List of the known issues and functions, not included in v0.8 beta-release
Common:
Functions, not included in the beta-release:
- Self-protection: files and folders, process termination, windows messages, injection, internal structures and objects, etc.
- Automatic generation of pre-defined rules for installed applications, or during installation
- Fast User Switching support
- Support for short/long (8+3/LFN) and alternative paths (drivers etc.) for all rule types
- Ability to terminate process directly from the event window (including integrity control events)
- Detailed information about modules at the event
- Password protection of the program settings
- OSAM: Autorun Manager, OSPC: Privacy Cleaner, OSHE: Hosts Editor, SecureErase are not integrated
- Multi-language support (in the current beta-release - English only)
- Event notifications (”Notify this action” option)
- x64 versions are not built
Known issues:
- Some problems with network folders and processes, started from network folders
- In very infrequently cases BSOD occurs when working with Windows System Restore (not reproduced yet)
- On some systems the computer freezes at the end of the system reboot or shutdown
- In very infrequently cases the event-requests can be displayed not on the current desktop (requires switching by user)
- No performance optimization (generally, of the network subsystem, the rules analysis)
- No wide-ranging testing was performed, regarding compatibility with alternative (third-party) network firewalls, antiviruses and other security products, that integrate deeply in the system
- Deinstallation requires user participation (the user must ignore the service termination failure)
Firewall:
Functions, not included in the beta-release:
- Internal DNS Cache
- NAT support (on servers only; it does not apply the users, who uses NAT)
- ICS (Internet Connection Sharing) support
- Rules for MAC addresses
- Rules for ICMP
- UDP packets logging
- Fragmented packets support
- Removal of an adapter groups from the Network Adapters tab
- Network attack detector
Known issues:
- Full firewall disabling (the set up policy doesn’t affect transit and other system packets)
- Recovery of the local network after it temporary was disabled
- The processing of local sessions is disabled: they are being automatically allowed and do not display at the list af active network connections
- Data receiving from IrDA devices is not working; probably, the same with Bluetooth devices (not tested)
- Not tested for USB ADSL modems and PCMCIA adapters compatibility
Proactive Defense:
Functions, not included in the beta-release:
- Automatical permission for several memory operations after process creation (the certain temporarily rules are made, that allow work with memory in this beta-release)
- Direct control over the Service Control Manager (SCM) - temporarily controlled using the registry
- Some features of PE-files renaming and deleting control
- Control over renaming registry keys (actual for Windows 2003 and higher only)
- Control over system time modification
- Control over system messages sent by applications (mentioned above; ability of process termination using messages sending)
- Several hooks for keyloggers and other monitoring applications
- Separate rule for ActiveX/COM-objects - temporarily controlled using the registry
- Hooks of Job-object functions, one hook for Suspend
Known issues:
- Possible conflicts with some keyloggers if relevant rule does not exist
Integrity control:
- Disk hashes
- Ability to create blocking rules
- Ability to create exclusions for certain process modules
- Ability to control modification in memory only (ignoring the modification on disk)