Sunday, October 28, 2007

Suspending NG development

I'm sorry to say this but after trying to continue NG development along with my new work and my new life, finally I decided to suspend NG development for a few months untill I have more time to spend on it. Cuz NG development needs my mind to be focused on it and currently this is impossible.

And to all NG fans: Don't worry this is not an end to NG project, its development will continue, be sure.

This is your help and support which keep me from ending this project. I will do my best to respond your support by developing the NG, the best free HIPS.

Monday, August 20, 2007

Still debugging....

Its been a long time from my last post, NG beta 3 debugging is still countinues and also some requested features in the support forum added to Beta 3. If you have any suggestion/request or bug report you can post it in support forum. Many bugs fixed but still a lot more testing is needed to have a stable version, I ask anyone interested in HIPS to download and install latest build of NG from support forum, test it and post any bug, suggestion or feature request there.

Here is a copy of Neoava Guard Beta 3 progress log:

Features:

Adding more registry keys for protection - [COMPLETED]
Kernel debugging protection - [COMPLETED]
Protection against disabling task manager and regedit - [COMPLETED]
Change execution alert to High risk - [COMPLETED]
Hide empty Groups - [COMPLETED]

Update (05 Aug 2007):
Learning-Mode option for Wizard - [COMPLETED]
Removing outbound connection - [COMPLETED]

Update (18 Aug 2007):
Debug output - [COMPLETED]
Silent mode - [COMPLETED]
Adding dll name to Global hook alert - [COMPLETED]
Installation warning about alerted windows file - [COMPLETED]
Fix icons - [COMPLETED]
Terminate option in alert window - [COMPLETED]

Executable modified alert - [PENDING]
An option to skip scanning programs in Wizard - [PENDING]
Adding hot-keys - [PENDING]
Configure button in wizard to add more executables - [PENDING]
Option to import and export all rules and configuration - [PENDING]
Reverse alert name and risk (also service) - [PENDING]

Graphical guide - [PENDING]
Help file - [PENDING]

Bugs:
Isearch adware BSOD - [FIXED]
Service status error - [MOST_LIKELY_FIXED]
"Clear log" bug - [MOST_LIKELY_FIXED]

Update (05 Aug 2007):
Prueba trojan freeze - [FIXED]

Update (18 Aug 2007):
BSOD on startup - [MOST_LIKELY_FIXED]
Tray icon bugs - [MOST_LIKELY_FIXED]

MS File sharing bug - [PENDING]



You can check latest progress from this thread.

Sunday, July 22, 2007

NG Beta 3 being tested by Smokey's forum users

OK, after a long hard work, NG gets ready for a harder test by Smokey's security forums users. I'm inviting all my NG serious users to download it from Smokey's forums in this thread. Of course you can join there if you are not a member yet.

Having a support forum makes things a lot easier, especially for reporting bugs and debugging them while everyone can see others problems and tell if they have such problem or not. It is also very good for other kind of feedback, for example when a user suggests some feature or option other users can tell me their opinion about them so I can decide better.

Nothing more to say, just a screenshot from Neoava Guard extension for Explorer.

Monday, July 02, 2007

Neoava Guard Support Forum

As NG Beta 3 is almost ready for the release, NG Support Forum started on Smokey's Security Forums.

NG forums on Smokey's Security Forums consists of 3 parts:
  • Neoava Guard Support Neoava Guard Related Issues, with exception of discovered bugs. Please report bugs in the special Bug Reports Forum.
  • Neoava Guard Knowledge Base Neoava Guard Knowledge Base/FAQ Forum. Users can start here multiple topics but cannot reply in others. Please read the Neoava Guard Knowledge Base Forum Rules before posting.
  • Neoava Guard Bug Reports Please report here all Neoava Guard bugs.

Smokey's Security Forums:
http://www.smokey-services.eu/forum/index.php

You can join Smokey's Security Forums and post bug reports or questions about NG there.

I hope to see you there.

Tuesday, June 19, 2007

Configuration Tab

Configuration Tab was almost finished a week ago, but I encountered some problems and bugs that took a week for debugging and coding some parts again.

Another thing is that I decided to remove Processes tab in order to finish this beta as soon as possible, cause this tab needs some changes in NG driver code and I don't want to change it in the last minute and don't have enough time to test driver completely again.

here is some snapshots (I hope you enjoy it)







Sunday, May 20, 2007

Applications Tab

Sorry I forgot to put Applications tab snapshots, Applications tab was ready a few days ago.

