2024-07-27: Now our WZSysGuard software only 1st level command is vulnerable to system libraries change attacks, 2nd level and 3rd level commands are much harder to change behavior due to system libraries' change.
2024-05-30: Now our software has been ported to both Intel and ARM based Apple machine, can make MacOS way more secure than others.
2024-04-01: Now when you use the shlog as the shell for an account, the shlog will use the first shell found from /etc/shells and recording the whole login session.
2024-03-22: Our ssh_rundirect is now updated with the new capabilities to not only control the max size of file creation and set the required mask in the jail environment but also global environment. Also now you can set the account so that it can get different supplementary groups in global and jail environments, very flexible.
2024-02-24: Our WZSysGuard now can reliably detect long runing SetUID process, this will greatly help to detect possible back doors when your system got hacked.
2023-11-20: We have updated fcrypt package again. The new version will allow apps that generate top secret info can pass the secret info through pipe to our auto-encryption tool to get encrypted immediately.
2023-08-15: We have now released version 3.1 for fcrypt package. The new version fixed a possible issue that attackers could use to steal the info that should be protected.
2023-06-18: We have now further enhanced the anti-hacking capabilities of AutoSSH and AutoSFTP, making statically analyzing the codes harder, so the encrypted passphrase protection is now even better.
2023-02-20: The gencert program in our WZSysGuard software now has an improvement that will allow multiple commands to be certified and registered at once to save the trouble to need to enter WZSysGuard passprase and 2 times of checksum protection passphrase for each command's certification registration.
2022-12-20: Our WZSysGuard software now provides a daemon program that can help the system to combat many of the software-based attacks, such as dtrace, probevue, systemtap, bpftrace, uprobe, kprobe, or the memory snoopers that open the /dev/mem, /dev/kmem, /proc/kcore. It will still allow users to use strace/truss/gdb kind of tools to debug programs, and for a program that users want to prevent other to use the strace/truss/gdb kind of tools to steal info from the program, they can use the gencert/secrun/setit to protect the program.
2022-11-17: Our WZSysGuard software now provides 3 sample scripts for commands portection: once users run our gencert for a need-be-protected command, they can now just link from one of the 3 scripts to the same command name under /usr/scmd, and put /usr/scmd in the front of the PATH value, then our software can provide just Trojan Horse prevention protection with the p1cmd linked commands, provide additional 10 seconds anti-software-based password stealing attacks for the commands linked with the p10cmd, and provide process life time anti-software-based attacks for commands linked with the p0cmd.
2022-08-28: Our software now uses the sha2 384bits to encrpt the software password. And our privilege delegation software CaclMgr now can combat super user to manually modify any user's PD DB to bypass proper delegation by the ower.
2022-08-22: Our fcrypt software now offers a pair of file encryption automation tools for app to auto-encrypt the important and sensitive file immediately after it's generated without human intervention and it will only allow the accounts that have got privilege delegation from the file owner to decrypt the file without need to know the encryption key, and purely depends on the privilege delegation and authentication of privilege delegation.
2022-08-14: Our Linux verion of WZSysGuard software has been updated to make it compatible with Windows 10/11's WSL/WSL2 environment, but we found if the Linux is Ubuntu 18.04, it still has a compatible issue, running wzsgreg and wzsgchk could cause 18.04 panic the Windows PC.
2022-08-12: Our Linux verion of WZSysGuard software has been updated to make it compatible with newer version of Linux, such as RHEL9.x.
2022-07-28: We now also have our software for IBM s390x Linux, can be used on RHEL7.9 onwards.
2022-01-26: We now started to accept service request from customers that want their security commands on Linux/Solaris/AIX anti software-based attack capabilities added. The result program is a binary program, has the same functionality, but can't be debugged or traced by gdb or truss/tusc/strace; script program once converted will not be visible, you can no longer use something similar to "bash -x program" to see its execution steps. The converted program will have the most completed anti software-based attacks capabilities added. Almost all types of command that can directly run on Linux/Solaris/AIX can be converted, except those programs that will use child process to run the main functions. For those need child process to do the functions, you will need our WZSysGuard's secit to provide the protections for those commands.
2021-10-31: Our Linux security software are now grouped in to NOFA and FAOK classes, those with NOFA tag ones will find and kill any processes that use fanotify, to avoid critical file change got hidden; for those need fanotify function you need to find and use FAOK class of software, if you can't find that for the platform, then you either need to stop use the software which need the fanotify or stop use our software.
