17 replies to this topic

[Humpty]

After a coupla months of testing Sandboxie and Defensewall I have turned off my E-trust av,MS antispy and ZAP.

Things are certainly snappier without those three resources running,even with a gig of ram.

There are quite a few others I haven't tried such as Shadow User,Bufferzone and VMware.IMHO these virtualistion type of programs are the future in pc security.

The two virtualisation programs I have tried seem to do as stated.Any and all malaware are contained within the sandbox and are simply deleted when you empty the sandbox.

Running on demand scans with my AV,MS antispy and Ewido have come up clean.

Note I do have a hardware firewall,several ghost images and a clone on a slave drive as the ultimate security.

[Andavari]

Glad it works for you, and it's some interesting information. I must say a built-in hardware chipset-based or software OS-based sandbox would really be cool.

[Eldmannen]

Nice.

But what is Defensewall?
Shadow User, Bufferzone?

Provide info and links...

Yeh, Sandboxing is interesting...

[Humpty]

Defefensewall DefenseWall HIPS (Host Intrusion Prevention System) is the simplest and easiest way to protect yourself from malicious software (spyware, adware, keyloggers, rootkits, etc.) when you surf the Internet!

Sabdboxie Contrast this with the Sandboxie approach, which keeps the viruses and spyware trapped in the sandbox, and makes them disappear when you throw away the sandbox.

Bufferzone But now there's BufferZone, software that utterly prevents the intrusion of hostile code and eliminates updating forever.

Good discussion here under "Privacy & other Antimalaware software" on most of these virtualisation software.

[hazelnut]

Interesting to see from your "Good discussion here" link that Wilderssecurity will be soon hosting the official Ewido forums.

[rridgely]

Thanks for pointing that out hazelnut. I will have to do some reading/posting there.

[hazelnut]

I have just read up on Sandboxie from Humpty's link above.
This is something that I knew nothing about, it sounds a wonderful idea.
They only thing that put me off was the last bit of an overview page which mentioned that porn site history would no longer be a problem.
I don't think that is a good thing to point out in order to "sell" your product

[Eldmannen]

Okay, I checked the websites mentioned but none of them give me a good impression.

[Humpty]

hazelnut, on Dec 30 2005, 09:57 PM, said:

Interesting to see from your "Good discussion here" link that Wilderssecurity will be soon hosting the official Ewido forums.

Actually I think Wilders has been hosting Ewido's Official help forum for a coupla weeks now.

Have read somewhere that MS's Vista will be using virtualisation (sandbox) techniques for some of their apps.

Sorry about the the spelling to the links I provided in an earlier thread.Must have been that darn beer again.

[Andavari]

Eldmannen, on Dec 30 2005, 05:02 PM, said:

Okay, I checked the websites mentioned but none of them give me a good impression.

They didn't impress me that much either, however the DefenseWall HIPS was sort of interesting but for the price one can get HIPS protection in Sunbelt Kerio Personal Firewall paid-version which has been drastically reduced in price after the acquisition of Kerio Personal Firewall from Kerio Technologies.

Humpty, on Dec 30 2005, 09:51 PM, said:

Sorry about the the spelling to the links I provided in an earlier thread.Must have been that darn beer again.

Aye, your ail must've been giving you ailments.

[Humpty]

Here's a long but interesting thread where the authors of Bufferzone offered a $100 reward to anyone who could compromise Bufferzones security.

The author of Defensewall (HIPS) states he cracked Bufferzone in 5 mins and claimed the $100.Seems the authors of these programs are testing each others which can only make their products better.

Defensewall author claims reward.

And they seem to get a tad shirty with each other.

[kobrakommander56]

only 100, haha, i would've told them i could've cracked it, and then when they put me in a room and watch me i'd work on it for five minutes get up and get me some c4 and blow that mother apart, then claim my money.

[Humpty]

Hey Mr kobrakommander56 I don't doubt your abiltities but can you
give me a rundown on some uncrackable security software.

[Andavari]

kobrakommander56 can get into anything with his C4 collection. He must have gotten more for Christmas.

[Eldmannen]

The author of a DNS daemon called 'djbdns' has stated that he will pay 500$ to whoever finds a security flaw in 'djbdns', its been years and none have been found.

http://cr.yp.to/djbdns/guarantee.html

[Humpty]

Eldmannen, on Dec 31 2005, 09:56 PM, said:

The author of a DNS daemon called 'djbdns' has stated that he will pay 500$ to whoever finds a security flaw in 'djbdns', its been years and none have been found.

http://cr.yp.to/djbdns/guarantee.html

I don't think this is fair offer as djbdns only works under Unix which I think is another operating system.

But I'm sure a bit of C4 could get it apart.

[Eldmannen]

Yeah, but this thread wasnt about bountys on security vulnerabilities so I just pointed that out.
Mozilla Foundation supposedly give 500$ or so for bugs or security vulnerabilites or something in Firefox.

[Humpty]

German av-test.org has tested the major players in AV business against
the new Windows wmf-hole.
Nod32 was one of those who stopped all the tested 206 variants
Here are the results (in parenthesis the missed variants)
Perfect protection:
BitDefender
Computer Associates eTrust - VET
F-Secure
Kaspersky Lab
McAfee
Eset Nod32
Microsoft OneCare
Sophos
Symantec

Inadequate protection:
Alwil Avast (1)
Clam AntiVirus (1)
Aladdin eSafe (1)
Fortinet (1
AntiVir (24)
eTrust - INO (25)
Panda (25)
Ikarus (26)
Norman (26)
Ewido (47)
AVG (59)
VirusBuster (61)
QuickHeal (63)
Trend Micro (63)
Dr Web (93)
VBA32 (110)
Authentium Command (119)
F-Prot (119)

Now have a look at how Sandboxie handled the threat Does Sandboxie protect against latest exploit