Core Force Security
Page 1 of 2 12 LastLast
Results 1 to 10 of 11

Thread: Core Force Security

  1. #1
    AO Ancient: Team Leader
    Join Date
    Oct 2002
    Posts
    5,197

    Core Force Security

    I came across this somewhere recently and it seems interesting.

    Does anyone have any experience with it?

    Any thoughts about it as a concept?
    Don\'t SYN us.... We\'ll SYN you.....
    \"A nation that draws too broad a difference between its scholars and its warriors will have its thinking done by cowards, and its fighting done by fools.\" - Thucydides

  2. #2
    Banned
    Join Date
    May 2003
    Posts
    1,004
    Permissions are enforced by custom device drivers running at kernel level.
    Concerns me...

    It seems they've attempted to replace the Windows policy rather than compliment and expand on it. The inclusion of network controls indicates to me that this third party application has way too much system access under normal operation.

    The user can change this level at any time, according to the task he/she is performing.
    If none of the standard security levels meets the needs of the user, he/she can change them by enabling and disabling individual policies.
    This seems to pretty much defeat the point of the security... the ability to toggle it so makes me think people are better off with the basic Windows policy.

    CORE FORCE does not protect the workstation from malicious users with legitimate access to the system.
    Or users that do dumb things or get tricked?

    Also it cannot be configured on a per-user basis.
    So if this gives an admin the same settings as a normal user...?

    cheers,

    catch

  3. #3
    AO Ancient: Team Leader
    Join Date
    Oct 2002
    Posts
    5,197
    Catch: Yeah, I had some concerns about the drivers rather than using WinX's built in stuff to get the same effect and was worried about them conflicting in a pre-secured box.....

    Well... I had read the forum to get a feel for it and figured WTH.... I'll play with it.... It recognizes AD per the responses in the forums..... So I installed it....

    Funny old thing.... I can't log in to the domain.... The firewall seems to have been blocking it. So I jump into safe mode to disable it come back to normal mode as an administrator and it won't run.... Now, I have some restrictions on this box but they aren't draconian but I do have a lot of...errrr... shall we say "non-standard" stuff going on day and night.... The decision wasn't too hard - I can't be bothered with all the tweaking I would have to do to allow what I need to happen on this box to happen..... It is already uninstalled.....
    Don\'t SYN us.... We\'ll SYN you.....
    \"A nation that draws too broad a difference between its scholars and its warriors will have its thinking done by cowards, and its fighting done by fools.\" - Thucydides

  4. #4
    AO Senior Cow-beller
    Moderator
    zencoder's Avatar
    Join Date
    Dec 2004
    Location
    Mountain standard tribe.
    Posts
    1,177
    Just from reading your posts, it sounds like someone is trying to sell a halfbaked security concept that the ill-advised or un-learned will think to be a solid and robust system, but will actually provide only marginal security while driving up the support related revenue of the program developers.

    Remember all those "Anti-BO" applications that became so popular in the late 90's when dildog and the CODC released the first version(s) of Back Orifice? Sounds similar...but I have no facts to base this comment on, just the discussion above.
    "Data is not necessarily information. Information does not necessarily lead to knowledge. And knowledge is not always sufficient to discover truth and breed wisdom." --Spaf
    Anyone who is capable of getting themselves made president should on no account be allowed to do the job. --Douglas Adams (1952-2001)
    "...people find it far easier to forgive others for being wrong than being right." - Albus Percival Wulfric Brian Dumbledore

  5. #5
    Leftie Linux Lover the_JinX's Avatar
    Join Date
    Nov 2001
    Location
    Beverwijk Netherlands
    Posts
    2,535
    I never trust sites that want you to "QUOTE"Join the Community"QUOTE" on their frontpage..

    What a bunch of crap !

    Just look at the screenshots especially the first one
    ASCII stupid question, get a stupid ANSI.
    When in Russia, pet a PETSCII.

    Get your ass over to SLAYRadio the best station for C64 Remixes !

  6. #6
    AO Part Timer
    Join Date
    Feb 2003
    Posts
    332
    /lurking
    What happened to the cult of the dead cow anyway?
    Your heart was talking, not your mind.
    -Tiger Shark

  7. #7
    AO Ancient: Team Leader
    Join Date
    Oct 2002
    Posts
    5,197
    Dopey old man..... Long time, no type.... How you been?

