Hi, time to spread the news about a bigger update of my FDSHIELD "malware activity blocker" (I would not call it an antivirus software, but it is definitely inspired by VSAFE, although FDSHIELD knows no virus signatures) :-).
Walt Gregg has helped me a lot with this, and actually the whole update started when he contacted me, telling that FDSHIELD works nice for him in OS/2 DOS boxes but that he found ways to bypass it. So I kept improving the protection and he kept testing... Walt also wrote some nice but somehow longish documentation. If you have suggestions about makeing the documentation shorter, please let us know. You can get the program from: http://www.coli.uni-saarland.de/~eric/stuff/soft/specials/ fdshield-26mar2005.zip and you can view the documentation online on: http://home.gci.net/~wmgregg/computers/fdshield.htm Check the help screen (now with highlighting if ANSI is loaded)...: Syntax: FDSHIELD [/?] [/v] [/x] [/X] [/b] [/B] [/t] [/T] [/w] [/W] /v show verbose warnings /? show help, do not start shield /x protect exe/sys/com /X protect exe/sys/com/bat more Warning: There is no LongFileName access file protection yet /b floppy boot protect /B harddisk/ramdisk boot protect Do not try to FORMAT drives with protected boot sectors /t block TSRs and devices /T block CWSDPMI and RTM, enable /t Use /T in DOS boxes or load your DOS extender as TSR first TSR block *halts* the PC when a TSR or device gets loaded /w floppy write protect /W harddisk/ramdisk write protect Activating /w and /W together simulates all files readonly Writes to write-protected fixed/RAM-disks can *hang* DOS You cannot use '|' pipes without writeable TEMP directory Do not start delayed-write caches while /w or /W is on Note: Sabotage check and raw harddisk format block are always on The main changes are: TSR blocking got stronger, TSR blocking now has a mode which explicitly lets through RTM and CWSDPMI (it does do some checks to make sure that it is actually RTM and CWSDPMI), the device driver chain is now checked for changes while TSR blocking is on, and the executable file protection got a lot stronger and now comes in two styles: One allowing BAT modification and definitely-non-overwriting executable file creation, and one which even blocks creation and BATs. The FDSHIELD COM file is now almost 4 kB big (UPXed size, otherwise it is almost 6 kB big) and the shield takes about 4 kB RAM while resident (you can load it to UMBs if you want, it will need 6-7 kB of UMB space to initialize and load successfully). You definitely get more security and more verbose and user-friendly messages for that, compared to the 04jul2004 version (which was 2.3 kB / unpacked 3.2 kB / 2.5 kB in RAM). Make sure to check the extra in those 1.7 kB on disk and 1.2 kB in RAM :-). Eric ------------------------------------------------------- SF email is sponsored by - The IT Product Guide Read honest & candid reviews on hundreds of IT Products from real users. Discover which products truly live up to the hype. Start reading now. http://ads.osdn.com/?ad_id=6595&alloc_id=14396&op=click _______________________________________________ Freedos-user mailing list Freedos-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/freedos-user
