Wormguard 4 Suggestions

Discussion in 'WormGuard' started by Jason_DiamondCS, Dec 18, 2002.

  1. Mr.Blaze

    Mr.Blaze The Newbie Welcome Wagon

    Joined:
    Feb 3, 2003
    Posts:
    2,842
    Location:
    on the sofa
    :Dworm guard 4 today now lol
     
  2. hojtsy

    hojtsy Registered Member

    Joined:
    Dec 28, 2003
    Posts:
    351
    I suggest to include a digital signature in each .dll file distributed with WG4 (well also TDS4+PG2), and then the WG4 exe file could verify that before loading it. This could protect from a subset of dll hijacking attacks.
     
  3. tutankamon

    tutankamon Registered Member

    Joined:
    Jul 10, 2003
    Posts:
    170
    Location:
    Lancashire U.K.
    Hi Bigshot,
    I do not have an "address book" simply because, even though I have as much protection as possible on my computer I do not want to spread any worm or virus to my friends. So I use the old fashioned way of typing their address in, instead of keeping an address book. Thus reducing the spread of so big, netsky etc.
     
  4. Jooske

    Jooske Registered Member

    Joined:
    Feb 12, 2002
    Posts:
    9,713
    Location:
    Netherlands, EU near the sea
    Hey Tut, that would be an excellent file to keep encrypted in your CryptoSuite.
    But WG should protect against such worms even starting to run at all.
     
  5. tutankamon

    tutankamon Registered Member

    Joined:
    Jul 10, 2003
    Posts:
    170
    Location:
    Lancashire U.K.
    Hi Jooske,
    Yes you are correct about WG protecting me, but I am trying to take every possibilty into account, anyway typing addresses in is good practice.
     
  6. Jooske

    Jooske Registered Member

    Joined:
    Feb 12, 2002
    Posts:
    9,713
    Location:
    Netherlands, EU near the sea
    You do have CryptoSuite as well in the meantime i hope? Think it's nice to keep all passwordlogfiles and addressbooks inthere, everything sensitive open for any abuse and preying eyes

    Does this mean you delete all emails too to prevent harvesting from emails and documents, even from textfiles?
     
  7. cyberblob

    cyberblob Registered Member

    Joined:
    Feb 13, 2002
    Posts:
    6
    Location:
    Melbourne, Australia
    Hi Jason
    it would be appreciated if the new ver Wormguard 4 has database updates like your TDS 3 etc

    Regards CyberBlob *puppy*
     
  8. Pilli

    Pilli Registered Member

    Joined:
    Feb 13, 2002
    Posts:
    6,217
    Location:
    Hampshire UK
    Hi Cyberblob,
    Your wish will be granted, as it has been stated previously, though I cannot find the thread ATM :)
    I am not sure exactly what path the updates will take, hopefully Gavin will explain.
     
  9. dallen

    dallen Registered Member

    Joined:
    May 11, 2003
    Posts:
    824
    Location:
    United States
    I have a suggestion. Work harder, faster, more efficiently, and/or more effectively. Finish something.
     
  10. wizardavc

    wizardavc Registered Member

    Joined:
    Jun 22, 2003
    Posts:
    31
    I agree.

     
  11. Dardasaba

    Dardasaba Registered Member

    Joined:
    Feb 16, 2004
    Posts:
    38
    Location:
    Israel
    I apologize if it has been posted before, I got too lazy at the 2nd page.
    How about an option to disable things that wormguard can be triggered by?
    Such as multiple extensions... I have windows set to show all the extensions, so I have no use for it, it just annoys me when I try to open legit files that have v1.5 or something of that sort in them and then, that big WG window pop ups, and as if that's not enough, when I select 'always allow' another window pops up asking me if I'm sure...
    Ofcourse I'm sure! Why else would I press on ito_O :p
     
  12. Jooske

    Jooske Registered Member

    Joined:
    Feb 12, 2002
    Posts:
    9,713
    Location:
    Netherlands, EU near the sea
    You can exclude files so they are a.llowed always, but i would not be happy with all dual extensions ignored like
    document.text.................(many spaces)........ exe
    etc.
     
  13. dallen

    dallen Registered Member

    Joined:
    May 11, 2003
    Posts:
    824
    Location:
    United States
    Cyberblob,
    I am no expert, but I think it's better that WG4 not have a database to update, but rather recognize code that worms use and stop them that way. Again, I'm no expert.

