greenknight Posted March 21, 2008 Posted March 21, 2008 Found this while browsing MajorGeeks list of antivirus apps. It's from an outfit called runtimeware, and it's not an AV program per se. Advanced file integrity checker that integrates seamlessly with your anti-virus/trojan application(s). Scan on Startup or use the Secure Shut Down feature to stop potential threats before they strike! It sound interesting, but I couldn't find a lot of opinions about it; it doesn't seem to be widely used. I found a few who liked it a lot, none who had anything bad to say about it. It sounds like it could be a useful security enhancement, or a waste of time and resources. Anybody know anything about it? Quote
Eldmannen Posted March 21, 2008 Posted March 21, 2008 I guess it keeps checksums of all files. Kind of like Tripwire for Linux. Pretty good to have on a server. Quote
greenknight Posted March 22, 2008 Author Posted March 22, 2008 I guess it keeps checksums of all files. Not all files: Audits your system folder (as well as up to 20 other folders)... It'd take all day if it watched all your files. It occurred to me that this was probably aimed at the server market, mostly - but it's free for home use, would it be worth installing on a home PC? Quote
Eldmannen Posted March 22, 2008 Posted March 22, 2008 I don't know. I've never used any such software. Quote
greenknight Posted March 23, 2008 Author Posted March 23, 2008 I may just give it a try. I've searched a bunch, the only problem related to it I found was somebody who couldn't get it to reinstall after he reformatted. This thing's been around for years (cost 10 bucks until this past year), if it caused any problems I should have found something. Quote
Eldmannen Posted March 23, 2008 Posted March 23, 2008 I would avoid to subjugate my computer to proprietary software. Quote
greenknight Posted March 28, 2008 Author Posted March 28, 2008 I would avoid to subjugate my computer to proprietary software. I'm using Windows, that ship has sailed. There are lots of open-source file integrity checkers; mostly for Linux, at least one that's OS-independent (afick). I like the features this one has, anyway. I got it installed (after running AV scans in Safe Mode, to make sure things were clean). Setup was pretty easy. After giving it a try, I disabled the startup scan to avoid a revolt by the other users - it takes a few minutes, and while you can cancel out of it, I know they wouldn't have liked it delaying startup. I plan to use the secure shutdown feature regularly, it does more anyway (also checks the Registry). It's small, (2.67 MB installed), uses no resources, and lets you quickly check to make sure your system files haven't been altered - plus, it runs AV scans of any altered files. I think I like it. Quote
Eldmannen Posted March 28, 2008 Posted March 28, 2008 Nowadays I don't use Windows so much since I discovered Ubuntu Linux. But when I used Windows, I still avoided proprietary software best I could, and used almost only free open source software for Windows. Quote
greenknight Posted March 29, 2008 Author Posted March 29, 2008 I care more about it being free than whether it's open source; and I care about how it functions, especially when it comes to security software. Other things being equal, I'll use open source - I even gave ClamWin a long tryout, longer than it deserved. One other thing about Sentinel - by default it uses a CRC-32 algorithm, which is too easy to fool. Optionally, it can use MD4, MD5, or SHA-1, any of which is a better choice. Quote
Eldmannen Posted March 29, 2008 Posted March 29, 2008 CRC-32 or any checksum will probably offer adequate protection. I don't think CRC-32 is used so much nowadays. MD5 is really popular, but has been broken too. SHA-1 is pretty fine, I think. Quote
greenknight Posted March 30, 2008 Author Posted March 30, 2008 CRC-32 (or any CRC) is probably adequate, sure - only because it's not that widely used anymore, so there's little incentive to write code to defeat it. But it's very easy to check the SHA-1 box and rescan, so that's what I did. Quote
Eldmannen Posted March 30, 2008 Posted March 30, 2008 Well, mostly adequate because its unlikely that anyone would actually bother with checksums. SHA-1 may take longer time to scan than CRC-32 though maybe... Quote
greenknight Posted March 31, 2008 Author Posted March 31, 2008 You've got a point, not too many home computer users install this type of app - and those who do are not the kind of easy targets malware writers feast on. It doesn't take any longer with SHA-1, though, scans still take about 3 minutes. Quote
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.