[PL] PL2006 Program Submittals - ProcessGuard

  • Thread starter Thread starter Whirled Peas
  • Start date Start date
W

Whirled Peas

Whoops, I didn't mean to post this as a follow-up. So I'll post it again,
which may be just as bad :-)

[PL] PL2006 Program Submittals -- ProcessGuard

CATEGORY: Security
SUBCATEGORY: Monitor: Processes
AUTHOR'S EMAIL ADDRESS (munged): n/a

01 (PROGRAM NAME) ProcessGuard
02 (WARE DESCRIPTION) (Liteware)
03 (OS-WIN) Windows 2000 / XP / 2003
04 (OS-NOTES)
05 (OS-OTHER)
06 (LANGUAGES) English
07 (DESCRIPTION) ProcessGuard is a powerful new cutting-edge program that
greatly increases the security of your computer by preventing processes
from being able to attack each other. It also stops applications from
executing without the users consent, stops malicious worms and trojans from
being executed silently in the background, as well as a variety of other
attacks, even including keyloggers and leaktests.
DiamondCS Process Guard is an advanced security system that protects both
system and security processes (as well as user-defined processes) from
attacks by other processes, services, drivers, and other forms of executing
code on your system. The first program of its kind, it is made possible by
a kernel-mode driver that securely controls process-to-process access in a
relatively simple but technically efficient, safe, and secure manner.
Although it is a very powerful program due to its low-level nature, its
intuitive graphical interface actually makes it very easy to use for both
novice and advanced users alike.
07a (NOTES) (n.r.), n/a
08 (COMPANY) Diamond CS
08a (AUTHOR)
09 (LINK 1 DESCRIPTION) Home Page
10 (LINK 1) http://www.diamondcs.com.au/processguard/index.php?page=home
11 (LINK 2 DESCRIPTION) download page: v. 3.150 (Installer: 1.87 Megabytes)
12 (LINK 2)
http://www.diamondcs.com.au/processguard/index.php?page=download
 
Whirled said:
Whoops, I didn't mean to post this as a follow-up. So I'll post it again,
which may be just as bad :-)
Click to expand...

You can stop any time. ;) ProcessGuard *is* on the todo list. (ATM I'm
updating the PL2005 database/ web pages).
[PL] PL2006 Program Submittals -- ProcessGuard

CATEGORY: Security
SUBCATEGORY: Monitor: Processes
AUTHOR'S EMAIL ADDRESS (munged): n/a

01 (PROGRAM NAME) ProcessGuard
02 (WARE DESCRIPTION) (Liteware)
Click to expand...

Susan
--
Posted to alt.comp.freeware
Search alt.comp.freeware (or read it online):
http://www.google.com/advanced_group_search?q=+group:alt.comp.freeware
Pricelessware & ACF: http://www.pricelesswarehome.org
Pricelessware: http://www.pricelessware.org (not maintained)
 
Whirled Peas wrote:

[PL] PL2006 Program Submittals -- ProcessGuard

CATEGORY: Security
SUBCATEGORY: Monitor: Processes
AUTHOR'S EMAIL ADDRESS (munged): n/a

01 (PROGRAM NAME) ProcessGuard
Click to expand...


The description below is obtained from the website, but the liteware
version has fairly significant functions disabled as shown here
http://www.diamondcs.com.au/processguard/index.php?page=download

It's difficult to seperate out the marketing speak below from the
technical capabilities of PG free, but I'll try.
07 (DESCRIPTION) ProcessGuard is a powerful new cutting-edge program that
greatly increases the security of your computer by preventing processes
from being able to attack each other.
Click to expand...

The liteware version has this.


It also stops applications from
executing without the users consent,
Click to expand...

This too. Application execution control is present in the liteware
version so you will be warned if something unknown starts. It does not
seem to keep track of the whitelisted file though, still this sentence
holds.

stops malicious worms and trojans from
being executed silently in the background,
Click to expand...

Yes , this is just the same as above.
as well as a variety of other
attacks, even including keyloggers and leaktests.
Click to expand...

I think this is the sticker.

The liteware version doesn't block global hooks, so protection from
keyloggers is nearly none-existent. It prevents processes from being
modified, which blocks dll injection, so it handles some but not all
leak test fairly well.

The lack of protection of the physical memory, also means the liteware
version protects against a smaller "variety of other attacks".

I think, the above sentence above is fair, except for the keyloggers
bit.

DiamondCS Process Guard is an advanced security system that protects both
system and security processes (as well as user-defined processes) from
attacks by other processes, services, drivers, and other forms of executing
code on your system.
Click to expand...

The liteware version doesn't protect against driver/services installs
which is critical to prevent kernel based rootkits and kernel based
keyloggers.

I'm not sure what the policy for liteware is, and what i write is
mostly nitpicks but I thought you would like to know.
 
This too. Application execution control is present in the liteware
version so you will be warned if something unknown starts. It does not
seem to keep track of the whitelisted file though, still this sentence
holds.
Click to expand...

It has kept track of the applications I have allowed, thus far.

I think this is the sticker.

The liteware version doesn't block global hooks, so protection from
keyloggers is nearly none-existent. It prevents processes from being
modified, which blocks dll injection, so it handles some but not all
leak test fairly well.

The lack of protection of the physical memory, also means the liteware
version protects against a smaller "variety of other attacks".

I think, the above sentence above is fair, except for the keyloggers
bit.
Click to expand...

Yes, you are correct. I should have edited that bit out or, better, just
have written the description out for myself.

The liteware version doesn't protect against driver/services installs
which is critical to prevent kernel based rootkits and kernel based
keyloggers.

I'm not sure what the policy for liteware is, and what i write is
mostly nitpicks but I thought you would like to know.
Click to expand...

No, I think you were right on target with the "nitpicks." Thanks for
catching my mistake. :-)
 
Whirled said:
It has kept track of the applications I have allowed, thus far.
Click to expand...

Sorry I'm not clear here. Unlike the full version it does not "Block
new and changed programs", I interpret this to mean that if the
whitelisted file is changed (say you updated it with a new version), PG
doesn't warn you. Is that correct? The full version keeps a white list
of processes as well as the related md5 hash like most firewalls so it
will know if the file is changed and will alert you.

No, I think you were right on target with the "nitpicks." Thanks for
catching my mistake. :-)
Click to expand...

You are welcome.
 
Back
Top