Forums
New posts
Search forums
News
Security News
Technology News
Giveaways
Giveaways, Promotions and Contests
Discounts & Deals
Reviews
Users Reviews
Video Reviews
Support
Windows Malware Removal Help & Support
Mac Malware Removal Help & Support
Mobile Malware Removal Help & Support
Blog
Log in
Register
What's new
Search
Search titles only
By:
Search titles only
By:
Reply to thread
Menu
Install the app
Install
JavaScript is disabled. For a better experience, please enable JavaScript in your browser before proceeding.
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an
alternative browser
.
Forums
Software
Security Apps
Other security for Windows, Mac, Linux
Bouncer - Discussion & Support Thread
Message
<blockquote data-quote="WildByDesign" data-source="post: 473076" data-attributes="member: 48641"><p>Hi guys/gals,</p><p></p><p>I have followed the forums here for a few months now before deciding to create an account. I had seen some questions and discussion regarding Excubits Bouncer and therefore figured that it would be good to make a discussion and support related thread here. If anybody has any questions or wants to discuss anything related to Bouncer, I would be happy to help in any way possible. Users can feel free to share configuration examples as well if you would like, but please ensure that those are done within CODE tags.</p><p></p><p>Bouncer is a tiny, powerful, and significantly granular kernel-mode driver (KMD) which starts very early in the boot process during kernel-init. It is an Application Whitelisting / Anti-executable driver.</p><p></p><p>Please keep in mind that Bouncer can be rather complicated to configure as it is intended toward security researchers, academics (US-CERT), forensics work, etc. It is for those who don't mind getting their hands dirty, so to speak.</p><p></p><p>My best initial advice for anybody trying Bouncer would be to run Bouncer in non-lethal (#LETHAL) mode which means no blocking is done, but with logging enabled to show what would have been blocked. That will the logs will provide you with all of the detailed information that you need for creating rules.</p><p></p><p>Bouncer Information Links</p><p></p><p>Bouncer Product page: <a href="https://excubits.com/content/en/products_bouncer.html" target="_blank">Products - Bouncer | Excubits</a></p><p>Bouncer News page: <a href="https://excubits.com/content/en/news.html" target="_blank">Newsblog | Excubits</a></p><p>Developer's Blog: <a href="http://bitnuts.de/" target="_blank">Florian Rienhardt's Blog | bitnuts.de</a></p><p></p><p>Beta Camp* page: <a href="https://excubits.com/content/en/products_beta.html" target="_blank">Products - BETA CAMP | Excubits</a></p><p style="margin-left: 20px">*beta drivers (at the moment) are not digitally signed.</p></blockquote><p></p>
[QUOTE="WildByDesign, post: 473076, member: 48641"] Hi guys/gals, I have followed the forums here for a few months now before deciding to create an account. I had seen some questions and discussion regarding Excubits Bouncer and therefore figured that it would be good to make a discussion and support related thread here. If anybody has any questions or wants to discuss anything related to Bouncer, I would be happy to help in any way possible. Users can feel free to share configuration examples as well if you would like, but please ensure that those are done within CODE tags. Bouncer is a tiny, powerful, and significantly granular kernel-mode driver (KMD) which starts very early in the boot process during kernel-init. It is an Application Whitelisting / Anti-executable driver. Please keep in mind that Bouncer can be rather complicated to configure as it is intended toward security researchers, academics (US-CERT), forensics work, etc. It is for those who don't mind getting their hands dirty, so to speak. My best initial advice for anybody trying Bouncer would be to run Bouncer in non-lethal (#LETHAL) mode which means no blocking is done, but with logging enabled to show what would have been blocked. That will the logs will provide you with all of the detailed information that you need for creating rules. Bouncer Information Links Bouncer Product page: [URL="https://excubits.com/content/en/products_bouncer.html"]Products - Bouncer | Excubits[/URL] Bouncer News page: [URL="https://excubits.com/content/en/news.html"]Newsblog | Excubits[/URL] Developer's Blog: [URL="http://bitnuts.de/"]Florian Rienhardt's Blog | bitnuts.de[/URL] Beta Camp* page: [URL="https://excubits.com/content/en/products_beta.html"]Products - BETA CAMP | Excubits[/URL] [INDENT]*beta drivers (at the moment) are not digitally signed.[/INDENT] [/QUOTE]
Insert quotes…
Verification
Post reply
Top