subject:"\[Freedos\-user\] Announce\: FDSHIELD 26mar2005 anti\-malware shield \/ docs"

Re: [Freedos-user] Announce: FDSHIELD 26mar2005 anti-malware shield / docs

2005-04-09 Thread Arkady V.Belousov

Hi!

9-Апр-2005 23:22 I wrote to freedos-user@lists.sourceforge.net:

AVB> Program may be converted:
AVB> - by external converter (like my COM2EXE).

 This adds only 32 bytes to executable.

AVB> Shortage: if you wish to reduce
AVB>   memory allocation for your program (from 64k to something lesser), you
AVB>   should know required value and point it as COM2EXE option argument.

 You may get it from CuteMouse archive.

AVB> - by adding EXE header into COM source. After discussing with Eduardo
AVB>   Casino,

 In June 2004.

AVB>   I make template, which shows, how to do this.

 Ask me, if you wish get it.

AVB> - by changing source from COM to EXE style.




---
SF email is sponsored by - The IT Product Guide
Read honest & candid reviews on hundreds of IT Products from real users.
Discover which products truly live up to the hype. Start reading now.
http://ads.osdn.com/?ad_ide95&alloc_id396&op=click
___
Freedos-user mailing list
Freedos-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/freedos-user

Re: [Freedos-user] Announce: FDSHIELD 26mar2005 anti-malware shield / docs

2005-04-09 Thread Charlie Wilkes

Examples are the key to succinct communication. 
Describe a couple of possible setups, hardware and
software, and show the command with the desired
switches and explain why.  This would be good for an
"executive summary" to preface the main documentation,
but not a replacement.  Extremism in the name of
thorough documentation is no vice.

Charlie

--- Eric Auer <[EMAIL PROTECTED]> wrote:
> Walt also wrote some nice but somehow longish 
> documentation. If you have suggestions about
> makeing the documentation shorter, please let us
> know.

__ 
Do you Yahoo!? 
Yahoo! Small Business - Try our new resources site!
http://smallbusiness.yahoo.com/resources/

---
SF email is sponsored by - The IT Product Guide
Read honest & candid reviews on hundreds of IT Products from real users.
Discover which products truly live up to the hype. Start reading now.
http://ads.osdn.com/?ad_id=6595&alloc_id=14396&op=click
___
Freedos-user mailing list
Freedos-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/freedos-user

Re: [Freedos-user] Announce: FDSHIELD 26mar2005 anti-malware shield / docs

2005-04-09 Thread Arkady V.Belousov

Hi!

9-Апр-2005 14:05 [EMAIL PROTECTED] (Eric Auer) wrote to
freedos-user@lists.sourceforge.net:

EA> The FDSHIELD COM file is now almost 4 kB big (UPXed size, otherwise it
-^^^
EA> is almost 6 kB big) and the shield takes about 4 kB RAM while resident
EA> (you can load it to UMBs if you want, it will need 6-7 kB of UMB space
-^^^-^
EA> to initialize and load successfully). You definitely get more security

 I imperatively recommend to convert .COM file of (any) TSR, which
allowed to load trough LOADHIGH, to .EXE format. Such conversion:

- prevents memory destroying, when there is no sufficient (for
  initialization) memory space in UMB;
- allows to load program into suitable (by size) UMB (not into biggest);
- prevents users disturbing by useless (for them) information (about memory,
  required for initialization).

Program may be converted:

- by external converter (like my COM2EXE). Shortage: if you wish to reduce
  memory allocation for your program (from 64k to something lesser), you
  should know required value and point it as COM2EXE option argument.
- by adding EXE header into COM source. After discussing with Eduardo
  Casino, I make template, which shows, how to do this.
- by changing source from COM to EXE style.




