Ask the Expert

Using OS Security's OSsurance

Do you know if OSsurance Desktop can prevent my server from crashing? It says they support Windows Server 2000 and 2003. I have 2003. They claim to stop buffer overflows from executing. Is that enough to stop a crash?

    Requires Free Membership to View

OSsurance from Canadian-based OS Security takes an approach to computer security that I personally like, because it only permits authorized programs to install or run on a computer, even if they have passed through a firewall, antispyware and antivirus protection. This is a classic access model used in information security. It rejects everything that is not explicitly allowed and blocks any programs that are scheduled to execute unless the user has authorized it. This approach is advantageous because OSsurance doesn't require constant updating and can provide protection regardless of where an attack originates. This contrasts with antispyware, antivirus and intrusion detection systems, which need to be constantly updated to keep up with the latest types of attack or virus. Even those using behavioral analysis have problems handling new exploits and unidentified attacks. OSsurance does however require you to scan your system each time you install a program, or update or patch existing programs and DLL files. This keeps the Authorized Program List up-to-date, enables it to protect running programs, prevent the use of unauthorized programs and DLLs, and determine whether programs on your computer have been modified without your knowledge before they are executed.

OS Security does claim OSsurance detects buffer overflow attacks on programs running on your computer, using a patent-pending method of protection. It blocks the execution of the malicious code by ensuring system resources are being used only by legitimate code. By checking the memory page attributes pointed to by the return address of the running process, it can stop the buffer overflow attack from crashing your computer. Their site states that they support Windows 2000 and Windows 2003 server, so, I suggest you download and test the fully functional 60-day trial copy so you can evaluate its performance and effectiveness firsthand.

This was first published in October 2005

There are Comments. Add yours.

 
TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to: