Forums
New posts
Search forums
News
Security News
Technology News
Giveaways
Giveaways, Promotions and Contests
Discounts & Deals
Reviews
Users Reviews
Video Reviews
Support
Windows Malware Removal Help & Support
Inactive Support Threads
Mac Malware Removal Help & Support
Mobile Malware Removal Help & Support
Blog
Log in
Register
What's new
Search
Search titles only
By:
Search titles only
By:
Reply to thread
Menu
Install the app
Install
JavaScript is disabled. For a better experience, please enable JavaScript in your browser before proceeding.
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an
alternative browser
.
Forums
Software
Security Apps
Other security for Windows, Mac, Linux
NoVirusThanks OSArmor
Message
<blockquote data-quote="AtlBo" data-source="post: 700324" data-attributes="member: 32547"><p>Brainstorming some this AM. [USER=68429]@NoVirusThanks[/USER] (Andreas), have you considered making this a companion of your updated NTV ERP? What I am considering is the possiblity of using the OSArmor component and its rules to wipe out the need for discovery of "clean" Windows system protected processes in ERP. This would mean that ERP users wouldn't need to simply allow all Windows processes. They could without the extra effort use a customized version of Windows processes that should be allowed by default. For sure some of them should be imo monitored by command-line usage, i.e. runonce. There is more, too, as all the rules of OSArmor could be incorporated for monitoring types of files and the others too.</p><p></p><p>I am beginning to develop a desire to come up with a list of common Windows based command lines/wildcard command lines for ERP, so that settings and rules can be transferred onto a new PC easily with NVT ERP running. After going over the list of Windows allowed that were added in the first hour or so I used NVT ERP on this PC, I noticed some of these processes that I would prefer to allow via the command line option, so I removed them from the allowed list. These made it into the list while I was running ERP with "Allow Microsoft Windows system protected processes" checked (I believe that is the default on installation?).</p><p></p><p>IDK and o/c you know these products far better than I. However, I could see both these apps in one without any overlap, using a single GUI. I am envisioning side by side dialogs, one for applications (ERP) and one for the OS (OSArmor).</p><p></p><p>Maybe you could even come up with a nice way in NVT OSArmor of monitoring Runonce and other startups without the risk that the Windows process might be unknowingly auto allowed by a user as with NVT ERP. This is sort of a well trained HIPS module that is smart enough imo to be thought of as behavior blocker. Another good thing to monitor would be running tasks. If a task wants to start, using OSArmor alert, user can block the task once or for each attempt (maybe even disable the task LOL, although I think I am seeing possible UAC development challenges for standard user account users <img src="data:image/gif;base64,R0lGODlhAQABAIAAAAAAAP///yH5BAEAAAAALAAAAAABAAEAAAIBRAA7" class="smilie smilie--sprite smilie--sprite119" alt=":rolleyes:" title="Roll eyes :rolleyes:" loading="lazy" data-shortname=":rolleyes:" />). There is always monitoring of changes to drivers too and I suppose others.</p></blockquote><p></p>
[QUOTE="AtlBo, post: 700324, member: 32547"] Brainstorming some this AM. [USER=68429]@NoVirusThanks[/USER] (Andreas), have you considered making this a companion of your updated NTV ERP? What I am considering is the possiblity of using the OSArmor component and its rules to wipe out the need for discovery of "clean" Windows system protected processes in ERP. This would mean that ERP users wouldn't need to simply allow all Windows processes. They could without the extra effort use a customized version of Windows processes that should be allowed by default. For sure some of them should be imo monitored by command-line usage, i.e. runonce. There is more, too, as all the rules of OSArmor could be incorporated for monitoring types of files and the others too. I am beginning to develop a desire to come up with a list of common Windows based command lines/wildcard command lines for ERP, so that settings and rules can be transferred onto a new PC easily with NVT ERP running. After going over the list of Windows allowed that were added in the first hour or so I used NVT ERP on this PC, I noticed some of these processes that I would prefer to allow via the command line option, so I removed them from the allowed list. These made it into the list while I was running ERP with "Allow Microsoft Windows system protected processes" checked (I believe that is the default on installation?). IDK and o/c you know these products far better than I. However, I could see both these apps in one without any overlap, using a single GUI. I am envisioning side by side dialogs, one for applications (ERP) and one for the OS (OSArmor). Maybe you could even come up with a nice way in NVT OSArmor of monitoring Runonce and other startups without the risk that the Windows process might be unknowingly auto allowed by a user as with NVT ERP. This is sort of a well trained HIPS module that is smart enough imo to be thought of as behavior blocker. Another good thing to monitor would be running tasks. If a task wants to start, using OSArmor alert, user can block the task once or for each attempt (maybe even disable the task LOL, although I think I am seeing possible UAC development challenges for standard user account users :rolleyes:). There is always monitoring of changes to drivers too and I suppose others. [/QUOTE]
Insert quotes…
Verification
Post reply
Top
