Wondering about SRP on Win 7 Pro.

[Carbonyl]

Hi everyone. I've been running Windows 7 Professional (RTM) for about two months now. My current security setup has been OK so far, but I'm thinking I'd like to harden it up a bit with some prevention measures. I'm also rather ignorant when it comes to most security measures, so please have patience with me.

I'm wondering about setting up an SRP to stop malware in the event that it ever manages to weasel through, or I get hit with a day-0. I'll admit that I use my computer mostly for webbrowsing, communication, and (overwhelmingly) gaming. An SRP sounds like a really nice security feature, but I fear I may not have the know-how to set it up, or even the know-how to understand if it's right for me.

The problem is that some of the tools to make SRP easier to use aren't available in Win 7 professional. From what I've seen PGS from wilder's security forums is incompatible with Windows 7, and on top of that SRP has been redesigned into the Applocker - which isn't in Professional.

Is SRP still something that I could set up on my machine? If it is, I gather I would have to set up a whitelist for every program that needs to run. My concern is that there are lots of programs that run other programs that I know nothing about in order to operate correctly. For example, launching update modules.

I suppose that's a longwinded way of saying, is it possible to set up an SRP on a Windows 7 Professional machine, and if so, where can I learn how to set up such a policy without completely borking my machine by blocking legit programs? Thanks for the help, and sorry for the nebulous and uneducated question!

 

[Creer]

Hi everyone. I've been running Windows 7 Professional (RTM) for about two months now. My current security setup has been OK so far, but I'm thinking I'd like to harden it up a bit with some prevention measures. I'm also rather ignorant when it comes to most security measures, so please have patience with me.

I'm wondering about setting up an SRP to stop malware in the event that it ever manages to weasel through, or I get hit with a day-0. I'll admit that I use my computer mostly for webbrowsing, communication, and (overwhelmingly) gaming. An SRP sounds like a really nice security feature, but I fear I may not have the know-how to set it up, or even the know-how to understand if it's right for me.

The problem is that some of the tools to make SRP easier to use aren't available in Win 7 professional. From what I've seen PGS from wilder's security forums is incompatible with Windows 7, and on top of that SRP has been redesigned into the Applocker - which isn't in Professional.

Is SRP still something that I could set up on my machine? If it is, I gather I would have to set up a whitelist for every program that needs to run. My concern is that there are lots of programs that run other programs that I know nothing about in order to operate correctly. For example, launching update modules.

I suppose that's a longwinded way of saying, is it possible to set up an SRP on a Windows 7 Professional machine, and if so, where can I learn how to set up such a policy without completely borking my machine by blocking legit programs? Thanks for the help, and sorry for the nebulous and uneducated question!

Hi,

I haven't tried Sully's PGS so far on Windows 7 so I don't know if it works on it.
Regarding to SRP, did you tried this tutorial:
How to make a disallowed-by-default Software Restriction Policy
(it's for XP and Vista, but I suppose you shouldn't have any problems with it on Windows 7).

If you don't want to play or simply you won't be able to configure it, there is a software which could provide you much stronger protection and also much more comfortable if you like. I'm speaking about DefenseWall HIPS, it's policy based sandbox. It's light as feather app.

More information you can get here:
SoftSphere Technologies, the official site of the DefenseWall HIPS - Host Intrusion Prevention System - sandbox your browser, e-mail, IM, IRC, P2P for secure Internet work. Anti-Spyware, Anti-Rootkit, Anti-Malware, Anti-Keylogger, Anti-Virus. Defence


HTH,
Creer

 

[Jacee]

Good answer Creer

 

[Creer]

Good answer Creer

Thank you

I forgot to mention OP, that Windows 7 versions: Ultimate and Enterprise have built-in special application to manage SRP - it is called AppLocker. Unfortunately Windows 7 Professional doesn't have this feature.

 

[Carbonyl]

Thanks Creer!

As I mentioned in my OP, I know Applocker is unavailable with Professional. That's why I was wondering if SRP was possible on Win 7 professional at all, or if Applocker was needed. Addiotnally, Sully's PGS explicitly does NOT work on Win 7. The guide you provided will prove interesting reading, though, for a manual setup.

I assure you I'd be looking into defensewall, but unfortunately I run an x64 machine. Apparently both Sandboxie and DefenseWall HIPS are not supported on x64 systems (bummer!).

Thanks again for the input.

 

[Jacee]

I don't think it's available (yet) but you can read this info, if you haven't already
Russinovich rescues the TechEd 2009 keynote with Windows 7 AppLocker demo | Software News - Betanews