Results 1 to 10 of 10

Thread: GesWall... Anyone played with it?

  1. #1
    AO Ancient: Team Leader
    Join Date
    Oct 2002
    Posts
    5,197

    GesWall... Anyone played with it?

    from BugTraq:-

    Hello Bugtraq,

    we would like to announce the recent GeSWall update. GeSWall is an
    intrusion prevention system for Windows. It applies a security policy
    that effectively precludes damage from various attacks and malicious
    software.

    Instead of blocking particular attack techniques GeSWall focuses on
    attack objectives such as taking control of a PC, stealing data,
    breaking system integrity etc. This approach allows block unknown
    attacks based on “zero-days” vectors, e.g. GeSWall has been stopped
    Windows Metafile exploits.

    GeSWall policy isolates web browsers, e-mail, chat, p2p, irc clients
    and other applications that may serve as entry points for malicious
    software or intrusions. Viruses, trojans, spyware, keyloggers and
    exploits cannot pass through an isolation policy and so cannot cause damage.

    In contrast with similar solutions, GeSWall is not limited by using
    sandboxing or virtualization, because this leads to usability
    problems. GeSWall is designed to be as non-intrusive as possible and
    does not restrict a network access, files or process creation.
    Instead, it tracks a potential threat (e.g. a file, process) down,
    isolates this threat and prevents damage.

    An additional information and free GeSWall download are available
    on our web site http://www.gentlesecurity.com/personal.html

    GentleSecurity Team
    Interested in any comments...
    Don\'t SYN us.... We\'ll SYN you.....
    \"A nation that draws too broad a difference between its scholars and its warriors will have its thinking done by cowards, and its fighting done by fools.\" - Thucydides

  2. #2
    Senior Member
    Join Date
    Mar 2005
    Posts
    400
    Okay, I'll bite.

    So I check out the GeSWall site, look for reviews or comments on internet (none).
    Decide... what the heck?
    What could go wrong? I mean this IS safety type software.
    If it's good enough for TS to ask for comments, It's good enough for me.

    Download said software, begin install, read the EULA (which notes "We are NOT responsible for screwing up your computer [no worries]) continue install on my troubleshooter laptop to c:\ with no problems, now it wants to reboot.
    Okay. go ahead, reboot. Be my guest.

    Restart seems to be okay, while loading drivers phase on bootup, suddenly *POW*
    Blue Screen of Death.
    STOP x000000008E

    Wow....I'm disappointed. Didn't even last a full reboot and I thought THIS was THE software of all time.

    So I guess the answer is: my laptop is too high tech for this crap...err...fine piece of software.

    ZT3000
    Beta tester of "0"s and "1"s"

  3. #3
    AO Ancient: Team Leader
    Join Date
    Oct 2002
    Posts
    5,197
    OOOOPS... Sorry...

    Of course, that's why I asked if anybody ever screwed up their computer.. errr... I mean, tried this software... before...
    Don\'t SYN us.... We\'ll SYN you.....
    \"A nation that draws too broad a difference between its scholars and its warriors will have its thinking done by cowards, and its fighting done by fools.\" - Thucydides

  4. #4
    AO übergeek phishphreek's Avatar
    Join Date
    Jan 2002
    Posts
    4,325
    ZT3000: Thats why you use vmware for stuff like that... it is free now, you know?

    If you do a last known good boot or boot into safe mode, you can do a roll back. (Win XP)
    (I'm assuming you know this?)
    Quitmzilla is a firefox extension that gives you stats on how long you have quit smoking, how much money you\'ve saved, how much you haven\'t smoked and recent milestones. Very helpful for people who quit smoking and used to smoke at their computers... Helps out with the urges.

  5. #5
    Senior Member
    Join Date
    Mar 2005
    Posts
    400
    Originally posted here by phishphreek80
    ZT3000: Thats why you use vmware for stuff like that... it is free now, you know?

    If you do a last known good boot or boot into safe mode, you can do a roll back. (Win XP)
    (I'm assuming you know this?)
    Phishy,

    Vmware: I have paid copies of both Virtual PC and Virtual Server 2005. I was aware the Vmware player was free. Is this what you mean?

    Repair: Yes, you assume correctly. I am aware of "last known good" and safe mode.
    The problem is these options do not remove the scattered files the install put into my harddrive and then there is now no uninstall option.

    ZT3000
    Beta tester of "0"s and "1"s"

  6. #6
    AO übergeek phishphreek's Avatar
    Join Date
    Jan 2002
    Posts
    4,325
    Nope, VMWARE server is also now free.

    http://www.vmware.com/products/server/

    “Offering VMware Server for free will bring VMware's proven virtualization technology to a wider audience, allowing companies to achieve the benefits of virtualization, such as cost reductions and flexible server provisioning.”
    It's free for both win32 or *nix.

    I beleive that m$ HAD to make their virtualization software available for free AND provide support for *nix... otherwise, everyone would just use VMware. Not to mention XEN is getting better. (So I'm told... I have yet to acutally get it running sucessfully...)

    They say that their software is in "beta". I wouldn't let that scare you. I've been using it a lot lately with no crashes or observed memory leaks. I think that putting "beta" after a product launch for free software is the newest hype. (look at google's services... stay in "beta" for years...)

    Well, if you "rollback" the driver, at least you get to a workable stage. You could monitor the install again and manually remove all the files... however, it's probably just as easy to reinstall/restore from a backup/ghosted image? lol

    Either way, I'm sure TS is very happy that you were the guinea pig for this "evaulation".
    Quitmzilla is a firefox extension that gives you stats on how long you have quit smoking, how much money you\'ve saved, how much you haven\'t smoked and recent milestones. Very helpful for people who quit smoking and used to smoke at their computers... Helps out with the urges.

  7. #7
    Senior Member
    Join Date
    Mar 2005
    Posts
    400
    Nah, I know TS better than that.
    I'm sure he's not underestimating me, having a good way out of the install.

    Fact is, returning to my standard setup after the Blue screen was a piece of Art.
    Here's how it went: After Blue screen lockup, press power button for two seconds, wait 5 seconds, press power button for one second and computer returns with all install files, registry entries and any other shenanigans completely and irreversibly gone without delay.
    In fact, that post I made above was only 2 minutes after it locked up hard on me.

    I'm sure the Houdini way to recovery pissed on someone's happiness here.
    (they know who they are.)




    Anyways, the interesting part of all this is actually your post describing how VMWare Server is free. That must be a recent event. I'm going to look it up.

    Despite the Virtual Server 2005 is FREE download, I wonder how long it will run for FREE? 180days?
    ZT3000
    Beta tester of "0"s and "1"s"

  8. #8
    Elite Hacker
    Join Date
    Mar 2003
    Posts
    1,407
    You made me think of an idea for some software ZT3000. I've always hated how even if you use the software's uninstall option, it could still be leaving stuff behind. How about software in which you run all installs through it, it keeps track of all files installed onto the machine, and will make a program that you run to remove all those files. Seems like it'd be doable. Of course it'd watch the registry, and I guess it'd need to keep track of shared resources and make sure to either not delete those or ask if you want them deleted. I think it's a good idea though. I'm not sure how possible it'd be, but I'd like to have something where I know without a doubt I can remove software I installed completely. Seems like it'd be too good to be possible. Someone start writing it for me :P.

  9. #9
    Senior Member
    Join Date
    Mar 2005
    Posts
    400
    There are a few pieces of software that purport to do this.
    I know one of them is Registry Mechanic, there are others, of course.
    I don't know of their complete effectiveness, as when I used a product or two of this nature, a few years ago, I found a lingering folder or registry entry left empty but still behind.
    Perhaps someone knows a good solution.

    My setup combined with forethought and patience solves uninstalling problems, so I'm happy.
    ZT3000
    Beta tester of "0"s and "1"s"

  10. #10
    AO übergeek phishphreek's Avatar
    Join Date
    Jan 2002
    Posts
    4,325
    Norton\Symantec Systemworks has this feature.

    http://www.symantec.com/home_homeoff...p&pvid=nsw2006

    Monitors new software installations and reverses the process if the installation goes poorly or you decide you don't want the software.
    Though, I've always found symantec's product to be very resource intensive!

    Microsoft has one too... (just monitors/logs installs)

    http://www.microsoft.com/windows2000...instaler-o.asp
    Quitmzilla is a firefox extension that gives you stats on how long you have quit smoking, how much money you\'ve saved, how much you haven\'t smoked and recent milestones. Very helpful for people who quit smoking and used to smoke at their computers... Helps out with the urges.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •