Help me choose software for security please!

Hi every one. I'm trying to find some program help me in the security problems. What things i need for?It must be a program that help me control all hidden executive and installation.I need it help me to monitor and report me if a program is being installed to my system,help me monitor all of its activities(creat files,del files,add value to registry,modified files) and i can stop any action of its installation at anytime i want.And i want it log every thing of that to a log file so that i can view after if it's a malware. And the second i need is a folder and files security program.I need a program can help me control the folder access permission of the system.Some folder can be use and modify by these program but cannot be use by other program.Example:I download a program from the internet,save into the folder A,IDM can access the folder A,write to it but other cannot write to the folder A.Folder FX can be access by the program X but others program cannot access FX and contrary,the program A cannot access any folder else A. For the second purpose,i did try the Universal Shield but it not work excellently as my mine,now i'm still looking for these. Anyone have the experience please help me,just give me the name of them.I will thank very much!

Reply to
Olicaca
Loading thread data ...

Wouldn't the first step be stop abusing MSIE as a webbrowser?

Huh? Unless you explicitly do that, this can't happen.

You mean something like Procmon? But this poses a huge performance impact on the system, but no real security benefit.

Oh, that's trivial. Just take Process Explorer and suspend the relevant process (which actually just suspends all non-suspended threads). But how is this related to security?

Huh? It's not like some malware would present itself like this. After all, shouldn't you focus on not running the malware in first place?

You mean what Windows already does?

Looks like scamware.

So what was your problem? Do you want a program that helps you managing the ACLs in Windows more efficiently? Or what?

Reply to
Sebastian G.

I actually broke down and tried this once with a user in the house here on one machine that stays up all the time with one user (not me).

My experience was that it actually decreased security because the pain in the ass it made in applying software updates to non-microsoft software (Quicktime patch of the week, instant messenger software updates, Mozilla products) actually caused the overall posture to be less secure because the tedium of having to log out, log in as administrator and apply the updates left the machine unpatched longer just because the pain it'd become.

Nice in theory, pain in the butt and backfires in practice for many situations, I suspect.

Reply to
Todd H.

Well, we all have our different experiences and browsing habits. I work in LUA all the time without any problems and work with the admin acc usually once a month (mainly for updating software apps and/or other maintenance purposes). I admit that working in LUA can be tricky at first for the uninitiated but in my experience, the learning curve flattens over time. How the right user account can help your computer security.

formatting link
Aaron Margosis' "Non-Admin" WebLog
formatting link
easiest way to run as non-admin.
formatting link

Reply to
Kayman

Wouldn't the first step be stop abusing MSIE as a webbrowser? Huh? Unless you explicitly do that, this can't happen. You mean something like Procmon? But this poses a huge performance impact on the system, but no real security benefit. Oh, that's trivial. Just take Process Explorer and suspend the relevant process (which actually just suspends all non-suspended threads). But how is this related to security?

Huh? It's not like some malware would present itself like this. After all, shouldn't you focus on not running the malware in first place?

You mean what Windows already does?

Looks like scamware.

So what was your problem? Do you want a program that helps you managing the ACLs in Windows more efficiently? Or what?

------------------------------------------- Sebastian,i don't understand really ur answer purpose here.I just ask u some software u know,famous and useful and i don't underline about my security problem here,i ask about the software and just the software,don't care much about security knowlegde,so that let help about software please(!),what program best and useful.Okie? Ok,so i tell u more about my soft. If you come a site and suddenly,a file down and install on ur computer,so how do you deal with?And if you install a file that bound with a virus,so beside you install the soft,how do you know and treat with that malware?Some month ago i get xorer virus from a CD-Rom(it is so unluck to me that that time my antivirus not updated) and it inject to all exe files....,after then i update and it del all my data. Windows ACLs i know alitlle but as i know,if a folder write and delete protected then no any program can write data to it,and if a folder can be write by a program then virus can write to it. Process Monitor i know but so slow down and not a installation monitor tool ja,even i use it monitor my installation then i cannot control anything aswell.Scamware i dont know. Okie,so all your ever advice is not useful for me.Anyway thanks for the care!(Ah,and what is "huh?" :D,my English not well ja,seemed u often huh? on ur saying?? is that right?:D,just joke,ur style is wonderful with me :D)

Kay,your knowlegde really nice,thank very much.But maybe i was wrong,my problem seemed not really security,it just about some tools.Anyway thanks!

Reply to
Olicaca

Would you please write in proper English, like in any other formal letter?

