rm22

Member
  • Content Count

    14
  • Joined

  • Last visited

Community Reputation

0 Neutral

About rm22

  • Rank
    Member

Profile Information

  • Gender
    Not Telling
  1. right - not a big deal i guess - there are plenty of good options for whitelisting, but it's already in OA so i just assumed it would be carried over. I've tried EAM with Voodooshield and AppGuard so far - NVT ERP is next - no problems so far. I'd prefer to get EIS, but EAM is already quite a bit more $ then Webroot SA which i'm also trialing - let me know if there's any deals coming up in the next month that i could access from Canada for 3 licenses.
  2. i meant 'default deny' - only whitelisted apps are allowed to run
  3. ok, thanks - but this is blacklisting - i'd expected to see application whitelisting as is in OA at least in EIS
  4. Thanks for the reply - not much of a reprieve then - oh well, i'll likely stay till the end I'm trialing EAM so we'll see how that goes - I was surprised there's no anti-executable in EAM or EIS
  5. When will updates/support end? I was surprised to keep getting updates after march 31st - since of course i have OA installed & not decided on replacements yet...
  6. from what i've read - EAF, stackpivot and caller mitigations provide the bulk of additional protection from the default DEP, SEHOP and ASLR mitigations but you could ask for more info here http://www.wilderssecurity.com/threads/emet-enhanced-mitigation-experience-toolkit.344631/page-31
  7. i found emet 5 did not work well with win7 64 bit and many others have written the same - you might want to fall back to 4.1 if you're having problems. also emet install guide says not to use with security software
  8. great - thanks for the reply Fabian
  9. hi - i'm running the latest online armor free version and have used emet 4.1 to change the following system wide settings DEP - always on (default is windows OS files only) SEHOP - opt out (default is disabled on windows 7) ASLR - default i haven't added any additional mitigations for OA as i've read this is not recommended for AV or firewalls any potential compatibility issues to watch out for with the changes i've made? i haven't noticed anything, but i'm wondering if i should set DEP to "opt out" and disable DEP and SEHOP for OA. thanks.
  10. ok thanks - i think i followed all of that. back to your previous post - so if i didn't need the discovery features not blocked by OA would it not be more secure to disable the SSDP service (which changes the advanced share setting 'network discovery' to 'off') i also disabled the server service which changes the advanced sharing setting for 'file and printer sharing' to 'off' - i'd assume this is more secure than just unticking 'file and printer sharing' on the network adapter
  11. ok - that sounds good - thanks for explaining. so where are these rules if i wanted to change them - hidden i'm assuming since it looks like all services are bundled in one rule 'host process for windows services' or maybe services.exe
  12. i did untick that at some point while i was testing - i just repeated the tests just to double check that i had it unticked before and the results are almost the same.. it's requiring a reboot for the settings to chnge to 'on' now also, i'm curious as to why you're using Appguard when you have OA - i've not tied Appguard since i was under the impression that it's main functionality - execution control - is covered by OA wouldn't that mean that the options should have no effect when i'm using OA firewall? if i use OA firewall and turn 'network discovery' off for home/work then i can't access my network printer and my router icon doesn't show up in 'explorer' - at least until 'network discovery' is automatically turned back on.
  13. thanks for the reply - i found this post on technet which explains a bit more, but can't i just shut down the associated services manually? http://social.technet.microsoft.com/Forums/windows/en-US/742dcc69-d28e-46a3-bf39-f13f912377a6/how-to-disable-firewall-as-well-as-file-and-printer-sharing?forum=w7itpronetworking#742dcc69-d28e-46a3-bf39-f13f912377a6
  14. I've been trying out OA free version for the last few months. It seems OA is changing my advanced sharing settings - prior to installing OA i had 'network discovery' and 'file and printer sharing' turned off for 'public' and 'file and printer sharing' turned off for 'home/work'. However, when OA firewall is turned on these settings all automatically change to 'on'. If i then turn OA firewall off and turn windows firewall back on, the settings change back to what they should be. If i change these settings back to 'off' while OA firewall is turned on then they remain off for a few minutes and then automatically turn back on. my OS is windows 7 64bit sp1 home premium. The pc is malware free. i have seen this same problem posted for several different firewalls, including OA, but haven't been able to find a solution other than turning the firewall off and using windows firewall - which is what i've been doing using public wifi. is there a known solution for this issue?