D
True my friend, but the intresting element was to combine it all with Joanna's idea to use different users:i said Applocker is a basic SRP, not the setup.
Demo is time limited and applies a size limitation for its configuration file. Demo survived Windows 10 updates withOUT needing any change, ask @WildByDesign he is a continues user from first beta (few years now), so he can tell something on its compatibility in practise with other security.Won't the demo time expire?
Edit: I misread, for private non commercial use demo doesn't have limits but its beta and can be buggy.
OK so presuming I don't use with ESET IS can it protect browser-based botnet/rootkit attacks?Sorry @HarborFront thought I had answered at least one: no I would not use it with AV with anti-exploit protection.
MemProtect blocks all exploit tests from HMPalert testtool. With the rules I am using it does not prevent exploits, it just traps them into to the process they exploited. Exploits can attack firefox but they cant jump over to ány other process (explorer for example).
Yes: nothing gets out of the browser when you use these rulesOK so presuming I don't use with ESET IS can it protect browser-based botnet/rootkit attacks?
Good solution, as said my opinion is not rational, It feels like driving a car with two passengers on the back bench with big colts in their pockets. When I have two of those agressive guys in my car, they might start a fight (i know does not make any sense, but that is the, maybe stupid, idea I have on exploit prevention/protection sofware).Just to clarify, for those unfamiliar with Excubits products: The time limitation on the demo version means you need to reinstall the driver every year. (Easy to do, once you know how to do it.) But your config file is perpetual.
@Windows_Security, regarding other security software potentially conflicting with memprotect, why can't you just make an exception rule for it?
For instance, this is my whitelist rule to allow MS Office to interact with Windows Defender
!*Office1?\*>*MsMpEng.exe
Thanks. Your intuition is probably at least as good as most people's knowledgeGood solution, as said my opinion is not rational, It feels like driving a car with two passengers on the back bench with big colts in their pockets. When I have two of those agressive guys in my car, they might start a fight (i know does not make any sense, but that is the, maybe stupid, idea I have on exploit prevention/protection sofware).
I remember this user from before, particularly for their excellent and thorough understanding of low level technical Windows kernel functionality. I did not realize that this member is no longer here though, unfortunately. Definitely someone who understands technical details well and was also very good at explaining those details to other users as well. I recall other conversations previously regarding ObRegisterCallbacks but personally I don't quite understand that deeply. Just a brief question, was this member's overall view point of MemProtect positive or negative?Some explanation by OpC0de (once a member of this forum) about MemProtect
We use cookies to improve your browsing experience on our site, show personalized content and targeted ads, analyze site traffic, and understand where our audience is coming from.
By continuing to use this site, you are consenting to our use of cookies.