SpyShelter 10

Discussion in 'other anti-malware software' started by Mops21, Jul 30, 2015.

  1. hjlbx

    hjlbx Guest

    @ichito @Rasheed187

    I create firewall rule for web browser:
    • Incoming & Outgoing
    • TCP & UDP
    • Ports - 80 & 443
    When I do this, web browsers cannot connect to internet.

    Am I missing something in creating the rule to restrict remote\destination ports ?
     
    Last edited by a moderator: Feb 21, 2016
  2. hjlbx

    hjlbx Guest

    @ichito, @Rasheed187

    Has anyone noticed that services.exe and svchost.exe are not added to Application Execution Control for apparent problems on system ?

    For example, run Automatic Maintenance manually. Except for a few objects, SpyShelter HIPS will not alert to all the other processes used.
     
  3. co22

    co22 Registered Member

    Joined:
    Nov 22, 2011
    Posts:
    405
    Location:
    router
    i have some svchost.exe rule but in log tab i see some action that are not Application Execution Control allowed
    i have no rule for services.exe also for taskeng.exe dont create any rule

    and news from spyshelter
     
  4. hjlbx

    hjlbx Guest

    @co22 - you notice too !
    • C:\System32\services.exe
    • C:\System32\svchost.exe
    • C:\System32\taskeng.exe
    NOTE: I am sure there are more. I have requested infos from SpS support, but reply did not contain infos I requested. So I am figuring out as I go.
    1. User cannot create rules manually for the above.
    2. SpS does not create Application Execution Control rules for the above - except in some specific cases - but I am still trying to determine under which situation(s).
    This is intended SpS behavior. It is to prevent creation of rule that will smash system.

    I also notice when execute System Maintenance manually, there will be no alerts for services.exe, svchost.exe, tasking.exe, taskhost.exe, ngen.exe, ngentask.exe, etc (processes used in System Maintenance) - from the System Maintenance run sequence.

    If allow System Maintenance to start automatically at system idle, then there might be ngentask.exe, ngen.exe SpS alerts, but selecting "Allow - Remember my choice" does not always create rule. This one I am not sure if it is issue\bug; SpS support says "it can happen."

    Defining Protected Folders - especially AppData and ProgramData will generate a lot of alerts.
     
    Last edited by a moderator: Feb 23, 2016
  5. hjlbx

    hjlbx Guest

    "In version 10.7, SpyShelter Firewall is going to receive a major feature, which allows to create custom global firewall rules for outgoing and incoming connections. SpyShelter 10.7 is still undergoing internal tests and should be released soon!"


    Link to post @co22 ?
     
  6. Rasheed187

    Rasheed187 Registered Member

    Joined:
    Jul 10, 2004
    Posts:
    14,825
    Location:
    The Netherlands
    I'm sorry, I can't help you with none of the questions because I don't use the firewall and anti-exe feature. About Datpol, I'm guessing it's not a big company, perhaps 5 to 10 people. It would be interesting to know how many customers they've got, I remember that around 2008 when HIPS like SSM died, products like Zemana and SS popped up.
     
  7. co22

    co22 Registered Member

    Joined:
    Nov 22, 2011
    Posts:
    405
    Location:
    router
    from facebook page

    yes same here.hope Defining Protected Folders get an options to set which exe file have access.(like somehow set and forgot).so it wont get any alert more
     
  8. aigle

    aigle Registered Member

    Joined:
    Dec 14, 2005
    Posts:
    11,161
    Location:
    UK / Pakistan
    I hope they can make their pop up alerts much more user friendly. I can't understand why they never worked on this so far.
     
  9. hjlbx

    hjlbx Guest

    The user-interface is always a sore spot.

    It is simple to use and learn though.

    I think they are focused on developing new features instead of improving interface.
     
  10. aigle

    aigle Registered Member

    Joined:
    Dec 14, 2005
    Posts:
    11,161
    Location:
    UK / Pakistan
    They can't get more paying users unless the pop up alerts are user friendly.
     
  11. ald4r1s

    ald4r1s Registered Member

    Joined:
    Apr 8, 2013
    Posts:
    53
    Pop up alerts are not user friendly only if you are using version 5 :argh:

    In my opinion the reworked pop up alert window (which was introduced like a year ago or so), is great. It looks well and includes all important information.
     
  12. co22

    co22 Registered Member

    Joined:
    Nov 22, 2011
    Posts:
    405
    Location:
    router
  13. Jerry666

    Jerry666 Registered Member

    Joined:
    May 28, 2002
    Posts:
    176
    I don't care about looks , but how it works , also would like a comprehensive how to guide on set up and use . So far seems to be working , just not 100% clear on some of the features .
     
