eleventh alliance

Initial thoughts of CORE FORCE

I decided to take CORE FORCE from CORE Security Technologies (of CORE IMPACT fame) out for a spin in one of my fresh Windows 2000 Professional environments. It’s an out-of-the-box eval version with all the latest patches from Microsoft installed. The only additional software is VMWare tools, as I am running it under VMWare. I also have to mention that CORE FORCE is still under development and is not recomended for production use yet. The version I have tried out is 0.70.111.

From the CORE FORCE homepage:

CORE FORCE is the first community oriented security solution for personal computers. CORE FORCE is free and provides a comprehensive endpoint security solution for Windows 2000 and Windows XP systems.

The security framework provided by CORE FORCE is leveraged by a community of security experts that share their security configurations for a growing list of programs. These security profiles can be downloaded by any user of CORE FORCE from the community Web site and they’re also completely open so that they can be peer-reviewed to minimize security hazards. The community approach to endpoint security also allows end-users who are not security experts to work in a secure environment.

CORE FORCE can be used to:

  • Protect your computer from compromises by worms, virus and email-borne malware
  • Prevent your computer from being used as a staging point to amplify attacks and compromise others
  • Prevent exploitation of known bugs in the operating system and applications running on your computer
  • Prevent exploitation of unknown bugs (0-day) in the operating system and applications running on your computer
  • Detect and prevent execution of adware, spyware, trojan horses and other malware on you computer

CORE FORCE provides inbound and outbound stateful packet filtering for TCP/IP protocols using a Windows port of OpenBSD’s PF firewall, granular file system and registry access control and programs’ integrity validation. These capabilities can be configured and enforced system-wide or on a per-application basis for specific programs such as email readers, Web browsers, media players, messaging software, etc.

The installation was very easy and after a reboot and some additional wizards CORE FORCE was up and running. I decided to take Internet Explorer out for a test ride: first visit some well-known news sites like Aftonbladet, Swedish IDG and CNN, and later go to the more dark side on the internet where the risk of getting spyware, trojans etc is more a fact then a possibility.

Windows Update failure messageAlready at my first stop at Aftonbladet I got into trouble. As I mentioned this is a fresh, never been used before, installation of Windows 2000 Professional and as such it lacked Macromedia Flash plugin. Although I had set CORE FORCE on the “Medium (recommended)” security level it stopped me from installing the Flash plugin. I decided to temporarly turn CORE FORCE off so I could install the Flash plugin. Once I installed the Flash plugin I re-activated CORE FORCE and continued to surf around. After checking out the news sites listed above I thought that it would be a good idea to see how Windows Update works with CORE FORCE installed. It turnes out that it didn’t work at all.

At this stage I stopped the testing. Security software are good as long they don’t get in the way of productivity, which in this case it did. I am looking forward to see this software mature and become usable for Joe Average, but at the moment it is only useful for serverly locked down workstations like Internet kiosks or advanced users who really knows what they are doing.

Comments Off 1:55 pm |