GameShield System Feature Guide > IronWrapping > IronWrap Protection

IronWrap Protection

IronWrapping essentially "wraps" a mini virtual operating system around your program (and optionally data) like a protective shield. This virtual system may optionally contain a pre-defined license model, logic and customizable user interface elements to allow the user to interact with the IronWrapping system itself.

The IronWrap system provides numerous protection mechanisms which you can control.  These protections include three types of systems (technically, some protections may fall under one or more types):

  1. Protections which make it difficult to reverse engineer or crack the product through obfuscation (complexity designed to confuse) Typically these types of protections in the IronWrap system also help to ensure that class-breaks of the system are not possible.

  2. Protections which explicitly attempt to prevent common attacks or actions which may assist a cracker.

  3. Protections which attempt to detect that an attacker is trying to crack the product (and take some remedial action).

 

The exact protections you apply to your IronWrapped product may be controlled from inside your License Project in the License Manager.  These protections include:

 

  1. Bad-Header Protection

  2. Internal Resource Protection

  3. Relocation Table Protection

  4. Export Protection Technology (EAT)

  5. API Filter Protection Technology
  6. IronWrap CodeRivets
  7. Embedding Files
  8. Digital Signature Validation Protection
  9. The IronWrap Advanced Defense System (ADS)
    1. Anti-Kill Protection (a sub-module of the ADS system)
    2. Anti-Code Injection Protection (a sub-module of the ADS system)
    3. Anti-Virtual Machine Protection (a sub-module of the ADS system)
    4. Hidden Mode Protection (a sub-module of the ADS system)
  10. Other secret and proprietary protections withheld for security reasons.  (these are applied by default by the IronWrap system and cannot be directly controlled).

ADS Detection Actions

If the IronWrap Advanced Defense System (ADS) detects a cracker invading your program, you have the option of selecting a number of actions that the system should take. None of these actions are mutually exclusive, you may set any combination of them.  These options are:

  1. Terminate Intruder Program - the ADS system will attempt to forcibly terminate the intruder program.

  2. Terminate Self - the ADS system will halt the IronWrapped program in a non-orderly shutdown.

  3. Show "Incompatibility" message - the ADS system will show a (single language) dialog box with a short message in it.  You may customize the message.  

  4. Forbid Future Simultaneous Launch of Intruder - the ADS system will attempt to prevent any future launch of the intruder program while the IronWrapped product is running.  This of course only applies if the IronWrapped product is running before the intruder.
  5. Freeze The System - (not recommended)  the ADS system will put the system into a state which will likely freeze the OS and the machine will become unresponsive and will likely need to be hard re-booted.
  6. Shut Down The System - (not recommended) the ADS system will attempt to immediately shut down the machine without warning or permission.

Testing and Compatibility

Some protections may not be compatible with your product.  You must be sure to thoroughly test your IronWrapped product in all the operating systems, environments and configurations you expect to support.  If you find strange behaviour or instability, simply turn off all the protections, re-compile, re-test to ensure they have gone away, and slowly build them back up re-testing in between small changes to find the optimal balance of protection and stability for your product.

The Difference Between IronWrap Protection and Tamper Resistance

Note that IronWrap protection is distinctly different from the Tamper Resistance settings (found on the License Behaviour Tab).  These Tamper Resistance settings are applied at a different time by the ClientProtector (later in execution) and may be applied to non-IronWrapped projects. IronWrap protection is significantly stronger, more dimensional and may only be applied to IronWrapped products.  They may be applied together if you wish (with the exception of the Resist-User-Debuggers Tamper Resistance setting).

More Information

For more information about actually setting these IronWrap protections, see: IronWrap Protection Tab

Related Topics