  14. Rasheed187

    Rasheed187 Registered Member

    Joined:
    Jul 10, 2004
    Posts:
    14,825
    Location:
    The Netherlands
    Very disappointing, there are so many other things that can be improved. For example, I haven't got a clue why they still haven't added a column for allowed/blocked behavior in the log window, see first pic.

    I don't see what's wrong with the alerts? The only thing that's bugging me is that SS doesn't remember the alert window size.
     

    Attached Files:

  15. co22

    co22 Registered Member

    Joined:
    Nov 22, 2011
    Posts:
    405
    Location:
    router
    i am not sure get correct what you saying about column for allowed/blocked behavior.
    in my screen shot see red icon that is column for allowed/blocked behavior.but name of column is allow so that need change i think.
    but can be good if user able to hide allowed or blocked behavior or even sort per column.

    for me alerts windows size can not be re-sized so always same size.

    also from where you download OSSS: Security Suite?
    in their site i can not download,keep refreshing page.
    i download version 1.5 from comss.ru ,and i can not install it in windows 7.
     

    Attached Files:

    • al.png
      al.png
      File size:
      44.7 KB
      Views:
      23
  16. ald4r1s

    ald4r1s Registered Member

    Joined:
    Apr 8, 2013
    Posts:
    53

    Seems like you are using a old version since you have skinned alert window...Log window has the allowed/blocked icon since always I guess.

    Also I Just received the newsletter from SpyShelter, the SpyShelter Firewall is now discounted by 25%.

    http://i.imgur.com/YNGfZF1.png
     
  17. hjlbx

    hjlbx Guest

    A How-To guide and more in-depth feature explanations in Help file would be beneficial.

    That being said, existing GUI could be improved by making some minor changes.

    The existing GUI does get the job done - and it is very light.

    SpyShelter Firewall is still very good product despite some minor annoyances.

    But I have to admit, users today expect a much more refined and polished user-interface.
     
    Last edited by a moderator: Feb 24, 2016
  18. hjlbx

    hjlbx Guest

    This was broken in 10.6.9 but is now fixed in 10.7.
     
  19. co22

    co22 Registered Member

    Joined:
    Nov 22, 2011
    Posts:
    405
    Location:
    router
  20. hjlbx

    hjlbx Guest

    The new Network Zone functionality is more or less for business or other users that wish to define network zones (IP addresses) for LANs.

    The typical home user with a single system will have no need of the Network Zone feature.
     
  21. ald4r1s

    ald4r1s Registered Member

    Joined:
    Apr 8, 2013
    Posts:
    53
    Please stop spreading misinformation. You clearly don't know what Network Zones feature is used for.

    With Network Zones you can simply filter all connections, e.g.. block/allow outbound/inbound connections.

    Couple examples:

    If you are using Windows 10 and are paranoid about telemetry, you can create a network zone which will stop your WHOLE SYSTEM from connecting with specified IP/Ip range.
    If you want to block some websites, you can create a network zone which will stop your WHOLE SYSTEM from connecting with specified IP/Ip range.

    ...

    SPS with this update became a full-blown firewall.
     
    Last edited: Feb 25, 2016
  22. hjlbx

    hjlbx Guest

    Yes. I know what network zones are. 99.9 % of home users do not utilize them; the vast majority of network zones are created and utilized by businesses.

    The discussion of pirated or cracked softs - or methods to successfully use them - is not permitted according to forum rules.
     
    Last edited by a moderator: Feb 25, 2016
  23. scorpionv

    scorpionv Registered Member

    Joined:
    Jan 28, 2016
    Posts:
    33
    Well, I figured that out a while ago, see my previous post:
    Looks however that SpyShelter has been improved, as I now cannot reproduce the above. The AEC blocks do now show up in the Log Window, and in the log file. Thumbs up :)
     
    Last edited: Feb 25, 2016
  24. scorpionv

    scorpionv Registered Member

    Joined:
    Jan 28, 2016
    Posts:
    33
    Tried them all, and still no show. Only a complete Firewall disable on the first tab, followed by reconnecting the VPN does the trick.

    However, I found out that once I gained access with disabled Firewall, the access persists, even when I re-enable the Firewall and reconnect the VPN. Could it be that NetBIOS is being blocked or something?
     
  25. co22

    co22 Registered Member

    Joined:
    Nov 22, 2011
    Posts:
    405
    Location:
    router
    @scorpionv

    download CurrPorts (enable loging)from nirsoft disable firewall part.see what port or connection made then make trusted zone for them then see what happen.
    maybe that is help you i am not sure work
     
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.