I have a fast computer and plenty of RAM, disk space etc... Cable internet.

I have added:
a router
Software firewall (Kerio 4.2 with BZ rules)
BOClean
MSAS,
SpywareGuard
SpywareBlaster
AD Aware (on demand)
A2 personal (on Demand)
ewido (on deman)
avast! Home
Spybot Immunized....

...because I have been reading this forum and CastleCops. I don't have HIPS protection at this time. I surf pretty safely, actually. I try to use Firefox or Opera as much as possible. Just to be safer, I am considering adding another layer of defense, HIPS. This is a murky area for me. I could just pay for Kerio firewall and get the HIPS that it offers or I could add antihook or one of the other ones that you guys use.

I am an intermediate user. I use Kerio firewall because I found making rules too daunting for me. I was able to import a rules set already created for Kerio firewalls. Jetico and Filseclab were a little too involved for me, just FYI concerning the kind of end user that I am. I am asking for advice on a program or two to try out that would cover this area of security. Free would be terrific. Cheap would be good. I can pay if necessary. I am not too fond of yearly maintenance charges.

Your advice, please...

P.S. I just posted about LUA accounts as well, in this forum. That switch may actually negate the need of HIPS, yes, no... ?

Thanks,

B.

your setup seems secure and if u surf safely, i wouldnt consider an HIPS crucial. i personally use a combination of safe n sec and regrun security suite but there are numerous you could try like antihook, processguard, online armor, geswall, defensewall, etc..

I am using Online Armour and I would say it pretty easy to setup and use.

You can freely try it out for 15 days.:)

{QUOTE-> your setup seems secure and if u surf safely, i wouldnt consider an HIPS crucial. i personally use a combination of safe n sec and regrun security suite but there are numerous you could try like antihook, processguard, online armor, geswall, defensewall, etc.. <-QUOTE}

SNS or Ghost Security are both good although as OA nice .

....... might be Worth looking at

DefenseWall HIPS:
DefenseWall HIPS (Host Intrusion Prevention System) is the simplest and easiest way to protect yourself from malicious software (spyware, adware, keyloggers, rootkits, etc.) when you surf the Internet! Using the next generation proactive protection technologies, sandboxing and virtualization, DefenseWall HIPS helps you achieve a maximum level of protection against malicious software, while not demanding any special knowledge or ongoing online signature updates.

DefenseWall HIPS divides all applications into 'Trusted' and 'Untrusted' groups. Untrusted applications are launched with limited rights to modification of critical system parameters, and only in the virtual zone that is specially allocated for them, thus separating them from trusted applications. In the case of penetration by malicious software via one of the untrusted applications (web browsers etc), it cannot harm your system and may be closed with just one click! With DefenseWall HIPS, Internet surfing has never been so simple, safe and easy. Try it today, and you will be convinced!



The Security Pit

It is common that most Windows XP / 2000 users use their computers from an account with administrator privileges, which allows the user full control of the system. From an Administrator account, users or programs may change security settings, install software, access, modify, or delete personal and system files, and just about anything else, with few (if any) restrictions. The idea behind the Security Pit is to offer protection to users that operate their computers as an Administrator.



Running your computer as an Administrator can become a real problem if you inadvertently download any Virus, Malware or Spyware while using any internet or email software. Most malicious software take advantage of the administrative privileges to infect the computer they are attacking. As an example, Viruses and hackers target systems running with Admin privileges to do the following, as part of the infection:

Admin protection system Disable any Antivirus software that may be running

Admin protection system Modify Antivirus software to leave it running, but be ineffective

Admin protection system Disable Firewalls

Admin protection system Overwrite system files

Admin protection system Change registry settings

Admin protection system Add malicious background services to Windows that start before any other programs, and have even greater privileges than the Administrator account.

I have only used DefenseWall HIPS - basically its surfing and e-mailing out of a virtual "sandbox".

I believe its the best protection out there for surfing and emailing and more. See to it that your browser(s) and e-mailclient(s) are untrusted and its all set to forget.

For me its a choise to get the best combination of which onces to pay for and which ones are good enough freebies. With DW as the "Jewel in the Crown" I can feel extremly safe with my present setup. I lack the router to take some load off the FW - but its in the pipeline.

Best Regards

Plenty of fairly easy ones to choose from :

Online Armor (paid)
Prevx1 (free or paid)
BufferZone (beta - free) - formerly AntiMalware
Safe-n-Sec (free still I think)
Sandboxie (virtual sandbox - free)
Winpatrol (fairly simple IDS)


Not sure how easy these are to use

Antihook (free)
Viguard (paid)

Bit more difficult to use

Process Guard - it's not really too hard to understand, just takes a bit of time to learn, but you can't crash your system learning it :)

I use a combination of ProcessGuard (paid), RegDefend and WormGuard. It looks like the free version of ProcessGuard may be what you're after. Here is a comparison of the features in the free and paid versions:

http://www.diamondcs.com.au/processguard/index.php?page=download

{QUOTE-> I am using Online Armour and I would say it pretty easy to setup and use.

You can freely try it out for 15 days.:) <-QUOTE}

It maKes my system slow. I installed trial and removed after few days.

I am using NIS and MSAS.Then I added Antihook( fingerprint mode) and PG free learning mode, just to try these. Then I added OA and felt my system is slow. May be a compatibility issue. Anybody try all these? After i uninstalled I did feel a difference, any explanation?

{QUOTE-> Plenty of fairly easy ones to choose from :

Online Armor (paid)
Prevx1 (free or paid)
BufferZone (beta - free) - formerly AntiMalware
Safe-n-Sec (free still I think)
Sandboxie (virtual sandbox - free)
Winpatrol (fairly simple IDS)


Not sure how easy these are to use

Antihook (free)
Viguard (paid)

Bit more difficult to use

Process Guard - it's not really too hard to understand, just takes a bit of time to learn, but you can't crash your system learning it :) <-QUOTE}

Overall a pretty good list. Safe'n'Sec isn't free though, and I am not sure about Process Guard not crashing your system learning it. Quite a few people are still having problems, and I dropped it because the new versions did a lot of crashing for me.

Sandboxie (virtual sandbox - free)

is says registration for 20$ what features are lost after 30 days, is it still functional? I'm trying it out right now for the first time

{QUOTE-> Overall a pretty good list. Safe'n'Sec isn't free though, and I am not sure about Process Guard not crashing your system learning it. Quite a few people are still having problems, and I dropped it because the new versions did a lot of crashing for me. <-QUOTE}


I think safe n Sec is not free?

I don't think any features of sandboxie are lost. They just want donation money.