2021-08-15: Our wzshSDK and wzshRUN 6.0 now released. With encrypted script runs with wzshRUN 6.0, those hidden info stealing threats will be minimized: dtrace, systemtap, uprobe, kprobe, ftrace, bpftrace, memory snooper reading /dev/mem, /dev/kmem, /proc/kcore will be detected and killed. Our wzshRUN 6.0 now provides 2 very usefull security enhancement programs. 1st one is the sysguard which will be run as daemon to prevennt above mentioned threats; 2nd one is the runcmd, this one will allow the users to run commands without need to worry that passwords entered to be stolen by softwarei ways.
2021-03-18: Now our software for newer version of Linux on AMD/X86_64,MIPS32,MIPS32le,MIPS64,MIPS64le,PowerPC64le,ARMv7,ARMv8,RISCv64 can prevent BPF facility to steal the password from processes protected by our software.
2019-05-11: Finally, our WZSysGuard for AIX now also can help 3rd party security software to combat Trojan Horse attacks. So, now, all our data centre or cloud used WZSysGuard software for UNIX/Linux can help user to combat Trojan Horse attacks.
2019-04-22: Our WZSysGuard for HP-UX 9000/800 now also can help 3rd party security software to combat Trojan Horse attacks.
2019-04-06: Our WZSysGuard for HP-UX/IA64 now also can help 3rd party security software to combat Trojan Horse attacks. Our security software definitely is the best.
2019-02-28: Our WZSysGuard for Solaris/Linux now can help 3rd party security software to combat Trojan Horse attacks. Our security software definitely is the best.
2018-10-01: Our WZSysGuard now can prevent auditting to cause password leaking.
2018-09-16: Our secrun is more robust: when original protection process is killed, new protection process will be started and will recover the original protection.
2018-05-29: Our file integrity monitoring and intrusion detection software WZSysGuard now not only can detect most software based password stealing attacks for its own, but also provide a easy to use tool, secrun, to enable third party software to prevent most software based password stealing attacks.
2018-02-19: Our privilege delegation software CaclMgr has been updated, to become the world's first privilege delegation software that can combat passphrase swap attack done by root account.
2018-01-31: We have setup demo machine at AWS for public to test and win prize 3 times, each time last for almost a year. The condition to win the prize is very simple: anyone who can first find another software that has similar function to one of our software, but is more robust to against attacks and make the functions more reliable. However, no one has won the prize.
2017-07-17: Our Linux software can be used in Windows 10 Linux environment, so can make Windows 10 more secure.
2016-11-27: The password/passphrase read function used in our software now will kill the system call tracer process that attaches to our process; dtrace like process; processes that open system memory device or access our process' memory; process that opens our TTY. And it will continue to provide info for user to find possible TTY keylogger. On Linux platform, it will also try to prevent attacker to use Kprobe/Uprobe to steal the password/passphrase.
2016-11-13: Our recently updated WZSysGuard V5.1 provides an application security enhancement program: appguard. When supplied with those important applications' process IDs, the appguard process will detect whether those processes are being traced by system call tracer, debugger; dtrace like process created; processes that open system memory device or accessing those protected processes' memory. All these are possile hacking processes, so the appguard will try to kill them to minimize risk of secret info got stolen.
2016-11-13: Now, our updated wzshRUN V5.3 can help to enhance system's security: when a encrypted script is running, it can detect dtrace type of process, possible memory peeper, and kill them.
2016-07-02: Our newly released wzshSDK V5.3 can support to set encrypted script having capability to detect dtrace-kind of program running on the system, to provide better protection for password used in the script.
2016-06-21: wzcon now can help you to detect or prevent Trojan Horse attack, and it can also protect password/passphrase you input against most software based stealing attacks.
2016-06-11: Our demo machine at AWS is now expired, till now no one has won the reward of US$3,000 when the person can get the content of the file that get transfered in the remote job automation example, even when that file is not encrypted.
2016-06-10: Our WZSysGuard's operation console, wzcon, has been released. You can download it from our web server's "App Store" menu's "SHA384 CheckSum" page.
2016-05-30: Our WZSysGuard, CaclMgr and fcrypt now support being called from X-Window program. This feature is implemented in Python/Tkinter, requires X-Window program to set environment variable IN_X_ENV to value NEED_X_ASKPASS. Updated wzshSDK and wzshRUN now support dtrace/ProbeVue/SystemTap detection when environment variable FIND_TRACER is set to YES.
2015-12-12: Now our WZSysGuard becomes the 1st File Integrity Monitoring and Intrusion Detection Software that can detect hidden files on VxFS, and Solaris' UFS/ZFS.
