Which default/deny solution wins, and why?

shmu26 · Mar 6, 2017

please state why you made your choice. there is a bit of mystery surrounding some of these apps; let's put it on the table for all to see. Facts, not fables.

I deliberately left AppGuard off the list because it is in a class all by itself.

shmu26 · Mar 8, 2017

Yash Khan said:
I know that But I dont want to uncheck protection

same here

Deleted member 2913 · Mar 8, 2017

shmu26 said:
same here

I think you dont lose protection by disabling the option coz file will be sandboxed, right?

shmu26 · Mar 8, 2017

Yash Khan said:
I think you dont lose protection by disabling the option coz file will be sandboxed, right?

I would have to test it out, but basically, the ways I used to overcome my problem seemed to disable the whole command line protection

Deleted member 2913 · Mar 8, 2017

shmu26 said:
I would have to test it out, but basically, the ways I used to overcome my problem seemed to disable the whole command line protection

I think disabling any command line or heur analysis, we are still safe coz of sandbox, right?

shmu26 · Mar 8, 2017

Yash Khan said:
I think disabling any command line or heur analysis, we are still safe coz of sandbox, right?

ah, now I understand your point.
well, command line protection is important for advanced "fileless" exploits.
It also helps as a second line of defense, in case you mistakenly trusted a malicious file

CMLew · Mar 8, 2017

Umbra said:
Wise decision
AppGuard's class is Software Restriction Policy (for those who don't know).

now about the Poll , note than nobody can really tell about exploits because they are rarely seen, we can just theorize.

i tested several of them so for me the winners are :

1- ReHIPS
anti-exe: yes
anti-exploit: "yes" via isolation
dll protection: via isolation

2- Comodo
anti-exe: yes
anti-exploit: "yes" by HIPS or isolation
dll protection : yes by HIPS or isolation

Comodo is 2nd because its damn rules' bug and the use of kernel hooks.
i didn't tested KIS or Avast, ERP lack of dll & drivers protection. VS has no dll protection.

I recalled you did try SOB right, which is somehow enhanced DIY version of NVT ERP?

Anyway tried and tested most of them except ReHIPS. But none beats SRP and UAC/LUA from windows for it's simplicity without compromising the system performance.

Deleted member 178 · Mar 8, 2017

CMLew said:
I recalled you did try SOB right, which is somehow enhanced DIY version of NVT ERP?

yes it is ERP but better , im still wondering why NVT keep rebuilding ERP from scratch instaed of finishing SoB...

Anyway tried and tested most of them except ReHIPS. But none beats SRP and UAC/LUA from windows for it's simplicity without compromising the system performance.

Indeed.

whizkidraj · Mar 9, 2017

what's SOB and SRP.
Anyways, Voodooshield wins coz whenever u talk to the developer Mr.Dan, it always seems like he has used or is well aware of all the other competitions. AppGuard I hope they start LTL for all versions or else, no meaning to keep buying it yearly. Only hardcore people who love and support would do it. But we are seeing here from every simple + advanced user's point of view. So the support and knowledge and license offered by voodooshield is best. Other freewares are good, too, but they are free so they will always have some or the other limitations, if not in features, then in support.

shmu26 · Mar 9, 2017

whizkidraj said:
what's SOB and SRP.
Anyways, Voodooshield wins coz whenever u talk to the developer Mr.Dan, it always seems like he has used or is well aware of all the other competitions. AppGuard I hope they start LTL for all versions or else, no meaning to keep buying it yearly. Only hardcore people who love and support would do it. But we are seeing here from every simple + advanced user's point of view. So the support and knowledge and license offered by voodooshield is best. Other freewares are good, too, but they are free so they will always have some or the other limitations, if not in features, then in support.

I prefer a product that doesn't need constant support, over a product that provides constant support. Voodooshield still needs some development in order to work optimally on many systems.

Deleted member 178 · Mar 9, 2017

whizkidraj said:
what's SOB and SRP.

SRP : Software restriction Policy , like Appguard, Bouncer, etc...
SoB : it is NVT Smart Object Blocker , a better anti-exe than ERP.

Anyways, Voodooshield wins coz whenever u talk to the developer Mr.Dan, it always seems like he has used or is well aware of all the other competitions.

VS despite being a good soft is 'in my opinion) way too long on beta, he keeps adding features after features. wgich were not originally planned. it move from pure Anti-exe to anti-exe with remote sandbox to now anti-exe +Ai + remote sandbox...

AppGuard I hope they start LTL for all versions or else, no meaning to keep buying it yearly. Only hardcore people who love and support would do it

Don't expect it. AG main market is primarily Corporation/Government Agencies/Military; home users is a very very very small fraction of their userbase.

vivid · Mar 9, 2017

Yash Khan said:
I think disabling any command line or heur analysis, we are still safe coz of sandbox, right?

It's useful if something breaks out and command-line interpreters are used. Good addition to Sandbox.

Deleted member 2913 · Mar 9, 2017

I wonder how they would take care of these everytime new script from programs................?

Search

Which default/deny solution wins, and why?

shmu26

Level 85

shmu26

Level 85

Deleted member 2913

shmu26

Level 85

Deleted member 2913

shmu26

Level 85

CMLew

Level 23

Deleted member 178

whizkidraj

Level 8

shmu26

Level 85

Deleted member 178

vivid

Level 5

Deleted member 2913

Similar threads