GeSWall 2.8

Jacob · April 28, 2009, 12:52am

I’m still waiting for 64 bit…

Jacob

Kyle142 · April 28, 2009, 1:02am

That sucks… I’m still waiting for CIMA

BTW, Silentmusic - I’m not saying GeSWall is better than defense+… I’m just saying it better suites my habits. Which is Websurfing,IM’s,Gamming,Torrents. with 0 pop-ups.

I will probably install CIS 3.9 when it’s released, just purely because I like being apart of the comunity, Except GeSWall will still stay for that little bit extra.

jeremysbost · April 28, 2009, 1:43am

I have trouble with GeSWall - Windows Live Mail and a few others won’t run isolated.

I make allow rules for an app, but GeSWall doesn’t always follow them. For example, even if I create an allow rule with “*” (a file rule), it blocks access to some files.

Kyle142 · April 28, 2009, 1:56am

Come on msn 88)

MetalShaun · May 5, 2009, 9:20pm

Me to. its a very good program didnt let anything through when i tested it. But i didnt use it for very long cause i cant use it on my 64bit system and i reakon if i bumped into some of the bugs mentioned above i would get very annoyed.

Theres something very satifying with programs like geswall and sandboxie having lots of malware in isolation and just clicking one button to kill em all.

SilentMusic7 · May 6, 2009, 4:50pm

What are folks’ experience in comparing GeSWall and SandBoxie for use with Firefox? I am running Win XP Pro (32-bit).

BHRS · May 6, 2009, 5:34pm

I have Vista 32 bit and tried GeSWall and Sandboxie seperately. For my use, I like Sandboxie because I can see what it is doing. I have spent some time setting up different levels of security in my sandboxes for surfing and secure banking.

GeSWall made me feel little unsecure just because it is set with pre-defined policies. I’d prefer to see what is being installed in the sandbox rather than trusting that GeSWall is stopping it.

As a side note, when I loaded it on my Vista machine I also tried to load it on my wifes XP laptop, but the program would not load and wouldn’t give me any errors. I reinstalled Sandboxie on her machine with the parental controls setup on CIS and so far no issues.

SilentMusic7 · May 6, 2009, 6:59pm

Do I understand correctly that you are referring to GeSWall in the above text?

BHRS · May 6, 2009, 10:32pm

That’s right. I tried to load it on my wife’s laptop and it would not complete the install and when I tried to reboot, all I had was a black screen. I had to uninstall it to make the laptop restart.

IBadget · May 7, 2009, 4:10am

I managed to get Adobe Acrobat to work isolated. I used the logs to create the following rules:

