Windows 7 Forums
Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.


Windows 7: Wondering about SRP on Win 7 Pro.

18 Oct 2009   #1
Carbonyl

Windows 7 RTM
 
 
Wondering about SRP on Win 7 Pro.

Hi everyone. I've been running Windows 7 Professional (RTM) for about two months now. My current security setup has been OK so far, but I'm thinking I'd like to harden it up a bit with some prevention measures. I'm also rather ignorant when it comes to most security measures, so please have patience with me.

I'm wondering about setting up an SRP to stop malware in the event that it ever manages to weasel through, or I get hit with a day-0. I'll admit that I use my computer mostly for webbrowsing, communication, and (overwhelmingly) gaming. An SRP sounds like a really nice security feature, but I fear I may not have the know-how to set it up, or even the know-how to understand if it's right for me.

The problem is that some of the tools to make SRP easier to use aren't available in Win 7 professional. From what I've seen PGS from wilder's security forums is incompatible with Windows 7, and on top of that SRP has been redesigned into the Applocker - which isn't in Professional.

Is SRP still something that I could set up on my machine? If it is, I gather I would have to set up a whitelist for every program that needs to run. My concern is that there are lots of programs that run other programs that I know nothing about in order to operate correctly. For example, launching update modules.

I suppose that's a longwinded way of saying, is it possible to set up an SRP on a Windows 7 Professional machine, and if so, where can I learn how to set up such a policy without completely borking my machine by blocking legit programs? Thanks for the help, and sorry for the nebulous and uneducated question!


My System SpecsSystem Spec
.
18 Oct 2009   #2
Creer

Windows 7 Home Premium x32 SP1
 
 

Quote   Quote: Originally Posted by Carbonyl View Post
Hi everyone. I've been running Windows 7 Professional (RTM) for about two months now. My current security setup has been OK so far, but I'm thinking I'd like to harden it up a bit with some prevention measures. I'm also rather ignorant when it comes to most security measures, so please have patience with me.

I'm wondering about setting up an SRP to stop malware in the event that it ever manages to weasel through, or I get hit with a day-0. I'll admit that I use my computer mostly for webbrowsing, communication, and (overwhelmingly) gaming. An SRP sounds like a really nice security feature, but I fear I may not have the know-how to set it up, or even the know-how to understand if it's right for me.

The problem is that some of the tools to make SRP easier to use aren't available in Win 7 professional. From what I've seen PGS from wilder's security forums is incompatible with Windows 7, and on top of that SRP has been redesigned into the Applocker - which isn't in Professional.

Is SRP still something that I could set up on my machine? If it is, I gather I would have to set up a whitelist for every program that needs to run. My concern is that there are lots of programs that run other programs that I know nothing about in order to operate correctly. For example, launching update modules.

I suppose that's a longwinded way of saying, is it possible to set up an SRP on a Windows 7 Professional machine, and if so, where can I learn how to set up such a policy without completely borking my machine by blocking legit programs? Thanks for the help, and sorry for the nebulous and uneducated question!
Hi,

I haven't tried Sully's PGS so far on Windows 7 so I don't know if it works on it.
Regarding to SRP, did you tried this tutorial:
How to make a disallowed-by-default Software Restriction Policy
(it's for XP and Vista, but I suppose you shouldn't have any problems with it on Windows 7).

If you don't want to play or simply you won't be able to configure it, there is a software which could provide you much stronger protection and also much more comfortable if you like. I'm speaking about DefenseWall HIPS, it's policy based sandbox. It's light as feather app.

More information you can get here:
SoftSphere Technologies, the official site of the DefenseWall HIPS - Host Intrusion Prevention System - sandbox your browser, e-mail, IM, IRC, P2P for secure Internet work. Anti-Spyware, Anti-Rootkit, Anti-Malware, Anti-Keylogger, Anti-Virus. Defence


HTH,
Creer
My System SpecsSystem Spec
18 Oct 2009   #3
Jacee
Microsoft MVP

Windows 7 Ultimate 32bit SP1
 
 

Good answer Creer
My System SpecsSystem Spec
.

18 Oct 2009   #4
Creer

Windows 7 Home Premium x32 SP1
 
 

Quote   Quote: Originally Posted by Jacee View Post
Good answer Creer
Thank you

I forgot to mention OP, that Windows 7 versions: Ultimate and Enterprise have built-in special application to manage SRP - it is called AppLocker. Unfortunately Windows 7 Professional doesn't have this feature.
My System SpecsSystem Spec
18 Oct 2009   #5
Carbonyl

Windows 7 RTM
 
 

Thanks Creer!

As I mentioned in my OP, I know Applocker is unavailable with Professional. That's why I was wondering if SRP was possible on Win 7 professional at all, or if Applocker was needed. Addiotnally, Sully's PGS explicitly does NOT work on Win 7. The guide you provided will prove interesting reading, though, for a manual setup.

I assure you I'd be looking into defensewall, but unfortunately I run an x64 machine. Apparently both Sandboxie and DefenseWall HIPS are not supported on x64 systems (bummer!).

Thanks again for the input.
My System SpecsSystem Spec
18 Oct 2009   #6
Jacee
Microsoft MVP

Windows 7 Ultimate 32bit SP1
 
 

I don't think it's available (yet) but you can read this info, if you haven't already
Russinovich rescues the TechEd 2009 keynote with Windows 7 AppLocker demo | Software News - Betanews
My System SpecsSystem Spec
Reply

 Wondering about SRP on Win 7 Pro.




Thread Tools




Similar help and support threads
Thread Forum
Wondering if this GPU can run on my MB.
Ok, I currently have this Motherboard: GIGABYTE - Motherboard - Socket AM3+ - GA-78LMT-S2P (rev. 5.x) Now it says on the site that it's got 1 x PCI Express x16 slot, running at x16 1 x PCI Express x1 slot (All PCI Express slots conform to PCI Express 2.0 standard.) 1 x PCI slot
Graphic Cards
Just wondering Something
Ok, i have a new pc with a 120 gb ssd and a 2 tb 7200 rpm hd, (my os is on the ssd btw) so i have partitioned my 2tb into 2 1tb partitions. so how would i make that second tb into a dual-boot windows 7. would be appreciated if i could be direct to a how to or video. to go over it again i...
Installation & Setup
I was just wondering....
I was just wondering where to find out if the HP Pavilion dv6-2112ea is a good laptop for games? Or where to find out this information? Please state which website (If any)
Gaming
Wondering
Is there any of the Win 7 members that belonged to Compuserve?
Chillout Room
hmm, just wondering what this is for?
highlited in red on the picture, what is it? is it something to do with vmware player?
General Discussion
Just wondering.
How do you get these "power user" and "skilled" etc buttons under your name? Does not seem to be only for the higher posters, or ones with more rep since I've seen some on folks with less then 60 posts, I was just curious what the requirements were.
Chillout Room


Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

Designer Media Ltd

All times are GMT -5. The time now is 20:55.
Twitter Facebook Google+ Seven Forums iOS App Seven Forums Android App