Re: Abtrusion - Anyone use this?
From: sponge (yosponge_at_yahoo.com)
Date: 03/26/04
- Next message: *Vanguard*: "Re: Abtrusion - Anyone use this?"
- Previous message: sponge: "Re: testing my users' temptation to open a well crafted email"
- In reply to: *Vanguard*: "Abtrusion - Anyone use this?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: 25 Mar 2004 23:16:30 -0800
On Thu, 25 Mar 2004 19:35:52 -0600, "*Vanguard*"
<no-email@post-reply-in-newsgroup.invalid> wrote:
> Abtrusion lets you control what is allowed to run on your system.
No, it's not permissions stuff. I already run an anti-virus scanner
to monitor incoming traffic and to check if something tries to run
that is already on my system that is infected. However, until the
anti-virus program schedules its next up update, my system is
vulnerable (although that is not long hopefully since I let it perform
automatic updates). It also takes time to detect that a virus is on
the loose, to determine how to identify it, and possibly to kill it,
all of which lengthens the window of opportunity. Abtrusion takes the
tack of preventing anything from running unless allowed. I think
there is another product called something like System Safety Net (not
sure about the name).
>
>I'm interested but wonder about the following:
>
>- How much do these products get in the way of using your computer?
>
>- How much do they slow down opening programs (i.e., what's the
impact on how snappy your applications startup)?
>
>We all know that running a firewall is a good thing, especially if
you have an always-on connection, like cable broadband or DSL, but a
firewall always adds delay. Hopefully not much delay. Even though it
causes delay, I'd rather incur the slight and mostly unnoticeable
delay and have the protection. However, with dozens if not hundreds
of files getting opened and closed every minute, an imperceptible
delay in opening a single file becomes magnified and might
significantly impact your use of your computer. So it would be nice
to have the added protection as long as it wasn't in your face wasting
your time and if it didn't make you wait to use your computer.
I have not used Abtrusion specifically, but it is rather similar to a
sandbox. I have used and written some sandboxes, and they are much
more involved than simply monitoring program start-up, and, as a
result, they can significantly decrease performance, depending on the
extent of capability and coverage. Abtrusion sounds great if it allows
for the detection of individual program components and dependencies
(e.g. DLLs). However, if it doesn't, then that's a significant flaw in
completeness. Not enough to make it worthless, but far from being very
dependable by itself. You might be served just as well if not better
by running HiJackThis! periodically, to see what's running. It won't
show all dependencies, but it will show BHOs and the like. You can do
this instead of or in addition to Abtrusion. The DLL Authentication
features of some personal firewalls (Sygate, BlackICE), are also
helpful in this regard and can somewhat complement Abtrusion if it
lacks dependency verification.
Sponge
Sponge's Secure Solutions
www.geocities.com/yosponge
My new email: yosponge2 att yahoo dott com
- Next message: *Vanguard*: "Re: Abtrusion - Anyone use this?"
- Previous message: sponge: "Re: testing my users' temptation to open a well crafted email"
- In reply to: *Vanguard*: "Abtrusion - Anyone use this?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