[tr][td]Resource[/td][td]Type[/td][td]Access[/td][/tr]
[tr][td]%HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders\Cache%[/td][td]File[/td][td]Allow[/td][/tr]
[tr][td]%HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders\Cookies%[/td][td]File[/td][td]Allow[/td][/tr]
[tr][td]%HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders\History%[/td][td]File[/td][td]Allow[/td][/tr]
[tr][td]%ProgramFiles%\Common Files\Adobe\Adobe PCD[/td][td]File[/td][td]Allow[/td][/tr]
[tr][td]%ProgramFiles%\Common Files\Adobe\Adobe PCD\cache[/td] [td]File[/td][td]Allow[/td][/tr]
[tr][td]HKU\S-1-5-21-1275210071-1580436667-725345543-1004\Software\Adobe\Adobe Acrobat\8.0\RememberedViews\cNoCategoryFiles\c1\cViewDef\ipageViewY[/td][td]Registry[/td][td]Allow[/td][/tr]
[tr][td]HKU\S-1-5-21-1275210071-1580436667-725345543-1004\Software\Adobe\Adobe Acrobat\8.0\RememberedViews\cNoCategoryFiles\c1\cViewDef\ipageViewPageNum[/td][td]Registry[/td][td]Allow[/td][/tr]
[tr][td]HKU\S-1-5-21-1275210071-1580436667-725345543-1004\Software\Adobe\Adobe Acrobat\8.0\RememberedViews\cNoCategoryFiles\c1\cViewDef\ipageViewMinVisPageNum[/td][td]Registry[/td][td]Allow[/td][/tr]
[tr][td]HKU\S-1-5-21-1275210071-1580436667-725345543-1004\Software\Adobe\Adobe Acrobat\8.0\RememberedViews\cNoCategoryFiles\c1\cViewDef\ipageViewMaxVisPageNum[/td][td]Registry[/td][td]Allow[/td][/tr]
[tr][td]HKU\S-1-5-21-1275210071-1580436667-725345543-1004\Software\Adobe\Adobe Acrobat\8.0\RememberedViews\cNoCategoryFiles\c1\cViewDef\cTopLeftView\ipageViewY[/td][td]Registry[/td][td]Allow[/td][/tr]
[tr][td]HKU\S-1-5-21-1275210071-1580436667-725345543-1004\Software\Adobe\Adobe Acrobat\8.0\RememberedViews\cNoCategoryFiles\c1\cViewDef\cTopLeftView\ipageViewPageNum[/td][td]Registry[/td][td]Allow[/td][/tr]
[tr][td]HKU\S-1-5-21-1275210071-1580436667-725345543-1004\Software\Adobe\Adobe Acrobat\8.0\RememberedViews\cNoCategoryFiles\c1\iTime[/td][td]Registry[/td][td]Allow[/td][/tr]
[tr][td]HKU\S-1-5-21-1275210071-1580436667-725345543-1004\Software\Adobe\Adobe Acrobat\8.0\AVGeneral\bLastExitNormal[/td][td]Registry[/td][td]Allow[/td][/tr]
[tr][td]HKU\S-1-5-21-1275210071-1580436667-725345543-1004\Software\Adobe\Adobe Acrobat\8.0\AVGeneral\bActivated[/td][td]Registry[/td][td]Allow[/td][/tr]
[tr][td]HKU\S-1-5-21-1275210071-1580436667-725345543-1004\Software\Adobe\Adobe Acrobat\8.0\AdobeViewer\PrintToFile[/td][td]Registry[/td][td]Allow[/td][/tr]
[tr][td]HKU\S-1-5-21-1275210071-1580436667-725345543-1004\Software\Adobe\Adobe Acrobat\8.0\AdobeViewer\MaxApp[/td][td]Registry[/td][td]Allow[/td][/tr]
[tr][td]HKU\S-1-5-21-1275210071-1580436667-725345543-1004\Software\Adobe\Adobe Acrobat\8.0\AdobeViewer\MaxDoc[/td][td]Registry[/td][td]Allow[/td][/tr]
[tr][td]SC_MANAGER OBJECT\ServicesActive[/td][td]System Object[/td][td]Allow[/td][/tr]
[tr][td]SERVICE OBJECT\FLEXnet Licensing Service[/td][td]System Object[/td][td]Allow[/td][/tr]
[tr][td]HKLM\SOFTWARE\Macrovision\FLEXnet Publisher\Install_RetryCounter[/td][td]Registry[/td][td]Allow[/td][/tr]
[tr][td]SERVICE OBJECT\FLEXnet Licensing Service[/td][td]Network[/td][td]Allow[/td][/tr]
[tr][td]\Device\NamedPipe\FLEXnet Licensing ServiceABF27A87-DC96-4b05-A06B-83EB2749B800[/td][td]File[/td][td]Allow[/td][/tr]
[tr][td]HKLM\SYSTEM\WSZXSGANXFJVAYSXYQGNXKQY[/td][td]Registry[/td][td]Allow[/td][/tr]
[tr][td]HKLM\SOFTWARE\Classes\TypeLib{1EA4DBF0-3C3B-11CF-810C-00AA00389B71}\1.1\0\win32[/td][td]Registry[/td][td]Allow[/td][/tr]
[tr][td]\Device\NamedPipe\lsass[/td][td]File[/td][td]Allow[/td][/tr]
[tr][td]\Device\NamedPipe\srvsvc[/td][td]File[/td][td]Allow[/td][/tr]
[tr][td]\Device\NamedPipe\DAV RPC SERVICE[/td][td]File [/td][td]Allow[/td][/tr]

SilentMusic7 · May 7, 2009, 2:13pm

Thanks for detailing your efforts IBadget.
I imagine that was as painful as using Defense+ in paranoid mode.

The folder names for Adobe Reader look like you are using version 8.x. Adobe has fixed some security holes in v9.1. You may be interested in v9.1 lite, which is more lightweight. I have been using it for many months with no problem. See http://www.majorgeeks.com/Adobe_Reader_Lite_d5915.html
Click on the link for the author to see the forum thread discussing the lite version.

hehomain · June 13, 2009, 11:48am

i have to disagree strongly, geswall is not user-friendly at all and causes severe incompatibility issues ,specially when softwares are inter-dependent.eg internet explorer and windows live messenger.

Kyle142 · June 15, 2009, 12:45pm

There is a bug with windows live messenger which will be fixed within the next update of Geswall.
Problems with Internet explorer? o.O Post the relevant part of your log here and I’ll see what I can do.

jeremysbost · June 15, 2009, 3:18pm

Where did you learn that?

Kyle142 · June 15, 2009, 5:03pm

I Contacted GentleSecurity support and they replied;

Dear Kyle,
there is a problem with Live messenger which should be fixed in the
next release.

For the moment I could propose previous version of GeSWall 2.7.2.

http://www.gentlesecurity.com/files/geswall.2.7.2.1.freeware.msi
http://www.gentlesecurity.com/files/geswall.2.7.2.1.pro.msi

Best regards,
Brian L. Walche,
GeSWall Support
GentleSecurity S.a.r.l.
www.gentlesecurity.com

jeremysbost · June 15, 2009, 5:15pm

Ok, thanks. I wonder if they know of the “Adobe problem” and the problems with the rest of the Windows Live proggies.

Kyle142 · June 16, 2009, 2:46am

It might be a good idea to report it to them on the forums or through their support contact…