-
April 2nd, 2006, 12:16 AM
#1
GesWall... Anyone played with it?
from BugTraq:-
Hello Bugtraq,
we would like to announce the recent GeSWall update. GeSWall is an
intrusion prevention system for Windows. It applies a security policy
that effectively precludes damage from various attacks and malicious
software.
Instead of blocking particular attack techniques GeSWall focuses on
attack objectives such as taking control of a PC, stealing data,
breaking system integrity etc. This approach allows block unknown
attacks based on “zero-days” vectors, e.g. GeSWall has been stopped
Windows Metafile exploits.
GeSWall policy isolates web browsers, e-mail, chat, p2p, irc clients
and other applications that may serve as entry points for malicious
software or intrusions. Viruses, trojans, spyware, keyloggers and
exploits cannot pass through an isolation policy and so cannot cause damage.
In contrast with similar solutions, GeSWall is not limited by using
sandboxing or virtualization, because this leads to usability
problems. GeSWall is designed to be as non-intrusive as possible and
does not restrict a network access, files or process creation.
Instead, it tracks a potential threat (e.g. a file, process) down,
isolates this threat and prevents damage.
An additional information and free GeSWall download are available
on our web site http://www.gentlesecurity.com/personal.html
GentleSecurity Team
Interested in any comments...
Don\'t SYN us.... We\'ll SYN you.....
\"A nation that draws too broad a difference between its scholars and its warriors will have its thinking done by cowards, and its fighting done by fools.\" - Thucydides
-
April 24th, 2006, 12:48 AM
#2
Okay, I'll bite.
So I check out the GeSWall site, look for reviews or comments on internet (none).
Decide... what the heck?
What could go wrong? I mean this IS safety type software.
If it's good enough for TS to ask for comments, It's good enough for me.
Download said software, begin install, read the EULA (which notes "We are NOT responsible for screwing up your computer [no worries]) continue install on my troubleshooter laptop to c:\ with no problems, now it wants to reboot.
Okay. go ahead, reboot. Be my guest.
Restart seems to be okay, while loading drivers phase on bootup, suddenly *POW*
Blue Screen of Death.
STOP x000000008E
Wow....I'm disappointed. Didn't even last a full reboot and I thought THIS was THE software of all time.
So I guess the answer is: my laptop is too high tech for this crap...err...fine piece of software.
ZT3000
Beta tester of "0"s and "1"s"
-
April 24th, 2006, 01:26 AM
#3
OOOOPS... Sorry...
Of course, that's why I asked if anybody ever screwed up their computer.. errr... I mean, tried this software... before...
Don\'t SYN us.... We\'ll SYN you.....
\"A nation that draws too broad a difference between its scholars and its warriors will have its thinking done by cowards, and its fighting done by fools.\" - Thucydides
-
April 24th, 2006, 03:12 AM
#4
ZT3000: Thats why you use vmware for stuff like that... it is free now, you know?
If you do a last known good boot or boot into safe mode, you can do a roll back. (Win XP)
(I'm assuming you know this?)
Quitmzilla is a firefox extension that gives you stats on how long you have quit smoking, how much money you\'ve saved, how much you haven\'t smoked and recent milestones. Very helpful for people who quit smoking and used to smoke at their computers... Helps out with the urges.
-
April 24th, 2006, 12:22 PM
#5
Originally posted here by phishphreek80
ZT3000: Thats why you use vmware for stuff like that... it is free now, you know?
If you do a last known good boot or boot into safe mode, you can do a roll back. (Win XP)
(I'm assuming you know this?)
Phishy,
Vmware: I have paid copies of both Virtual PC and Virtual Server 2005. I was aware the Vmware player was free. Is this what you mean?
Repair: Yes, you assume correctly. I am aware of "last known good" and safe mode.
The problem is these options do not remove the scattered files the install put into my harddrive and then there is now no uninstall option.
