Thread Info
  • State Suggested Answer
  • Locked Locked
  • Replies 3 replies
  • Answers 1 answer
  • Subscribers 20 subscribers
  • Views 3056 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Verify File Exclusions are Working

Navar Holmes

Now that I have a bunch of file exclusions added either under "Extensions" or "Windows Exclusions".

How do I verify that the exclusions are working when I launch my application???



This thread was automatically locked due to age.
Parents
  • This reply was deleted.

    Sachin Gurung
    Team Lead | Sophos Technical Support
    Knowledge Base  |  @SophosSupport  |  Video tutorials
    Remember to like a post.  If a post (on a question thread) solves your question use the 'This helped me' link.

  • 0 in reply to sachingurung

    The exclusion list is for SEC.  Anti-virus.

    We had Mcafee and they have a tool called Mcafee Profile Monitor (MPM).

    You would launch MPM, then launch the application that you want to verify that file/folder exclusion where working.

    This was a great tool as it allowed me to fine tone an application (vendors exclusion list) exclusions.

    Does Sophos Anti-Virus a tool like this?

  • 0 in reply to Navar Holmes

    Hello Navar Holmes,

    had Mcafee
    ah, I see, different "culture". Sophos' motto is still Security made simple. We've got Sophos a very long time ago when malware and AV were simple. Nevertheless I missed the other vendor's options for granular control and it took some time to get used to the concept "you don't actually know 8and can't) how it works so don't insist on fiddling with it". Diminishing marginal utility. It's a little bit like all the assist systems in a car - if you're willing to fork out some extra money you get "more control" like selecting a sport mode. But - if I may put it this way - in a dicey situation the final decision is still the car's (though it will give you the impression that your driving skills kept it on the road) [:)]. 

    Excuse the digression. I don't know what the MPM does exactly but I assume it gives you correct results. Less convenient but nevertheless useful is savtst32.exe (dunno why there's no longer an article). You'll find it on the \sec_nnn\tools\ directory. From the (one-item) Drive menu you can select an arbitrary location and an arbitrary filename. It writes an EICAR test string and you can test the result of different settings with it.

    Christian

Reply
  • 0 in reply to Navar Holmes

    Hello Navar Holmes,

    had Mcafee
    ah, I see, different "culture". Sophos' motto is still Security made simple. We've got Sophos a very long time ago when malware and AV were simple. Nevertheless I missed the other vendor's options for granular control and it took some time to get used to the concept "you don't actually know 8and can't) how it works so don't insist on fiddling with it". Diminishing marginal utility. It's a little bit like all the assist systems in a car - if you're willing to fork out some extra money you get "more control" like selecting a sport mode. But - if I may put it this way - in a dicey situation the final decision is still the car's (though it will give you the impression that your driving skills kept it on the road) [:)]. 

    Excuse the digression. I don't know what the MPM does exactly but I assume it gives you correct results. Less convenient but nevertheless useful is savtst32.exe (dunno why there's no longer an article). You'll find it on the \sec_nnn\tools\ directory. From the (one-item) Drive menu you can select an arbitrary location and an arbitrary filename. It writes an EICAR test string and you can test the result of different settings with it.

    Christian

Children
No Data
Unfiltered HTML