What can go wrong if ..

Discussion in 'Ghost Security Suite (GSS)' started by tuatara, Nov 20, 2005.

Thread Status:
Not open for further replies.
  1. tuatara

    tuatara Registered Member

    Joined:
    Apr 7, 2004
    Posts:
    772
    @ Jason,

    A few days ago i found this new freeware:
    http://www.resplendence.com/hookanalyzer

    See:
    https://www.wilderssecurity.com/showthread.php?p=611870#post611870

    It shows which kernel hooked services that are used.

    When i looked at that i saw that Ghost Security Suite
    (Regdefend and AppDefend) are of course in the list,
    but i see Kasperksy a lot there too.

    Can you inform me if they all use there own hooked services,
    or are these hooked services that be used for one Security Application OR
    another.

    With other words can i have problems, because these applications
    want to use the same resources/ or kernel hooks/hooked services?

    Over the years i have experienced that you can combine the most security tools, except Anti Virus apps.

    Everybody tells you that you can't use 2 firewalls, and it is of course
    not logical, but when i test this, in most cases it did not gave any problems.
    (i only tested to see WHAT/WHERE the problems should be).

    For this (for me quite new) apps like Appdefend , and partly overlapping features in ProcessGuard and Kis2006Beta or Tiny Personal Firewall 2005 Pro i really have no idea what the impact will be by using them together.

    Will that disable some features (or malfunction) in one or the other?

    Please give a technical answer, because i know you can,
    others will only say that it is not neccessary to use them together,
    but i like to learn why.

    Thanks in advance,

    ---
     
  2. Jason_R0

    Jason_R0 Developer

    Joined:
    Feb 16, 2005
    Posts:
    1,038
    Location:
    Australia
    Theoritically there is little chance of issues arrising out of multiple programs hooking services. Assuming all the programs you are using are properly made that is.

    I would just warn you that the KAV programmers still havn't managed to "grasp important concepts" when it comes to writing a lot of kernel components. And as such you will probably experience quite a few issues with their drivers. I know this after debugging crash dumps from my machine, a few of my beta testers and also some customers. :)

    *edit* I don't want to look like I am only blaming KAV for having bad drivers, as other companies do aswell. I also hope that they work out their issues for their upcoming products. :)
     
    Last edited: Nov 20, 2005
  3. Defenestration

    Defenestration Registered Member

    Joined:
    Jul 17, 2004
    Posts:
    1,086
    Ever thought of doing some consultancy work for Kaspersky to teach their developers these important concepts ? :)
     
  4. tuatara

    tuatara Registered Member

    Joined:
    Apr 7, 2004
    Posts:
    772
    I think i am going to install NOD32 on that system,i am a licenced user anyway, and test K. on another system.

    thanks Jason.
     
  5. Defenestration

    Defenestration Registered Member

    Joined:
    Jul 17, 2004
    Posts:
    1,086
    Hi Jason,

    Being a user and a fan of Kaspersky products (I'm currently testing KAV/KIS 6 beta, and intend to use it when it goes final), I would be interested to know exactly what the problems are with Kaspersky kernel components, and what important concepts they haven't grasped. Please give a more technical answer.

    If you don't mind I would then point them to this thread to begin a discussion.

    I for one want to use GSS and KAV/KIS 6, and want them to run harmoniously together. I joked about you working for Kaspersky on a contract basis, but if you could convince the Kaspersky developers there are problems with the way they are implementing kernel components, then they might well offer you some contract work to teach them the correct way of doing things, if you were so inclined.

    Even if you're not interested in working for Kaspersky in any way, I'd still appreciate an answer as to what they are doing wrong.
     
  6. Jason_R0

    Jason_R0 Developer

    Joined:
    Feb 16, 2005
    Posts:
    1,038
    Location:
    Australia
    Hi Defenestration,

    Kaspersky is a big company with many employees, if they want to figure out why their drivers are causing blue screens on their own, and in combination with other software then they are going to have to figure it out on their own.

    I am not in the business of debugging other drivers past the point to where I know what is causing a particular issue with one of my customers or beta testers machines. It isn't worthwhile to my customers to help Kaspersky write their drivers when I am trying to get AppDefend onto a final release. :)
     
  7. Peter2150

    Peter2150 Global Moderator

    Joined:
    Sep 20, 2003
    Posts:
    17,047
    This all might be a mute point. I've also been running Kav2006 beta since build 217. Now is Kav 6.0 build 260. I had a couple of BSOD's early on, but haven't had any problems since. For quite a while there Proactive Defense didn't work right, but they have been slowly fixing those issues. I don't think the protection is near what Ghost Security provides, but it is working

    As of right now KAV is quite stable, and plays well with Regdefend and Appdefend.

    Pete
     
  8. Defenestration

    Defenestration Registered Member

    Joined:
    Jul 17, 2004
    Posts:
    1,086
    I didn't realise it was just BSOD's that were the problem. I thought you had identified particular implementation problems with their kernel drivers.

    I have been running the Kaspersky betas ever since they were first released and only experienced about 2 BSOD's.

    Your reply has put my mind at rest that Kaspersky's kernel drivers are not that badly implemented, but instead just suffering from a few bugs.

    BTW, any more news on when we might get the next AD beta (it's been 2 weeks since you said the next beta would be released in 1 or 2 weeks :) ) ?

    Yes, I am a bit of a beta junkie! :D
     
Thread Status:
Not open for further replies.