Drive Sentry [merged thread]

[Guest]

[doktornotor]

Quite complex product. I'd suggest reading this Wilders Security thread to get a better idea on how it works. 

[Kyle]

I'm testing it out - looks good.

EDIT::  They are discussing DS at wilders, with one of their staff members.
http://www.wilderssecurity.com/showthread.php?t=209764

[panic]

They must be using the phrase "data firewall" as meaning "a firewall for the data that exists on your system and what can or cannot access it". DriveSentry is a great product, but it is really just a whitelist based HIPS. A bloody good one, but nothing more than that.

I've tested the last couple of revisions and there is no traffic monitoring, just application layer monitoring.

Just like J-Lo, nice HIPS.

Ewen :-)

[Kyle]

Thanks ewen,

It kinda looks like Comodo is heading towards what drivesentry is doing?

White listing, Black listing, HIPS and an advisor (Will give information on what users before you have selected if the program is unknown) -

[hyatt69]

i like the advisor part of drivesentry,looks like thats what threatcast will do for comodo that will be a great addition i think

[Kyle]

Yeah and Also, It does not conflict with D+ at all!  It's like having 2 opinions

[salmonela]

This thread should go to HIPS section (data firewal≈HIPS, data firewall≠personal firewall)

[eXPerience]

*Zucht* were is ganda when we need him  ... I'll move it then, I was waiting some time after Panic said it was a HIPS, but I was waiting for Ganda as he moved already half of the forums 

Xan

[salmonela]

*Zucht* were is ganda when we need him  ... I'll move it then, I was waiting some time after Panic said it was a HIPS, but I was waiting for Ganda as he moved already half of the forums 

Xan

so Ganda is moving force of forum
Josh is "locksmith"
and you are corrector
  ends

[eXPerience]

Yeah, and normally I should split this  , but as I'm tired... I leave it like that, I don't think it will do any damage..

Back to Drivesentry now, I like this software. More and more developers are going to whitelisting instead of the blacklisting first  . Haven't tested it yet, but I'll try later  .

Xan

[Kyle]

no!! what are you doing!? This is an anti virus.

[ganda]

no!! what are you doing!? This is an anti virus.

wow, what a mysterious thing is this drivesentry it is a firewall/antivirus/HIPS
maybe it's an antivirus with whitelisting approach    (i am so KEWL  )
maybe similar to CAVS 2
i'll give it a try 

Yeah and Also, It does not conflict with D+ at all!  It's like having 2 opinions

are you sure? ....... is ammee sure?  coz i plan to replace avast with this (coz the site looks cool  ) . but maybe i'll switch off the HIPS part if there's any option to do that.

edit:
installed! it's now synchronizing to its advisor database. the installer only 1,7MB

you guys definitely have to try it! coz i'm definitely in love with katie   
http://www.wilderssecurity.com/showthread.php?t=209764

1) no conflict with current AV, (ouch i've removed avast  )
DriveSentry is currently compatible with the majority of third party AV products and will remain this way. This gives people the option to use DriveSentry as a standalone security solution or as an extra layer of defence alongside their existing security software.


2) similar to threatfire
DriveSentry has similar technology to that of ThreatFire because we monitor how a process appears and what its intentions are. This heuristic/ behavioural technology kicks in if the program attempting to access your system is not within our white or blacklist. DriveSentry does not just monitor access to the drives although this is how the name portrays it! DriveSentry actually monitors memory and registry access too!

the site says it's an AV.i removed avast, now if i wanna keep it, looks like i have to turn off Defense+

hmmmm, katie or kim? 

[panic]

coz i'm definitely in love with katie   

No fair! I calloed shotgun on Katie first!! 

[Kyle]

Hey Ganda! It should be ok, It's compatible with D+.

[Rafel]

I tested some times ago in a Virtual Machine:
-Nice idea, with white list and black list.
-I dom't know if it's compatible, but i think maybe it's compatible, because this AV has not the same kind of HIPS.
-It's light in system resources.
But:
-No shell extension, and then, you can "analize" a file, a folder,etc.
-Not recognized by security center.
For now, while i'm waiting CAVS 3 for testing, i prefer AVAST, CBOClean and HIPS by D+ of CPW.

[Tags:]