Trojan trouble

Discussion in 'other security issues & news' started by nospieshere, Oct 20, 2005.

Thread Status:
Not open for further replies.
  1. nospieshere

    nospieshere Guest

    ZA free firewall 4.5 fails pcaudit and other leak tests. The only defense seems to be ProcessGuard free which flags me and will not let it run without my permission. Can anyone explain in simple terms how these tests can slip through firewall when all progs are set to ask permission? Am I wasting my time trying to secure the PC with AV and several anti spy/ security progs?
    As far as i understand these trojan/ mawlare need to inject themselves into genuine processes that have internet access through firewall. Is there any way to stop this. What is a sandbox and will it help?

    If I get an extra external drive and place my personal data on that then connect it to computer when I want to use it and disconnect it when sufing will that protect me? Or will the fact that it was conneced to PC leave a record somewhere that a trojan can access
     
  2. Pilli

    Pilli Registered Member

    Joined:
    Feb 13, 2002
    Posts:
    6,217
    Location:
    Hampshire UK
    Hi nospieshere, As this is not directly a TDS support question as TDS3 is no longer supported by DCS for some of the reasons you have described in your post, I thought it would be better placed in this forum as you are covering quite a big question regarding firewalls, AVs and ATs etc.

    Personally I prefer proactive programs such as PG and RD for my protection, using these to protect my other security apps and stopping many of the current new wave of attacks such as rootkits.

    Pilli :)
     
  3. nospieshere

    nospieshere Guest

    OK sorry if I posted in wrong place. You write" Personally I prefer proactive programs such as PG and RD for my protection" Is this good enough the firewall is vulnerable to leaktest BUT only if I allow it by PG. Is PG a sandbox program? I do not understand sandbox. I am googling as well
     
  4. Pilli

    Pilli Registered Member

    Joined:
    Feb 13, 2002
    Posts:
    6,217
    Location:
    Hampshire UK
    PG is a type of sandbox with regards to processes, once set up, no .exe can run without explicit permission of the user, this is done using PG's security list, on top of that is the process list which can give protected processes specific permissions, in addition there are several global protection methods for services, drivers, global hooks, physical memory, dynamic .dll injection and Close Message handling.

    Go to www.diamoncs.com.au for further information about how PG deals with these attack vectors.

    RegDefend protects specific areas within the registry which can be user defined, visit www.ghostsecurity.com for more in depth information and is a very capable program protecting areas not touched by PG.

    HTH Pilli
     
  5. nospieshere

    nospieshere Guest

    I downloaded Sandboxie but am not sure how to use it . If I run IE in Sandbox does that mean it willl not be vulnerable to trojan/ DLL injection?
     
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.