Sorry that I dared for actually addressing your problem... Anyway, this is a newsgroup, not a support forum. Don't expect your questions to be answered or even the discussion leading to a point you'd like.

Your system is compromised, so no software can't help you. D'Oh, that's trivial!

Turn off the computer, boot from an offline media, create a backup and then start verifying against a well-known safe backup, signature base etc., consequently restoring any modification. Then I'd login as admin, create a new user account and shift over all data. Then I start verifying them in the background while rebuilding all settings and reinstalling all relevant programs from trusted media.

What else?

I simply don't do this. Period.

I guess I'd recognize the misbehaviour pretty soon, and start investigating it.

Even if it was, that generally wouldn't have stopped it.

That is, the effective write access of the user to the folder is denied. That's what you mean? Since there's some scenarios where other permissions might allow write access as well (f.e. being the owner, being able to change the ACLs, delete child permissions on the upper folder).

Yes, trivially. The access is enforced by the kernel, and everything has to pass trough it for accessing hardware resources (other than CPU and RAM).

You cannot control other than by ACLs and capabilities. If you give write access somewhere, then the installation is free to write there. if you don't want this, set proper permissions.

You know, it is security software that tries to implement a broken concept in a broken way, so actually reduces the security.

Well, this might be because you didn't ask the proper questions? From what you wrote it seems like you didn't even flatten and rebuild the system.

Reply to
Sebastian G.

You can try Secure Auditor, a new software for unified digital risk management issues. It contain 30 embedded security tools along with event log viewers. May be it works for you. Download it from

formatting link

Reply to
ana

Reply to
Olicaca

Maybe a webforum?

But I still wonder where your problem is. Flatten and rebuild the system, then the system is recovered from the compromise. (Heck, in fact, if this hasn't already been clear to you, then maybe you shouldn't dare administrating a computer all by yourself.)

Wrong. Google Groups is merely a web interface for Usenet, and Usenet is a media for *discussing news*. Discussions are different from simple support stuff.

Usenet follows both some agreed technical laws as well as many social laws. One of these is that discussions won't generally lead your way, and not answer your questions at all.

Coming to think of it, don't you think that comp.security.*firewalls* might be the wrong group?

Reply to
Sebastian G.

Anna,what is that,i see you post that to many group,could utell me more?Is there the serial or it is freeware?

Reply to
Olicaca

It's spam.

Reply to
Sebastian G.

One of the "perks" of Vista's UAC is that it solves this problem, running as a limited user by default, but simplifying the process to switch to administrative rights.

Reply to
DevilsPGD

DevilsPGD wrote in news: snipped-for-privacy@4ax.com:

and training the users to click on warning messages whenever they pop up.

Reply to
bz

Which only puts you back to where you were before UAC. However, for those that pay even a minimal amount of attention and notice that they did not initiate an action that required elevation, they may notice.

Honestly, if you're even seeing UAC popups daily once your systems are up and running, I'd go as far as to say you're probably not an average end user, or you're doing something wrong to begin with.

(Anyone who has even heard of usenet is probably not an end user. From watching some audio reports, my kids haven't seen a UAC prompt in some weeks, although I have been updating iTunes+Quicktime for them)

Reply to
DevilsPGD

try kaspersky antivirus....should help u out in most of ur requirements...

Reply to
Arjun

Hm... didn't we discuss security? I fail to see how introducing an additional security nightmare should help...

Reply to
Sebastian G.

Hm... didn't we discuss security? I fail to see how introducing an additional security nightmare should help...

But well, quite typical for someone who even abuses MSIE as a webbrowser. But even those guys are normally honest to themselves and don't dare teaching others about security since they know that they're lacking competence.

Reply to
Sebastian G.

How exactly will Kaspersky help me? Are you even reading this thread?

Reply to
DevilsPGD

Hide quoted text -

kaspersky will prompt you every time a program is trying to access registry and system files ......most of the time u can say no so that non of the software is able to modify registry / use system file area....this in turn will help you to be catious about any product installation...(i suppose if u r knowing this much u also will be knowing which program to allow n which not)....thses are some parts which i meant to say that kaspersky could help.....

Reply to
Arjun

Unless the program is malicious and simply answers these prompts itself.

Wrong again. If it wants to, then it simply does by simply choosing other means.

At any rate, it looks like you're abusing MSIE as a webbrowser. And you want to teach others about security? Laughable!

Reply to
Sebastian G.

Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.