Re: [Freedos-user] Announce: FDSHIELD 26mar2005 anti-malware shield / docs
Hi! 9-Апр-2005 23:22 I wrote to freedos-user@lists.sourceforge.net: AVB> Program may be converted: AVB> - by external converter (like my COM2EXE). This adds only 32 bytes to executable. AVB> Shortage: if you wish to reduce AVB> memory allocation for your program (from 64k to something lesser), you AVB> should know required value and point it as COM2EXE option argument. You may get it from CuteMouse archive. AVB> - by adding EXE header into COM source. After discussing with Eduardo AVB> Casino, In June 2004. AVB> I make template, which shows, how to do this. Ask me, if you wish get it. AVB> - by changing source from COM to EXE style. --- SF email is sponsored by - The IT Product Guide Read honest & candid reviews on hundreds of IT Products from real users. Discover which products truly live up to the hype. Start reading now. http://ads.osdn.com/?ad_ide95&alloc_id396&op=click ___ Freedos-user mailing list Freedos-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/freedos-user
Re: [Freedos-user] Announce: FDSHIELD 26mar2005 anti-malware shield / docs
Examples are the key to succinct communication. Describe a couple of possible setups, hardware and software, and show the command with the desired switches and explain why. This would be good for an "executive summary" to preface the main documentation, but not a replacement. Extremism in the name of thorough documentation is no vice. Charlie --- Eric Auer <[EMAIL PROTECTED]> wrote: > Walt also wrote some nice but somehow longish > documentation. If you have suggestions about > makeing the documentation shorter, please let us > know. __ Do you Yahoo!? Yahoo! Small Business - Try our new resources site! http://smallbusiness.yahoo.com/resources/ --- SF email is sponsored by - The IT Product Guide Read honest & candid reviews on hundreds of IT Products from real users. Discover which products truly live up to the hype. Start reading now. http://ads.osdn.com/?ad_id=6595&alloc_id=14396&op=click ___ Freedos-user mailing list Freedos-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/freedos-user
Re: [Freedos-user] Announce: FDSHIELD 26mar2005 anti-malware shield / docs
Hi! 9-Апр-2005 14:05 [EMAIL PROTECTED] (Eric Auer) wrote to freedos-user@lists.sourceforge.net: EA> The FDSHIELD COM file is now almost 4 kB big (UPXed size, otherwise it -^^^ EA> is almost 6 kB big) and the shield takes about 4 kB RAM while resident EA> (you can load it to UMBs if you want, it will need 6-7 kB of UMB space -^^^-^ EA> to initialize and load successfully). You definitely get more security I imperatively recommend to convert .COM file of (any) TSR, which allowed to load trough LOADHIGH, to .EXE format. Such conversion: - prevents memory destroying, when there is no sufficient (for initialization) memory space in UMB; - allows to load program into suitable (by size) UMB (not into biggest); - prevents users disturbing by useless (for them) information (about memory, required for initialization). Program may be converted: - by external converter (like my COM2EXE). Shortage: if you wish to reduce memory allocation for your program (from 64k to something lesser), you should know required value and point it as COM2EXE option argument. - by adding EXE header into COM source. After discussing with Eduardo Casino, I make template, which shows, how to do this. - by changing source from COM to EXE style. --- SF email is sponsored by - The IT Product Guide Read honest & candid reviews on hundreds of IT Products from real users. Discover which products truly live up to the hype. Start reading now. http://ads.osdn.com/?ad_ide95&alloc_id396&op=click ___ Freedos-user mailing list Freedos-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/freedos-user
Re: [Freedos-user] Announce: FDSHIELD 26mar2005 anti-malware shield / docs
The one thing I disliked about vsafe's behavior is it will effectively lock the computer waiting for input when it pops up its action menu on any int 13h read/writes. So, does FDSHIELD have a means of allowing unattended operation say if user don't press key when something suspicious int call/function happen? Eric Auer wrote: Hi, time to spread the news about a bigger update of my FDSHIELD "malware activity blocker" (I would not call it an antivirus software, but it is definitely inspired by VSAFE, although FDSHIELD knows no virus signatures) :-). Walt Gregg has helped me a lot with this, and actually the whole update started when he contacted me, telling that FDSHIELD works nice for him in OS/2 DOS boxes but that he found ways to bypass it. So I kept improving the protection and he kept testing... Walt also wrote some nice but somehow longish documentation. If you have suggestions about makeing the documentation shorter, please let us know. You can get the program from: http://www.coli.uni-saarland.de/~eric/stuff/soft/specials/ fdshield-26mar2005.zip and you can view the documentation online on: http://home.gci.net/~wmgregg/computers/fdshield.htm Check the help screen (now with highlighting if ANSI is loaded)...: Syntax: FDSHIELD [/?] [/v] [/x] [/X] [/b] [/B] [/t] [/T] [/w] [/W] /v show verbose warnings /? show help, do not start shield /x protect exe/sys/com /X protect exe/sys/com/bat more Warning: There is no LongFileName access file protection yet /b floppy boot protect /B harddisk/ramdisk boot protect Do not try