I'm currently working on configuration tab and there will be a little delay in release.

Here is the snapshots:


Thank you for your suggestions, ideas and support.

Tuesday, May 08, 2007

NG beta 3 development progress

OK, as some asked about NG progress and not sending any new snapshots, now I want to describe it:

The progress was nice about 12 days ago when I had a cold and was unable to work hard on NG and this cold later causes a middle-ear infection and becomes a real problem for me. Today I'm okay and started working hard on NG again. This event may cause a delay on release but Im trying my best to release NG beta 3 as soon as possible. I apologize for another delay in release, I hope beta 3 satisfy NG users.

Executables tab is complete, I will send a few snapshot in the next few days.

Thursday, April 12, 2007

Alert dialog

Hi,

Alert dialog finished, here is some snapshots:

Note: GUI is in Advanced mode

It is small window that will be displayed with a Always-On-Top property, but if the client GUI was not loaded yet (e.g before user login) then the old alert window will be displayed by NG service.

With this dialog I've tried to make it easier for users to configure their executables and rules with just a few clicks.

Send your suggestion/ideas.

Thanks

Monday, March 12, 2007

events tab

Here is a snapshot from events tab of new GUI. It is not complete yet.
("More options" is not shown cause i'm still working on it, it should display details about the selected event.)

This snapshot shows a log from NG protection against spt.exe, NG protects against all kind of attacks. APT tool by diamondcs is also completely covered in the new NG version, so NG will provide the same kind of defense against process termination as ProcessGuard.

Note that window is horizontally resizable, so user can see all columns without scrolling.

Please feel free to send your suggestions to me.

suggestions

Thanks to MaB69 for his suggestions, here is answers which may help other people learn about NG.

Maintenance task to delete rules related to non existant executables

the non-existent executables will stay in database but not shown for configuration, this way the application permissions will be available if the same executable executed again.

Self protection for the service and in case of attack, the service could relaunch the UI process
In the new NG UI will be shown by client (executed as user login) and it is protected against termination.

Hidden files/process detection
It is something which will be done by root-kits after they load into kernel, althought it is possible to detect hidden files/process in some cases but it is not possible to control a kernel-mode driver as it already had the highest possible access to system.

More Registry keys monitoring ( like IE settings or system settings (regedit actived/disabled))
It is easy to add more keys but currently the work is just too much for me. Thanks it will be in future versions.

Keylogging detection (GetKeyState, GetAsyncKeyState and DirectX request interception)
New NG protects against all kind of keylogging except DirectX, which till now I was unable to find a way to filter it. If anyone knows any technical details about inner work of this function contact me.

Sunday, February 25, 2007

Look at the new version

Although GUI is still under development but the new version should look like this:

the best way to help me is sending your ideas/suggestions.
more pictures coming soon....

Friday, January 19, 2007

News

Neoava.com is up and running, everything is OK!

The news is that the new version of Neoava Guard will have some amazingly innovative stuff which make the this HIPS unique in ease of use among other HIPS.

Against the last two beta's which focused on just protecting against more attack ways, this time features added to comfort beginner users, and also provide a highly flexible configuration for advanced users.

In previous versions most users can't find a lot of configs etc.., but in next version everything can be configured from several places, the new interface allow users to change options/rules by few clicks.

4 completely new concepts added to increase ease of use, integration to system and installed programs, Internet attacks protection and overall protection. This completely new features allow NG to minimize alerts and most things automatically done (although can be configured not to be done automatically).

There will be a little visual tutorial along with NG next version to help people just know how to protect their computer using NG.

I will publish the new beta version to public and will update it every 2 weeks or so until no more bugs reported. Then the first non-beta version will be released.

I estimate the new beta to be ready for public release around mid March.

This time I promise the new version can make it as the best HIPS available on net, not only among the free ones but also others.

I will just keep it free, not to help people protect their computers (which will be done anyways) but to show how powerful Neoava Guard is and how creative I am in programming.

Just wait and see, cuz u aint seen nothin yet!

Monday, January 15, 2007

neoava.com is down

Neoava.com is down (for the last few days) due to hosting problems and it will come back online soon.

NG progress is good but due to a series of changes in NG driver it needs a lot of time for testing and a lot of work on GUI, so the GUI show what the driver can offer to user.

anyway, sorry I can't update NG blog regularly cause I'm very busy.