With L n S installed DEP prevents....

Discussion in 'LnS English Forum' started by CJsDad, Jan 3, 2007.

Thread Status:
Not open for further replies.
  1. CJsDad

    CJsDad Registered Member

    Joined:
    Jan 22, 2006
    Posts:
    618
    Generic Host Process for Win32 Services and Spooler Subsystem from running.
    Is there a way to work around this?
     
  2. Frederic

    Frederic LnS Developer

    Joined:
    Jan 9, 2003
    Posts:
    4,354
    Location:
    France
    Don't enable "Watch thread injection" and "Watch DNS calls" in the advanced options. These options are not compatible with DEP.

    Frederic
     
  3. CJsDad

    CJsDad Registered Member

    Joined:
    Jan 22, 2006
    Posts:
    618
    That seems to work.

    Thanks Frederic.
     
  4. Pigitus

    Pigitus Registered Member

    Joined:
    Jun 29, 2004
    Posts:
    97
    Location:
    USA
    In a new machine with Windows Media Center and LnS 2.05p2, unchecking the thread injection control in LnS was all it took to stop the conflict with SVCHOST.EXE and other Windows files. Windows seems to tolerate leaving the DNS control option checked.
    ==========================

    Windows' new Data Execution Prevention (DEP) development begs 2 questions.

    1. Is it a satisfactory long-term solution for LnS to SURRENDER thread injection control to Windows?

    2. More generally, is Windows slowly getting secure enough that it is displacing some 3rd-party products by plucking more and more security features away from them?


    To 1. I don't understand the technical details to even guess the answer. All I know is that MS has a long history of security sloppiness, but it also looks as if it's trying to shape up. Would the more saavy posters address this issue?

    To 2. The record is that MS honors ignorance in its customers so much that it may not be a serious threat to the security industry any time soon. But I suspect that many software will get into increasing conflict with Windows every time Windows updates. This will force all of us to rethink our security strategies in terms of different software combinations, won't it?

    For almost 2 years, I had a reasonably satisfactory security arrangement which distracted me little from my work:

    SPI firewall router,
    LnS,
    NOD32,
    ProcessGuard,
    Prevx Home replaced by Prevx Pro,
    Firefox browser on practically safe sites (except for a few incompatible sites, and then SpywareStopper to guard against IE),
    Disabled Windows services such as Server, Telnet, Remote Registry, Remote Desktop, etc.
    Choicemail which limited incoming mail to those with addresses in my address book and set the others in a safe place
    PortExplorer on a separate screen sometimes to keep an eye on where programs are going
    Rare Windows updates
    Last but not least, strong encryption of key personal files and backing up of personal and settings files.


    About 5 or 6 scans over those 2 years revealed nothing (apparently) got through (but to those who see a whole, your comments are welcomed.)

    Now it looks I'll have to invest more time on boards to watch developments. But I'll keep the upheaval to a minimum by staying away from Vista for a long time and not updating Windows too often.
     
    Last edited: Jan 16, 2007
Thread Status:
Not open for further replies.