ZT3000
Beta tester of "0"s and "1"s"
-
April 24th, 2006, 01:31 PM
#6
Nope, VMWARE server is also now free.
http://www.vmware.com/products/server/
“Offering VMware Server for free will bring VMware's proven virtualization technology to a wider audience, allowing companies to achieve the benefits of virtualization, such as cost reductions and flexible server provisioning.”
It's free for both win32 or *nix.
I beleive that m$ HAD to make their virtualization software available for free AND provide support for *nix... otherwise, everyone would just use VMware. Not to mention XEN is getting better. (So I'm told... I have yet to acutally get it running sucessfully...)
They say that their software is in "beta". I wouldn't let that scare you. I've been using it a lot lately with no crashes or observed memory leaks. I think that putting "beta" after a product launch for free software is the newest hype. (look at google's services... stay in "beta" for years...)
Well, if you "rollback" the driver, at least you get to a workable stage. You could monitor the install again and manually remove all the files... however, it's probably just as easy to reinstall/restore from a backup/ghosted image? lol
Either way, I'm sure TS is very happy that you were the guinea pig for this "evaulation".
Quitmzilla is a firefox extension that gives you stats on how long you have quit smoking, how much money you\'ve saved, how much you haven\'t smoked and recent milestones. Very helpful for people who quit smoking and used to smoke at their computers... Helps out with the urges.
-
April 24th, 2006, 08:28 PM
#7
Nah, I know TS better than that.
I'm sure he's not underestimating me, having a good way out of the install.
Fact is, returning to my standard setup after the Blue screen was a piece of Art.
Here's how it went: After Blue screen lockup, press power button for two seconds, wait 5 seconds, press power button for one second and computer returns with all install files, registry entries and any other shenanigans completely and irreversibly gone without delay.
In fact, that post I made above was only 2 minutes after it locked up hard on me.
I'm sure the Houdini way to recovery pissed on someone's happiness here.
(they know who they are.)
Anyways, the interesting part of all this is actually your post describing how VMWare Server is free. That must be a recent event. I'm going to look it up.
Despite the Virtual Server 2005 is FREE download, I wonder how long it will run for FREE? 180days?
ZT3000
Beta tester of "0"s and "1"s"
-
April 25th, 2006, 03:35 AM
#8
You made me think of an idea for some software ZT3000. I've always hated how even if you use the software's uninstall option, it could still be leaving stuff behind. How about software in which you run all installs through it, it keeps track of all files installed onto the machine, and will make a program that you run to remove all those files. Seems like it'd be doable. Of course it'd watch the registry, and I guess it'd need to keep track of shared resources and make sure to either not delete those or ask if you want them deleted. I think it's a good idea though. I'm not sure how possible it'd be, but I'd like to have something where I know without a doubt I can remove software I installed completely. Seems like it'd be too good to be possible. Someone start writing it for me :P.
-
April 25th, 2006, 01:40 PM
#9
There are a few pieces of software that purport to do this.
I know one of them is Registry Mechanic, there are others, of course.
I don't know of their complete effectiveness, as when I used a product or two of this nature, a few years ago, I found a lingering folder or registry entry left empty but still behind.
Perhaps someone knows a good solution.
My setup combined with forethought and patience solves uninstalling problems, so I'm happy.
ZT3000
Beta tester of "0"s and "1"s"
-
April 25th, 2006, 03:00 PM
#10
Norton\Symantec Systemworks has this feature.
http://www.symantec.com/home_homeoff...p&pvid=nsw2006
Monitors new software installations and reverses the process if the installation goes poorly or you decide you don't want the software.
Though, I've always found symantec's product to be very resource intensive!
Microsoft has one too... (just monitors/logs installs)
http://www.microsoft.com/windows2000...instaler-o.asp
Quitmzilla is a firefox extension that gives you stats on how long you have quit smoking, how much money you\'ve saved, how much you haven\'t smoked and recent milestones. Very helpful for people who quit smoking and used to smoke at their computers... Helps out with the urges.
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|