Turn off UAC for Geswall?

I am learning Geswall free on my windows 7 at the moment. But I find that Gewall requests to turn off UAC when you want to manually label a file as untrusted. Since I might add many files to untrusted manually now and then later on, I am thinking about turning off UAC permanently.

I have been favoring the UAC of windows 7 and always think it's a nice feature after it's been optimized. However,it does seem redundant if you are using HIPS too.

I am changing my security suites to Avira free+Geswall free+Windows 7 Firewall.

Ideas plz?

 

IMHO, GesWall is better suited to XP than Vista/Window 7 because as you have noticed it is not fully compatible with UAC. Further, check out their forum where there are a number of posts regarding bugs/problems with Windows 7.

So rather than turning off UAC why not think of another HIPS/sandbox?

On Windows 7/Vista there are much better options than GW including both paid (DefenseWall) or free (Threatfire/Sandboxie) alternatives.

 

GeSWall is a great product, you can use its weakness in your favour.

The advantage of GW over a lot of other applications is that it uses windows internals. Downside is that it runs into a NTFS limitation. GeSWall can't track the untrusted status over different partitions.

So I suggest you create a small extra partition on your harddrive. When you move an untrusted file into it, it becomes trusted.

For security reasons I would download PGS and implement a deny execute of that partition. see https://www.wilderssecurity.com/showpost.php?p=1544043&postcount=15 for an example (only instead of C:\Users, you would create a SRP for your new partition).

Alternatively, you can buy DefenseWall (V2). Ilya has mentioned that all V2 users will get the V3 with Firewall (outbound). Ask him whether he is still offering the free upgrade to existing users. I am currently beta testing V3 it and it is

With DW V3 you only need an AV to check the emails your sending out to friends, because you are so well protected, the mistake of thinking that with DW3 one is untoucheable for malware is a reality (simply nothing has come through yet)

Regards Kees

 

This is biggest issue with geswall. I wil not like to turn off UAC for geswall. They must fix it or geswall wil be gone.
You have an option to make files trusted via geswall console or by moving them to another partition or USB stick.
What about using norton's UAC instead if it does not interfere with geswall?

 

Hi blackcat,

Maybe you are right. I was actually looking for an hips like sandboxie. Only because that there is only beta version for 7 RTM at the moment,I turned to Geswall. And Geswall does freeze my pc occasionally.

 

Hi Kees,

As I'm only learning Geswall,I don't quite understand your method.

And Defensewall is not a freebie.


Thanks for all your replies.

 

The Sandboxie betas tend to be pretty stable so they are worth at least a try and so far I have had no problems with the latest beta, 3.39 and Windows 7

 

OT: I hated UAC, when I used Vista and I immediately disabled it ( now waiting for 7 I came back to XP ). I want and I can ensure my system security running it as admin, alone all the boring non-root/root as Linux has. And I think that one of the main aim of being in this forum is - for me surely - to go on running Windows as admin in full security.

 

Simply put, when you move an untrusted file to another disk (e.g. USB) or partition, GeSWall looses track of the untrusted state, meaning the file becomes trusted. SO when you would like to keep UAC on (plus Norton's UAC tool) and bypass the UAC issue with GeSWall, just move the file to another disk or partition and it becomes trusted.

For security reasons, you would like to apply a deny execute of this disk/partition with Software Restriction Policy (either through secpol.msc or PGS).

Regards Kees

 

Hi Kees,

I thought a normal file on my computer was labeled trusted,isn't it? So what I wanted to do was to add the file to the untrusted via right click menu. But it seems you are talking about the opposite.