Re: Abtrusion - Anyone use this?
From: Bogus (Bogusname_at_Privacy.net)
Date: 03/27/04
- Next message: ---= Ö§âmâ ßíñ Këñ0ßí =---: "Re: testing my users' temptation to open a well crafted email"
- Previous message: Bogus: "Re: Abtrusion - Anyone use this?"
- In reply to: *Vanguard*: "Re: Abtrusion - Anyone use this?"
- Next in thread: sponge: "Re: Abtrusion - Anyone use this?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Sat, 27 Mar 2004 16:05:56 -0500
> If I understand you correctly, Abtrusion impacts the Windows startup time
>but very little after that whereas SSME does not impact startup time but
>will popup whenever a new program wants to run.
I was not clear. Abtrusion has a one-time -installation- impact (during
which it hash's your executables), thereafter it has almost no impact.
Your understanding of SSM is correct. Plus SSM will monitor for DLL
injections, programs exceeding their operating space (e.g. a program trying
to shutdown your AV), programs that are invoking valid programs for the
first time (e.g. I.E. invoking something "strange"), etc. Abtrusion only
blocks new or changed programs - doesn't consider relationships.
> I believe Abtrusion lets you take a snapshot if you consider your system
>clean. Does SSME do that, too, so you don't get prompted for every program
immediately after it is installed?
Yes - best way to do it is to "start" it the first time >after< your box is
up and running. It will then do an initial inventory and hash active
programs, plus the program that invoked them. Changes beyond that are
challenged. If you ever want to reinitialize it, simply delete the directory
and reinstall - there is no registry installation.
> Otherwise, you'll be spending most of your time for the first day or two
just answering prompts.
There will be that as well - much like a firewall learning trusted
applications. But this is more sophistocated than a firewall - do it thoughtfully.
OTOH, Abtrusion is much easier to use, and either app. will significantly increase
your security:-)
- Next message: ---= Ö§âmâ ßíñ Këñ0ßí =---: "Re: testing my users' temptation to open a well crafted email"
- Previous message: Bogus: "Re: Abtrusion - Anyone use this?"
- In reply to: *Vanguard*: "Re: Abtrusion - Anyone use this?"
- Next in thread: sponge: "Re: Abtrusion - Anyone use this?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