---
SF email is sponsored by - The IT Product Guide
Read honest & candid reviews on hundreds of IT Products from real users.
Discover which products truly live up to the hype. Start reading now.
http://ads.osdn.com/?ad_ide95&alloc_id396&op=click
___
Freedos-user mailing list
Freedos-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/freedos-user

Re: [Freedos-user] Announce: FDSHIELD 26mar2005 anti-malware shield / docs

2005-04-09 Thread _

The one thing I disliked about vsafe's behavior is it will effectively 
lock the computer waiting for input when it pops up its action menu on 
any int 13h read/writes. So, does FDSHIELD have a means of allowing 
unattended operation say if user don't press key when something suspicious
int call/function  happen?

Eric Auer wrote:
Hi, time to spread the news about a bigger update of my
FDSHIELD "malware activity blocker" (I would not call it
an antivirus software, but it is definitely inspired by
VSAFE, although FDSHIELD knows no virus signatures) :-).
Walt Gregg has helped me a lot with this, and actually the
whole update started when he contacted me, telling that
FDSHIELD works nice for him in OS/2 DOS boxes but that he
found ways to bypass it. So I kept improving the protection
and he kept testing... Walt also wrote some nice but somehow
longish documentation. If you have suggestions about makeing
the documentation shorter, please let us know.
You can get the program from:
http://www.coli.uni-saarland.de/~eric/stuff/soft/specials/
 fdshield-26mar2005.zip
and you can view the documentation online on:
http://home.gci.net/~wmgregg/computers/fdshield.htm
Check the help screen (now with highlighting if ANSI is loaded)...:
Syntax: FDSHIELD [/?] [/v]  [/x] [/X]  [/b] [/B]  [/t] [/T]  [/w] [/W]
 /v  show verbose warnings /?  show help, do not start shield
 /x  protect exe/sys/com   /X  protect exe/sys/com/bat more
 Warning: There is no LongFileName access file protection yet
 /b  floppy boot protect   /B  harddisk/ramdisk boot protect
 Do not try to FORMAT drives with protected boot sectors
 /t  block TSRs and devices/T  block CWSDPMI and RTM, enable /t
 Use /T in DOS boxes or load your DOS extender as TSR first
 TSR block *halts* the PC when a TSR or device gets loaded
 /w  floppy write protect  /W  harddisk/ramdisk write protect
 Activating /w and /W together simulates all files readonly
 Writes to write-protected fixed/RAM-disks can *hang* DOS
 You cannot use '|' pipes without writeable TEMP directory
 Do not start delayed-write caches while /w or /W is on
Note: Sabotage check and raw harddisk format block are always on
The main changes are: TSR blocking got stronger, TSR blocking now has
a mode which explicitly lets through RTM and CWSDPMI (it does do some
checks to make sure that it is actually RTM and CWSDPMI), the device
driver chain is now checked for changes while TSR blocking is on, and
the executable file protection got a lot stronger and now comes in
two styles: One allowing BAT modification and definitely-non-overwriting
executable file creation, and one which even blocks creation and BATs.
The FDSHIELD COM file is now almost 4 kB big (UPXed size, otherwise it
is almost 6 kB big) and the shield takes about 4 kB RAM while resident
(you can load it to UMBs if you want, it will need 6-7 kB of UMB space
to initialize and load successfully). You definitely get more security
and more verbose and user-friendly messages for that, compared to the
04jul2004 version (which was 2.3 kB / unpacked 3.2 kB / 2.5 kB in RAM).
Make sure to check the extra in those 1.7 kB on disk and 1.2 kB in RAM :-).
Eric
 

--
--chris
1-916-501-1423

http://bbx.flnet.org/nxdos/";>http://bbx.flnet.org/nxdos/
Mirror: http://digiatoll.unixserverhosting.com/nxdos/";>http://digiatoll.unixserverhosting.com/nxdos/

http://members.fortunecity.com/teknopup/nxdos/";>http://members.fortunecity.com/teknopup/nxdos/

---
SF email is sponsored by - The IT Product Guide
Read honest & candid reviews on hundreds of IT Products from real users.
Discover which products truly live up to the hype. Start reading now.
http://ads.osdn.com/?ad_id=6595&alloc_id=14396&op=click
___
Freedos-user mailing list
Freedos-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/freedos-user

[Freedos-user] Announce: FDSHIELD 26mar2005 anti-malware shield / docs

2005-04-09 Thread Eric Auer


Hi, time to spread the news about a bigger update of my
FDSHIELD "malware activity blocker" (I would not call it
an antivirus software, but it is definitely inspired by
VSAFE, although FDSHIELD knows no virus signatures) :-).