to FORMAT drives with protected boot sectors /t block TSRs and devices/T block CWSDPMI and RTM, enable /t Use /T in DOS boxes or load your DOS extender as TSR first TSR block *halts* the PC when a TSR or device gets loaded /w floppy write protect /W harddisk/ramdisk write protect Activating /w and /W together simulates all files readonly Writes to write-protected fixed/RAM-disks can *hang* DOS You cannot use '|' pipes without writeable TEMP directory Do not start delayed-write caches while /w or /W is on Note: Sabotage check and raw harddisk format block are always on The main changes are: TSR blocking got stronger, TSR blocking now has a mode which explicitly lets through RTM and CWSDPMI (it does do some checks to make sure that it is actually RTM and CWSDPMI), the device driver chain is now checked for changes while TSR blocking is on, and the executable file protection got a lot stronger and now comes in two styles: One allowing BAT modification and definitely-non-overwriting executable file creation, and one which even blocks creation and BATs. The FDSHIELD COM file is now almost 4 kB big (UPXed size, otherwise it is almost 6 kB big) and the shield takes about 4 kB RAM while resident (you can load it to UMBs if you want, it will need 6-7 kB of UMB space to initialize and load successfully). You definitely get more security and more verbose and user-friendly messages for that, compared to the 04jul2004 version (which was 2.3 kB / unpacked 3.2 kB / 2.5 kB in RAM). Make sure to check the extra in those 1.7 kB on disk and 1.2 kB in RAM :-). Eric -- --chris 1-916-501-1423 http://bbx.flnet.org/nxdos/";>http://bbx.flnet.org/nxdos/ Mirror: http://digiatoll.unixserverhosting.com/nxdos/";>http://digiatoll.unixserverhosting.com/nxdos/ http://members.fortunecity.com/teknopup/nxdos/";>http://members.fortunecity.com/teknopup/nxdos/ --- SF email is sponsored by - The IT Product Guide Read honest & candid reviews on hundreds of IT Products from real users. Discover which products truly live up to the hype. Start reading now. http://ads.osdn.com/?ad_id=6595&alloc_id=14396&op=click ___ Freedos-user mailing list Freedos-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/freedos-user
[Freedos-user] Announce: FDSHIELD 26mar2005 anti-malware shield / docs
Hi, time to spread the news about a bigger update of my FDSHIELD "malware activity blocker" (I would not call it an antivirus software, but it is definitely inspired by VSAFE, although FDSHIELD knows no virus signatures) :-). Walt Gregg has helped me a lot with this, and actually the whole update started when he contacted me, telling that FDSHIELD works nice for him in OS/2 DOS boxes but that he found ways to bypass it. So I kept improving the protection and he kept testing... Walt also wrote some nice but somehow longish documentation. If you have suggestions about makeing the documentation shorter, please let us know. You can get the program from: http://www.coli.uni-saarland.de/~eric/stuff/soft/specials/ fdshield-26mar2005.zip and you can view the documentation online on: http://home.gci.net/~wmgregg/computers/fdshield.htm Check the help screen (now with highlighting if ANSI is loaded)...: Syntax: FDSHIELD [/?] [/v] [/x] [/X] [/b] [/B] [/t] [/T] [/w] [/W] /v show verbose warnings /? show help, do not start shield /x protect exe/sys/com /X protect exe/sys/com/bat more Warning: There is no LongFileName access file protection yet /b floppy boot protect /B harddisk/ramdisk boot protect Do not try to FORMAT drives with protected boot sectors /t block TSRs and devices/T block CWSDPMI and RTM, enable /t Use /T in DOS boxes or load your DOS extender as TSR first TSR block *halts* the PC when a TSR or device gets loaded /w floppy write protect /W harddisk/ramdisk write protect Activating /w and /W together simulates all files readonly Writes to write-protected fixed/RAM-disks can *hang* DOS You cannot use '|' pipes without writeable TEMP directory Do not start delayed-write caches while /w or /W is on Note: Sabotage check and raw harddisk format block are always on The main changes are: TSR blocking got stronger, TSR blocking now has a mode which explicitly lets through RTM and CWSDPMI (it does do some checks to make sure that it is actually RTM and CWSDPMI), the device driver chain is now checked for changes while TSR blocking is on, and the executable file protection got a lot stronger and now comes in two styles: One allowing BAT modification and definitely-non-overwriting executable file creation, and one which even blocks creation and BATs. The FDSHIELD COM file is now almost 4 kB big (UPXed size, otherwise it is almost 6 kB big) and the shield takes about 4 kB RAM while resident (you can load it to UMBs if you want, it will need 6-7 kB of UMB space to initialize and load successfully). You definitely get more security and more verbose and user-friendly messages for that, compared to the 04jul2004 version (which was 2.3 kB / unpacked 3.2 kB / 2.5 kB in RAM). Make sure to check the extra in those 1.7 kB on disk and 1.2 kB in RAM :-). Eric --- SF email is sponsored by - The IT Product Guide Read honest & candid reviews on hundreds of IT Products from real users. Discover which products truly live up to the hype. Start reading now. http://ads.osdn.com/?ad_id=6595&alloc_id=14396&op=click ___ Freedos-user mailing list Freedos-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/freedos-user