- Winpooch
Infobox Software
name = Winpooch Watchdog
caption = Winpooch 0.6.6
collapsible =
author =
developer = Various contributors
released =
latest release version = 0.6.6
latest release date = release date|2007|04|23
latest preview version =
latest preview date =
frequently updated =
programming language =
operating system =Microsoft Windows 2000, Server 2003 and XP (up to and including SP2)
platform =
size =
language =
status = discontinued
genre =Intrusion-prevention system
license = GPL
website = [http://winpooch.sourceforge.net/ winpooch.sourceforge.net]Winpooch is an free
open source intrusion-prevention system that detects and blocksmalware from computers runningMicrosoft Windows . It does this in two ways. First, it intercepts many potentially dangeroussystem call s, only allowing certain user-defined applications and actions to be run (see Rules below). Optionally, it also supports severalantivirus scanners such asClamWin andBitDefender to actively scan files for malware before they attempt to run.As of version 0.6.0, kernel-mode hooking has been implemented through a kernel-mode driver, allowing Winpooch to monitor the Windows kernel and system services. It was, however, notorious for causing Blue Screens of Death.Fact|date=December 2007
Winpooch uses a
permissions system to allow or restrict individual programs from performing operations associated with the network, system registry,filesystem (including wildcards), and process control.In 2008-06-13, The author has announced he quit developing the program, leaving v0.6.6 uncompatible with Windows XP Service Pack 3. [cite web| url=http://forum.sysinternals.com/forum_posts.asp?TID=14895| title=Problem with Winpooch on XP SP3| publisher=sysinternals| date=2008-05-27| accessdate=2008-08-15]
Rules
PAGENAME is based on path based rules (strictly the static paths of programs). For non defined actions (or actions for which the user asked to be notified), the choice the user is provided with is to Accept/Feign/Reject the action or to declare a specific rule for this action. If declaring a specific rule, the user can select whether the rule should be applied quietly, reported in a log or to the screen.
Blue Screen of Death
The kernel level v0.6.0 introduced a problem of constant Blue Screens of Death. The problem resulted from Winpooch's opt-in approach for kernels - it could only simulate pre-programmed kernels. Each new version since v0.6.0 reduced the number of kernels that were still not simulated well, but certain kernels still can't currently work with the program. Fact|date=December 2007
References
See also
*
ClamWin External links
* [http://sourceforge.net/projects/winpooch/ SourceForge Winpooch page]
* [http://winpooch.free.fr/ Winpooch home page]
Wikimedia Foundation. 2010.