What is AppGuard

sounds good eirik cool and thanks for fast reply

 

Maybe you can add an exclusion list? It would be very good to add!

TH

 

password protection also

 

In the interests of simplicity and an easy user-experience, we prefer to avoid application-specific features or tweaks. That said, those two interests I mentioned, could possibly compel us to do exclusion lists. We're weighing options.

Eirik

 

Do you want password protection to prevent unauthorized changes to settings and the guard list from:

• end-users (with or without admin rights?) whose AppGuard is administered by someone else

• malware

• something/one else

I want to make sure I understand the problem and environment we're looking to solve.

Cheers,

Eirik

 

something/one else

 

heya Eirik!this is a little whishlist from me
-compatibility with sandboxie
-it would be nice to add a symbolism to guarded apps (like sbie uses # or dw uses * )..
-It did GREAT with some malware i threw on it <passed the cornflicker worm>.
-It would be nice if user could have a desktop link to "enter an install mode" and give him a window "now install your programm and press ok when you have succesfully completed it" and that would automatically turn protection on again.that is because if you download and install stuff disabling and forgeting it disabled,even for 5 minutes is risky.
-add opera browser to built in list.
-add password protection for settings so that parents can fix a safe computer for the children.
-in winXP if you try to manualy update windows it is done from windows explorer,which can make a big BOOM if you do not estimate correctly how long will the update take to set the protection off for.didn't try from auto update yet.
-and ability in an "advanced option area" to import file extensions to be blocked would be nice too.

-one of the greatest fashions nowadays are portable applications..a not to users that they can place their portables in c:/program files and send shortcuts to desktop would be nice (since they wouldn't run as pure executables being double clicked).

thats all for now,will come back with more.overall i liked it very very much

P.S : can you tell me which file types it blocks by default please? (like .exe .msi ....)
Thanks!

 

it blocks exe but not msi

 

Hi Eirik,

maybe a temporary exclusion with shell integration would be interested... (for administrator accounts I mean)
For example:
If we want to print a pdf file we can't. But if there was an entry on the explorer shell like "exclude for x minutes" we could right click on adobe, exclude temporary and print the pdf.
The same when a user wants to lanch an portable or standalone application from the user space. He would be able to execute it without disabling the anti-drive/bydownload protection.
Not properly an exlusion list but more like selective deactivated inclusion (instead of going through the guide and deactivate it there).

I want it for end users (in combination with the extended anti-drivebydownload; in chase you implement such a feature).
In family enviroments, it could be very usefull, since most people do not understand how to properly administrate their pc, (a lot do not even know that they can to set multiple accounts).

Panagiotis

 

Yes,that would be the case when kids need to play games so they must be in admin accounts(many games use direct memory access so they need write acess)

 

I have uninstalled AppGuard until next version to see what the changes will be!

TH

 

over the weekend i will try drive by downloads malware againts this beauty
to see it's potential

 

Jmonge asked of the next AppGuard and EdgeGuard Solo releases. I'd of answered sooner but was quite distracted with the flu.

I'm expecting to have a new AppGuard for release a week from this Friday (20th), barring any unexpected delays. I was expecting it on the 13th but we had to run EdgeGuard for some unscheduled QA testing this week, which is an example of one of those unexpected delays. There's a post earlier in this thread with details of what is to come in the release, which is why I posted the answer Jmonge's question here.

I still do not have a date for EdgeGuard Solo. This is why we ran the AppGuard promotion for Solo users.

Cheers,

Eirik

 

thanks Eirik

 

I read one post where someone had successfully blocked the USB form of a Conficker attack. Have you used AppGuard to deflect other USB attacks?

Cheers,

Eirik

 

Hi Eirik,

I installed AppGuard when you made it available and like it more each day!
Been working flawless with CIS and it is very lite as you stated previously.

The only change I'd like to see is an extension of the suspended times which already has been mentioned.

5 minutes is fine but an option to set it at 10 or so minutes would be great.
The default 5 minutes sometimes is not enough and cutting it very close.

Thanks for all you do here!
Dan

 

As posted earlier, AppGuard is a nice application, only one thing does not work at my PC. I have moved my Documents (in XP) to D:\ and Appguard does not block executables from a moved My documents folder.

Cheers

 

so if you move files from c to d appguard does not protect?

 

Hi can i have a link for new version?

 

AppGuard needs to improve its ability to recognize added/altered user-space: partitions and external drives. I don't have a release date for this capabilty right now.

Cheers,

Eirik

 

The Feb 20 release will be available to those that participated in the AppGuard giveaway last month.

Eirik

 

With the talk of cofiguration files, what form of protection to you intend to use on those? Once AppGuard becomes a legitimate solution for exploits, you can be certain it will be targeted. What better and easier method for bringing down protetion than modifying a configuration file. This assumes of course that something can get by security defenses in the first place.

Sul.

 

The March/April release will include a wizard/module for business administrators or 'friend' administrators to easily create new configuration files for AppGuard installations. The AppGuard agents under their care will only accept digitally signed files. With this in place, we'll be able to implement the remaining protections from attacks on AppGuard configuration files.

AppGuard self-protection will be comparable to mainstream security software but not as robust as EdgeGuard, which some consider extreme.

Cheers,

Eirik

 

thanks