2015-10-23: You can test our security software at AWS:
ssh roger@52.88.74.1
password: r0192
check README file for more detail.
2015-03-19: Our appRCadm now also supports Linux systems using systemd.
2015-02-21: We are pleased to announce that our WZSysGuard 5.0 has been released for most commercial UNIX/Linux platforms. The software is now more robust, and will give more trustworthy scan reports than other vendors' software, making intrusion detection and file integrity monitoring more efficient.
2014-08-08: We have changed our intrusion detection and file integrity monitoring software's name from WZFileGuard to WZSysGuard to reflect that our software is not just based on file change detection to detect intrusion, but also detect other changes happen on the system that will make intrusion detection far more effective.
2014-05-05: Our software for AIX now can also detect ProbeVue, so when our software requires user to enter password/passphrase, will be able to protect it from being stolen by malicious person using probevue, truss, or by reading user's tty.
2014-04-22: We have set up a RedHat RHEL6.4 machine and with WZFileGuard, CaclMgr, AutoSSH, AutoSFTP and appRCadm software installed for people to test our software.
To test, you can login to the roger account using ssh and password roger098. The IP address of the machine is 54.186.62.42. Please check ToTest/README for some info before starting the test.
2014-04-16: Our wzis.so PHP extension now can support PHP version 5.3.x to 5.5.x, so if you want to make web page more secure, use our PHP extension.
2014-04-02: Our AutoSSH can now detect OpenSSH Ebury Trojan Horse, prevent the further spread of this Trojan, safely protect the password/pass phrase from stolen by Trojan, system call tracer, dtrace, and key logger.
2014-03-21: Now our software for Linux also can detect dtrace and SystemTap, to prevent password/passphrase being stolen by malicious person using dtrace script or SystemTap module. This makes our Linux software also the most secure software for protecting your critical server.
2014-03-06: Found our wzis.so PHP extension module is not compatible with PHP 5.5.x, so for machines which use the PHP 5.5.x and onwards, no PHP encryption is supported until further notice.
2013-12-02: Our WZFileGuard for ARM/Linux now has a class for IP routing table, plus the firewall rule class, it's very suitable for network switch/firewall router.
2013-11-04: Our WZFileGuard for Linux now has class for firewall rules, so now it can help you to detect firewall change.
2013-11-03: Now our security trap detection and verification web interface is more secure: all the important web CGI scripts and major part of HTML files are encrypted now.
Our PortPon web interface also gets the security enhancement.
2013-09-30: Our PortMon V3.1 is now IPv6 compatible, means if you have servers using IPv6 addresses,PortMon can help to monitor their availability and inform the right people within one or two minutes when such server is unresponsive or crashed.
2013-09-08: Now our software also supports Linux running on IBM PowerPC (Power5/6/7/7+) servers, and ARMv5/v6/v7 based Linux servers.
2013-04-25: Now our PortMon has column sorting enabled: you can click the column header to sort the column.
2013-03-03: Now our password/pass phrase protection mechanism used by our wzappkey and WZFileGuard software can detect malicious person stealing your password using the way of reading your controlling tty. And now the detection of such attack is in real-time, means when you key in password or pass phrase for wzappkey or WZFileGuard, if a malicious person tries to steal that secret info using system call tracer, dtrace or reading the controlling tty, the attack will be detected in real-time, significantly reduce the risk of password stolen.
2012-04-27: Now our AutoSSH and AutoSFTP are able to detect dtrace, in addition to system call tracer, debugger, and Trojan Horse attack, so they not only allow you to automate jobs, but are also the most secure way to run jobs remotely and do file transfer.
2012-04-22: Our AutoSSH and AutoSFTP will soon be able to detect dtrace on Solaris platform, become the unique solution that can protect secret password or pass phrase from being stolen by malicious person using dtrace.
2012-04-14: Most of our software are now in wzpkg package format. It's easier to install and has better verification.
2012-03-24: We will soon to release most of our software in our own package format: wzpkg. With software packaged in wzpkg format, the installation of the software become very easy and simplified: just download the package, move it to /tmp or /var/tmp, chmod +x package_file_name, then run the file! It will check whether your machine has a version of this software already installed, and ask whether you want to remove it, if answer is yes, it will then remove the software first, and then install the current one, and also verify the newly installed files have no discrepancy in term of content and permission/ownership. And our wzpkgadm software will give you the commands to properly remove a wzpkg-formatted software or verify the software files' integrity.
2012-03-15: Now our PortMon software has dual language support: English and Chinese.