    Dardasaba,
    I think Jooske is right. WormGuard is simply protecting your system by responding. One way of stopping WG from annoying you would be to simply disable its protection.
     
  14. Dardasaba

    Dardasaba Registered Member

    Joined:
    Feb 16, 2004
    Posts:
    38
    Location:
    Israel
    There are things that I want WG to protect me from, and there are things that I don't.
    All I wanted was to have an option to disable warnings about multiple extensions, not have it disabled by default.
    All those warnings get repetetive and I tend to ignore WG's warnings because of that.
     
  15. dallen

    dallen Registered Member

    Joined:
    May 11, 2003
    Posts:
    824
    Location:
    United States
    Dardasaba,
    Initially, I was just giving you a hard time, but the more I think about it the more I think that you raise a good point. One can become desensitized to the alerts and complaisant by getting used to saying "OK...run the file" every time. Next thing you know you just gave permission to the wrong thing.

    I am going to step out of my league here and as a technical question. Are the only files that we have to worry about deceiving us by using multiple extension .exe file that are masquerading as something else? Or are there others? My guess is that there are others. If there are a select few, then why not work something into the program that allows for example a .doc file with multiple extensions to run. Maybe I'm answering my own question here, but my guess is that due to executable macros that can be contained within files like .xls files this would be very dangerous. Just a thought.
     
  16. Dardasaba

    Dardasaba Registered Member

    Joined:
    Feb 16, 2004
    Posts:
    38
    Location:
    Israel
    Any chance of getting a reply about my suggestion from the development team? :'(
     
  17. Jooske

    Jooske Registered Member

    Joined:
    Feb 12, 2002
    Posts:
    9,713
    Location:
    Netherlands, EU near the sea
    I receive more often then i like doc and xls files these days as attachments and get warnings each time, why? because of multiple extensions in the naming.
    file first version01.05.04.doc of course that triggers alarms, but i see macros mentioned too. I always ask the sender about it. Sometimes i take the trouble to rename such a file so it has only one extension and gtry again, i might upload it on the kaspersky online scanner for a second opinion, etc.
    But if i get it from a source which forwarded me recently one of the hoaxes to remove the "jb..." bear virus from my system i don't consider that a reliable source so i do take all possible scans to make sure the file should be ok before i open it. And wormguard will keep beeping on the file, surely!
    Take the trouble of looking at it in safe mode and WG will tell you what it finds suspicious enabling you to decide better.
     
  18. Dardasaba

    Dardasaba Registered Member

    Joined:
    Feb 16, 2004
    Posts:
    38
    Location:
    Israel
  19. Dardasabaa

    Dardasabaa Guest

    New Suggestion:
    Since most worms propogate through e mail, I would love to see a "safe" mail client in wormguard, in the style of "The Bat!".
     
  20. Access Denied

    Access Denied Registered Member

    Joined:
    Aug 8, 2003
    Posts:
    927
    Location:
    Computer Chair
    Wormguard 4 in June would be nice
     
  21. Wayne - DiamondCS

    Wayne - DiamondCS Security Expert

    Joined:
    Jul 19, 2002
    Posts:
    1,533
    Location:
    Perth, Oz
    We receive hundreds of suggestions for our software on a very regular basis, it's simply not possible to respond to them all or we'd be spending all our time working on replying to suggestions rather than implementing them. Many good suggestions have been made by a lot of people and the best ones will certainly be incorporated where possible, but please forgive us if we don't have time to discuss your suggestions.

    Regards,
    Wayne
     
  22. poogimmal

    poogimmal Registered Member

    Joined:
    May 7, 2004
    Posts:
    79
    keep it "as is", running in deep background without slowing down the system. I have enough bells and whistles. then again, I don't know enough about worms to make a really meaningful comment. but I assume it's design is basically a good one and strong, so why make it obtrusive with options if that's not it's purpose.
     
  23. cjtc

    cjtc Registered Member

    Joined:
    Apr 16, 2004
    Posts:
    22
    Location:
    Swindon, UK
    How about fixing the bug in which the Windows XP Help and Support won't come up from the Start menu? It gives an error dialog about an invalid windows program. Wanna get rid of that shortcut from my desktop.
     
  24. Access Denied

    Access Denied Registered Member

    Joined:
    Aug 8, 2003
    Posts:
    927
    Location:
    Computer Chair
  25. Dazed_and_Confused

    Dazed_and_Confused Registered Member

    Joined:
    Mar 4, 2004
    Posts:
    1,831
    Location:
    USA
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.