    Jinx: I've seen some great software in terms of what it does that looks like utter crap, (in fact a lot of the Db interfaces I have ever written were rubbish - but I'm not an artiste), so screenshots are no longer a major factor in my decision making process....
    Don\'t SYN us.... We\'ll SYN you.....
    \"A nation that draws too broad a difference between its scholars and its warriors will have its thinking done by cowards, and its fighting done by fools.\" - Thucydides

  8. #8
    Super Moderator
    Know-it-All Master Beaver

    Join Date
    Jan 2003
    Posts
    3,914
    Hey Hey,

    I haven't tried the software yet... Friday afternoons I usually name, so I'll set up a VM and give it a go...

    I just wanted to comment now that I'm surprised with the bad reviews that it's getting... Core Security is a fairly well known name and their other products are quite impressive..

    Those of you that have played with it so far... have you looked at it from a personal point of view or an enterprise point of view...

    Tiger Shark: The fact that it's designed for personal use might be why it stopped your communication with the domain... It's not an enterprise product so why support "Enterprise Functionality".... Everest (a name most of us probably know) actually won't install it's Personal version on a machine joined to a domain.. Perhaps a security profile will be released as it matures to allow it functionality on a Domain. When you say it won't run, what exactly do you mean... the software won't run after you've disabled it? Perhaps that's not such a bad feature... not allowing people to jump in safe mode to disable the security it's providing?... Just guessing, since I haven't used it and i'm unsure of what you mean.


    the_JinX:
    www.suse.com -- Cool Communities Link
    fedora.redhat.com -- Participate Link
    www.antionline.com -- "Get an Account on AntiOnline -- It's Free"
    www.gnome.org -- Here, you can learn more about GNOME as a whole, get involved in GNOME software development, or participate in email discussion lists and news forums.

    A lot of websites have join our site, join the community links... why is this one any different?

    Peace,
    HT
    IT Blog: .:Computer Defense:.
    PnCHd (Pronounced Pinched): Acronym - Point 'n Click Hacked. As in: "That website was pinched" or "The skiddie pinched my computer because I forgot to patch".

  9. #9
    AO Ancient: Team Leader
    Join Date
    Oct 2002
    Posts
    5,197
    HT:

    It failed to connect to it's own database even if I logged in as a domain admin whether it was enabled or disabled..... So I quit at that point... I was looking at it from certain boxes on my network. If I have to wrestle with something to get it's most basic functionality I quickly lose interest because, in general, if it has to be wrestled with at the lower levels it is almost impossible to work with at the higher levels.

    As far as the Personal Use/Commercial Use issue:

    [RANT]
    I'm beginning to get a little peeved with this recently. The line between the architecture of a commercial network and a personal network has blurred significantly in the last couple of years. My home network runs a pair of Win2k servers and three workstations. I have an AD domain running but it is still my _personal_ network. But, because I have a domain and servers, (depending upon the situation), I am precluded from personal editions of such things as AV and other products. That sucks. My home network is entirely non-commercial. I run no business on it or from it but because of the nature of the operating systems I run, (AD domain or file servers), I cannot utilize something that is free for personal use...... They simply won't install. In some cases even the trial versions won't install so I end up with an inferior product or no product. How does that help them sell me anything??? It's dumb!!!! What's even dumber is that the license states "free for non-commercial use". Now, I work for a non-profit of which there are thousands in the USA - but because I want to install something on an AD domain I am precluded because it assumes that because I have a domain I must be commercial so it refuses to install...... It just pisses me off no end!!!!!!
    [/RANT]
    Don\'t SYN us.... We\'ll SYN you.....
    \"A nation that draws too broad a difference between its scholars and its warriors will have its thinking done by cowards, and its fighting done by fools.\" - Thucydides

  10. #10
    Leftie Linux Lover the_JinX's Avatar
    Join Date
    Nov 2001
    Location
    Beverwijk Netherlands
    Posts
    2,535
    HTRegz (et al)

    I don't know what it is about that site..
    But something deffinately gives me the creaps..

    Same with SuSE Novell's Cool Solutions Sjeezus people we're not selling toys here !!
    ASCII stupid question, get a stupid ANSI.
    When in Russia, pet a PETSCII.

    Get your ass over to SLAYRadio the best station for C64 Remixes !

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

 Security News

     Patches

       Security Trends

         How-To

           Buying Guides