Walt Gregg has helped me a lot with this, and actually the
whole update started when he contacted me, telling that
FDSHIELD works nice for him in OS/2 DOS boxes but that he
found ways to bypass it. So I kept improving the protection
and he kept testing... Walt also wrote some nice but somehow
longish documentation. If you have suggestions about makeing
the documentation shorter, please let us know.

You can get the program from:
http://www.coli.uni-saarland.de/~eric/stuff/soft/specials/
  fdshield-26mar2005.zip

and you can view the documentation online on:
http://home.gci.net/~wmgregg/computers/fdshield.htm

Check the help screen (now with highlighting if ANSI is loaded)...:

Syntax: FDSHIELD [/?] [/v]  [/x] [/X]  [/b] [/B]  [/t] [/T]  [/w] [/W]
  /v  show verbose warnings /?  show help, do not start shield
  /x  protect exe/sys/com   /X  protect exe/sys/com/bat more
  Warning: There is no LongFileName access file protection yet
  /b  floppy boot protect   /B  harddisk/ramdisk boot protect
  Do not try to FORMAT drives with protected boot sectors
  /t  block TSRs and devices/T  block CWSDPMI and RTM, enable /t
  Use /T in DOS boxes or load your DOS extender as TSR first
  TSR block *halts* the PC when a TSR or device gets loaded
  /w  floppy write protect  /W  harddisk/ramdisk write protect
  Activating /w and /W together simulates all files readonly
  Writes to write-protected fixed/RAM-disks can *hang* DOS
  You cannot use '|' pipes without writeable TEMP directory
  Do not start delayed-write caches while /w or /W is on
Note: Sabotage check and raw harddisk format block are always on


The main changes are: TSR blocking got stronger, TSR blocking now has
a mode which explicitly lets through RTM and CWSDPMI (it does do some
checks to make sure that it is actually RTM and CWSDPMI), the device
driver chain is now checked for changes while TSR blocking is on, and
the executable file protection got a lot stronger and now comes in
two styles: One allowing BAT modification and definitely-non-overwriting
executable file creation, and one which even blocks creation and BATs.

The FDSHIELD COM file is now almost 4 kB big (UPXed size, otherwise it
is almost 6 kB big) and the shield takes about 4 kB RAM while resident
(you can load it to UMBs if you want, it will need 6-7 kB of UMB space
to initialize and load successfully). You definitely get more security
and more verbose and user-friendly messages for that, compared to the
04jul2004 version (which was 2.3 kB / unpacked 3.2 kB / 2.5 kB in RAM).
Make sure to check the extra in those 1.7 kB on disk and 1.2 kB in RAM :-).

Eric




---
SF email is sponsored by - The IT Product Guide
Read honest & candid reviews on hundreds of IT Products from real users.
Discover which products truly live up to the hype. Start reading now.
http://ads.osdn.com/?ad_id=6595&alloc_id=14396&op=click
___
Freedos-user mailing list
Freedos-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/freedos-user

Re: [Freedos-user] Announce: FDSHIELD 26mar2005 anti-malware shield / docs

Re: [Freedos-user] Announce: FDSHIELD 26mar2005 anti-malware shield / docs

Re: [Freedos-user] Announce: FDSHIELD 26mar2005 anti-malware shield / docs

Re: [Freedos-user] Announce: FDSHIELD 26mar2005 anti-malware shield / docs

[Freedos-user] Announce: FDSHIELD 26mar2005 anti-malware shield / docs

5 matches

Site Navigation

Mail list logo

Footer information