Friday, January 25, 2013

[Review] Spyshelter Firewall 2.3

The Good :


- First class Anti-logger with innovative anti-sound capture module
- HIPS
- Policy-based restriction mode for processes
- Light on system
- Easy to configure and use
- Keystroke encryption (x64 only)
- Firewall

The Bad :


- Some options are obscure to the user (Hard Hook mode)
- Some modules doesn't support Win8 x64






 -------------------------------------------------------------------------------------------------------------------------

Ok, There is my review of Spyshelter Premium 8 (SSP)

Home
Features

I want to precise that i cant test it against malwares since it creates BSODs on my Virtual Box, so it will be a descriptive and usability review.
i will do a malware test later.

One interesting thing, is when you install it , it ask you if you want it start with high or normal security after the reboot.

SSP sit on my system between 20-30mb WS of RAM, i don't feel any visible slowdown.

[Image: ZxMBwl.jpg]

1- Protection Tab

Spyshelter is an Anti-Keylooger and also an HIPS, here we can see the various protection modules, SSP, it share the common protection with other products but where it is innovative is the "Anti-sound module" that protect your system against VOIP sound trojan loggers and other sound capture.
Note: the kernel module is only for x86 systems





2- Rules tab

Here is the place where the rules will be shown, you can alow/deny/check/add/edit/remove them ,you can also impot/export some rules, clean old ones (from uninstalled programs) and check all component and details of them, i like the Virus Total integration, when a process is allowed/denied, you can upload the file to it.




3- Log tab

Here is shown all the decision made by SSP or by you, nothing very exceptionnal there.




4- Restricted Apps tab

Here is an interesting feature of SSP, it is in fact a kind of policy-based "Sandbox" (like OAP's Runsafer or Comodo's Auto-sandbox), with the addition of selecting which folder/file access will be allow/deny to be writed.
When an process is run restricted, its windows will got the "Restricted" tag (if selected in the settings)








5- Firewall


SpyShelter firewall module is designed to control (permit or deny) network transmissions based upon a set of rules.It's commonly used to protect computer system networks from unauthorized access while permitting trusted communications to pass.
SpyShelter Firewall supports IPv6 protocol






6- Keystroke Encryption

This feature (available for x64 system only) will encrypt any of your keystrokes (a la "Keyscrambler") so even if a keylogger successfully leaks datas to the attacker , he will not be able to read them.







6- Settings tab

There are the settings options

a- General : here nothing special except the auto-clean option of the rules, quite convenient.




b- Security: here you can allow how SSp will react when confronted to a process, you can select one of the 4 options, "Allow Microsoft" is the less intrusive, "Ask" the most (means more popups)








c- Advanced: here you can increase the protection by terminating processes and their child

Use Hard Hook seems to be an option to enforce compatibility with other security apps.




d- List of Monitored Actions : here you can decide what actions SSP will react from. When a popup will appears the number of the action will be shown so you can know what happened.




Hope you enjoyed the review Wink


1 comment: