|
OSsurance from Canadian-based OS Security takes an approach to computer security that I personally like, because it only permits authorized programs to install or run on a computer, even if they have passed through a firewall, antispyware and antivirus protection. This is a classic access model used in information security. It rejects everything that is not explicitly allowed and blocks any programs that are scheduled to execute unless the user has authorized it. This approach is advantageous because OSsurance doesn't require constant updating and can provide protection regardless of where an attack originates. This contrasts with antispyware, antivirus and intrusion detection systems, which need to be constantly updated to keep up with the latest types of attack or virus. Even those using behavioral analysis have problems handling new exploits and unidentified attacks. OSsurance does however require you to scan your system each time you install a program, or update or patch existing programs and DLL files. This keeps the Authorized Program List up-to-date, enables it to protect running programs, prevent the use of unauthorized programs and DLLs, and determine whether programs on your computer have been modified without your knowledge before they are executed.
OS Security does claim OSsurance detects buffer overflow attacks on programs running on your computer, using a patent-pending method of protection. It blocks the execution of the malicious code by ensuring system resources are being used only by legitimate code. By checking the memory page attributes pointed to by the return address of the running process, it can stop the buffer overflow attack from crashing your computer. Their site states that they support Windows 2000 and Windows 2003 server, so, I suggest you download and test the fully functional 60-day trial copy so you can evaluate its performance and effectiveness firsthand.
|
