yyyy (13.00)

    Will come in handy in offices so people don't eg play or chat during work hours and only during breaks are outside office hours
     
  6. Ontrack16

    Ontrack16 Registered Member

    Joined:
    Jun 18, 2006
    Posts:
    5
    Report intrusions to an administrator

    When an intrusion is detected somewhere on my LAN, a message should be send to an "administrator".

    The message could be an email, a popup, an event written in the event log, maybe even sms ?

    I imagine messages like :
    "User xxxxx on computer yyyyy has tried to run program zzzzzz"
     
  7. Ontrack16

    Ontrack16 Registered Member

    Joined:
    Jun 18, 2006
    Posts:
    5
    Silent installation

    I would like to get the program installed on new computers automatically.
    Installation now requires licence agreement, clicking next, ..
    Could this be automised so I can get an installation by a script or something similar
     
  8. Paranoid2000

    Paranoid2000 Registered Member

    Joined:
    May 2, 2004
    Posts:
    2,839
    Location:
    North West, United Kingdom
    Re: Allow programs to run between xxxx and yyy

    These features, while possible, would require a significant expansion of Process Guard and would be of little benefit to its current user base. On the other hand, they would be of great benefit to businesses and corporations looking to secure their networks.

    Whether DiamondCS wish to tackle this market, I cannot say - but it would require significant additions to PG (automated installation, centralised configuration and monitoring) while recent changes have focused more on its internal workings.
     
  9. WSFuser

    WSFuser Registered Member

    Joined:
    Oct 7, 2004
    Posts:
    10,632
    Re: Allow programs to run between xxxx and yyy

    PG should have a feature to scan your start menu and maybe desktop too for programs. it would be much faster than using learning mode.
     
  10. Paranoid2000

    Paranoid2000 Registered Member

    Joined:
    May 2, 2004
    Posts:
    2,839
    Location:
    North West, United Kingdom
    Re: Allow programs to run between xxxx and yyy

    This wouldn't offer much benefit unless PG was to actually run each program listed - it would have no way to determine what special permissions (install driver, etc) were needed otherwise. A better option IMHO would be the ability to prompt whenever a program attempted such access and suspend it pending a user reply (at least 2 other programs offer this).
     
  11. WSFuser

    WSFuser Registered Member

    Joined:
    Oct 7, 2004
    Posts:
    10,632
    Re: Allow programs to run between xxxx and yyy

    i should have clarified: i would just want the apps to be added to the security list.

    i would manage special permissions myself.
     
  12. WSFuser

    WSFuser Registered Member

    Joined:
    Oct 7, 2004
    Posts:
    10,632
    Re: Allow programs to run between xxxx and yyy

    ability to import/export PG settings (the lists). Currently you can backup pguard.dat and pghash.dat, but i would like an easier method. especially one that isnt version specific.
     
  13. LeeH

    LeeH Registered Member

    Joined:
    Mar 6, 2005
    Posts:
    25
    Location:
    West London, UK
    Please add these features to Process Guard:

    1) Option to add Process Guard currently running services to protection list on new version installation, general currently running processes as a separate option, or both together as a third option.

    Therefore, if using the Autoblock of new/changed progs, then you won't forget to update PG checksums and won't be locked out from the main GUI.

    OR some way for PG to auto recognise itself.



    2) Blocked execution items reported separately to those allowed - so they are not missed (can then be easily detected by user)


    3) RE: Auto allowed processes (which cannot be blocked) or warnings - clearly show what files these are



    Thanks so much.

    Best regards,
    Lee.
     
    Last edited: Aug 10, 2006
  14. bloodscourge

    bloodscourge Registered Member

    Joined:
    Jul 3, 2004
    Posts:
    372
    Location:
    France
    Hi,

    I will switch from a monocore to dualcore processor this weekend. One major problem is core affinity settings, so I thought : ProcessGuard could be a good way to set core affinity on application launch (and even remember settings...:))!

    What it could bring :
    - bypass old application incompatibility with multicore processors,
    - segment ressources : reserve one core to services & security apps (set affinity on windows startup)

    If ever integrated, I understand it won't be a top priority but... :)
     
  15. brucemc

    brucemc Registered Member

    Joined:
    May 27, 2004
    Posts:
    44
    For long-time users who have senility problems...

    Sure would be nice if we had a utility much like a registry cleaner that would go through all of our Protection entries and Security entries, as separate lists, and advise which entries no longer exist!


    Should be pretty simple for some one out there, even apart from the program's writers, to develop such, but as I have gone over the deep end between failing financial matters and having four daughters, I can't pinch-hit this one...

    Oh. And if someone would be so kind as to tell me what the heck are "GLOW" tags and what options are available, I would at least feel like I got smarter...
     
  16. LeeH

    LeeH Registered Member

    Joined:
    Mar 6, 2005
    Posts:
    25
    Location:
    West London, UK
    Just to add critical updates that I am sure DiamondCS are well aware of, please add:

    1. BETTER TERMINATION PROTECTION AGAINST NEW METHODS

    2. BETTER HOOK PROTECTION AGAINST KEYLOGGERS


    Thanks very much for your attention to any improvements with these.

    Best regards,
    Lee
     
  17. Silo24X

    Silo24X Lurker

    Joined:
    Dec 22, 2006
    Posts:
    2
    Don't know if this has been suggested yet:

    Ability to drag 'n' drop an entire folder onto the PG screen and have PG automatically checksum everything in it and add them to the protection list. This would be great for folders with large amounts of .exe files and such. Also the ability to ignore entire folders all together would be nice.