A
Aaron
With GeSWall (GentleSecurityWall), you can safely surf the web,
open e-mail attachments, chat, exchange files etc, regardless of the
security threats posed by the internet. GeSWall protects you from
intrusions and malicious software by isolating vulnerable applications.
Isolation applies an access restriction policy that effectively
prevents all kinds of attacks, known and unknown.
Key Features
* Prevents key loggers, rootkits, backdoors.
* Prevents confidential file disclosure.
* Prevents intrusions.
* Prevents malicious software spreading.
* Independent of attack techniques.
* Easy to use - fully non-intrusive, no configuration required.
Looks pretty solid when i tried it. Each application has certain
definable policies that restrict what folder it can read/write, which
registry keys it can change etc. You download rulesets for popular
browsers firefox, IE, email clients etc which are customised to each
app.
You can add new policies for each app if you want.
It is comparable to http://force.coresecurity.com/ (also freeware) but
a lot less complicated (and comprehensive)
Once installed, GeSWall dynamically isolates web browsers,
e-mail, chat, P2P, IRC clients and other applications that may serve as
entry points for malicious software or intrusions. Viruses, trojans,
spyware and exploits cannot pass through an isolated application and so
cannot cause any damage.
An access restriction policy prevents leaks of confidential documents
and unauthorized modification of files, registry, etc., coming through
an isolated application. At the same time, these restrictions are
unintrusive and do not disable important application functionality.
The technology used allows any application to be automatically isolated
without configuration by a user. To make it even smoother and
transparent, GeSWall applies specific access rules for most popular
internet applications. Those specific rules come in an open Application
Database. GentleSecurity staff regularly adds new applications to the
database so you can get smooth support for more applications from the
automatic update service.
With the GeSWall Console, advanced users may choose an appropriate
security mode and create rules for applications which are not currently
in the application database.
I tested it against WMF exploits, no problems. Very light resource
wise.
Note: According to a reply from the rep, it is supposed to be freeware
forever, but there's a possibility they *may* charge for updates to the
application rulesets after one year.. Of course, there is no reason why
people can't make their own policies and share....
http://www.gentlesecurity.com/overview.html