System Safety Monitor (SSM): Build the third wall of System security protection

Virus firewalls and network firewalls are important measures to protect system security. However, these two firewalls alone cannot build a solid system security "City Wall ", you also need another real-time security protection software, System Safety Monitor (SSM), which can Monitor program processes, registries, System services, and other projects that may cause security risks in real time, preventing the destruction of the system by malicious programs is the Third firewall that is essential to system security. It is worth mentioning that it is a free software, and such a good stuff is really rare!
I. harden the SSM Firewall

After the software is installed, You need to restart the computer to use SSM. Otherwise, the prompt shown in Figure 1 appears. By default, the running SSM does not automatically use the Chinese interface. On the Options tab, set "Language" to "CHS" and click "Apply options. To enable SSM to protect system security at any time, we should also enable it to automatically start with the system. In the "General" column, select the "auto start" option.

The monitoring function of SSM is very powerful, but it is not enabled by default. We need to enable it manually. Switch to the "program" tab, select the "Monitoring Program Activity" option, and then open the "module" tab, you can monitor the registry, INI file, Start Menu item, service, IE browser, and so on (2). Click the Enable module option in the upper right corner, note that the "enable this module" option is available below. You can set whether to enable monitoring for each module separately. After the module name is enabled, the "Disable" option is no longer displayed.

2. Start with the source-program running monitoring

In a sense, correct control of the program running can prevent almost all Trojans and viruses. The core function of SSM is to monitor the program running. Whether this program is opened directly, or is it indirectly opened by other programs, regardless of whether the program is in the form of EXE or DLL, SSM will automatically trigger an alarm as long as it finds that a new process is enabled, let's choose whether to allow the execution (3). If we select "always stop this operation" or press "F2", the SSM will disable the program, if you select "Always allow this operation" or press "F1", and then execute the same program, SSM will not prompt you again. It runs directly and is very intelligent.

Some readers may ask how to determine whether a program should be allowed to run? IT gossip Network (http://www.it8g.com) reminds everyone to pay attention to the program information and technical information in the prompt window, if this program is your own run of trusted programs, and confirm that the SSM prompts that the program can be executed. If you run a program, the SSM prompts that another program is running at the same time, it is likely to be a bundled trojan virus program. Some program running requests that are inexplicably automatically popped up may be infected or damaged by the trojan virus, and should not be allowed to run them.

Tips

For the accumulated SSM program running rule data for long-term use, you can click "save current configuration file as" in the "service" tab to save it as a separate CFG configuration file, when you reinstall SSM or reinstall the system, you can use the "specify configuration file" function to import previous rule data (4 ).

 

In addition, when a program modifies or damages the registry, service, and iesettings, the SSM also displays an alarm prompt, asking you to choose whether to allow this operation. We can also choose to disable the modification. How is it? With such powerful real-time monitoring, it is believed that it is difficult for Trojan viruses to break through this powerful Security "City Wall ".