question on general protection options

Discussion in 'ProcessGuard' started by joeblow, Jan 27, 2004.

Thread Status:
Not open for further replies.
  1. joeblow

    joeblow Registered Member

    Joined:
    Jan 23, 2004
    Posts:
    7
    I just installed pg and have been reading the help files and this group. It seems to be working pretty well, but I'm confused about some of the options listed in protection/general protection options.

    Some of them, such as Block end task from terminating applications, seem to be set as part of the 'blocked' options for each application that is listed in pg. Does that one, for example, have to be ticked in protection/general protection options before it can be used in the individual applications, or is it something different?

    From articles here, it looks like Block Global Hooks should be turned on, but what of the others? I haven't seen mention of them:

    Block dll files from being added to appinit_dlls registry key
    Block drivers and services from installing
    Block end task from terminating applications.

    thanks. It looks like an excellent product.
     
  2. Pilli

    Pilli Registered Member

    Joined:
    Feb 13, 2002
    Posts:
    6,217
    Location:
    Hampshire UK
    Hello joeblow and welcome,

    Protection - General protection options should all normally be enabled.
    Blocked privileges would normally be as the default
    Allow privileges applys only to listed programmes thus allowing, for instace, Task Manager (if listed) to terminate another listed programme. So individual App allows only work within the list.

    When you highlight a listed programme and select options from the drop down list.
    i.e. Close Message handling - Allow Global hooks & Allow Drivers/services install - The following criteria may be applied.

    Close Message handling (CMH) should be applied to security programmes such as your firewall, BTW ZA does not need this as it has adequate protection whereas Out post does not :) Both my AV, AT Port Explorer, Crypto Suite & several other App's have CMH enabled.

    Few programmes will require Allow Global hooks & Allow drivers/services install.

    Process Guard's default list covers most vulnerable system processes and these have preset settings which should be OK for most users.

    When you add to the list you can see what may need allows by watching the windows log.

    We are still learning about all the rules that may or may not be applied to the multitude of applications out there :)

    Hope this helps. Pilli
     
Thread Status:
Not open for further replies.