The only ones i know of are Prevx1, Cyberhawk, and Processguard. I tried processguard and cyberhawk, but not extensively since i would have to invest a lot of time configuring them so I won't get compatability errors. Which is the best out of the 3? Can anyone name other free alternatives?

SSM.

http://www.syssafety.com/

DSA is also pretty good but does not seem to allow a lot of lee-way for correcting mistakes.

http://www.privacyware.com/dynamic_security_agent.html

Prosecurity :)

Spyware Terminator is pretty good.

Free HIPS
Set and forget
- PrevX1 : strong combines whitelist and community blacklisting with some behavorial protection (not as strong as CyberHawk)

Some pop-ups
- CyberHawk (really strong)
- When you want some outbound protection, combine it with DSA is also an easy to setup process startup monitor as a bonus you will get mail-bot protection

Strongest with pop-ups
- SSM-free has by far the most process/memory protection of all freeware HIPS (the registry module can be set yourself as a really strong registry defense)

- When you want outbound protection, use SensiveGuard (try it), It is a real pitty the developers of Sensive Guard have not made it working on all hardware configurations. It has the incredible advantage that it recognises user initiated, program initiated and programs with internet connection initiated actions. As a bonus you will get a data protection wall,
Examples
All internet programs are not allowed to create/modify/delete sensive files on your C-drive = extra defense against worms/trojans/rootkits,
All internet programs are not allowed to read your data files from your D-drive when not initiated by the user = extra defense layer on data theft (above the outbound traffic protection). Search for review SensiveGuard on this forum.

I would also use a free Sandbox (SandboxIE, BufferZone, GesWall free, ShadowPower) or better buy GesWall Pro or DefenseWall

Thanks for the sandbox suggestion, I'm currently trying out Sandboxie(and will probably stick with it). This is an egregious thread hijack, but at least i'm hijacking my own thread. My current security suite involves spyware blaster, AVG antispy free, Avira Antivir free, Comodo, Sandboxie, and Mozilla w/ noscript. Am I covered on all bases? I know the best solution is smart web browsing, but let's presume that I am an absolute retard. With that presumption, are all of my software selections sound? How can they be improved?

Ian 'Gizmo' Richards did a fairly comprehensive tests on several HIPS programs. You can view his results here (http://techsupportalert.com/security_HIPS.htm). According to his tests, DefenseWall sweeped the field with a nearly perfect performance. However, I would run the trial versions of all the ones you are interested in to test their interface, usability, and compatiblity with your system. Some HIPS programs require much more user interaction than others, so you should take this into account when deciding.

-{ Quote: "Thanks for the sandbox suggestion, I'm currently trying out Sandboxie(and will probably stick with it). This is an egregious thread hijack, but at least i'm hijacking my own thread. My current security suite involves spyware blaster, AVG antispy free, Avira Antivir free, Comodo, Sandboxie, and Mozilla w/ noscript. Am I covered on all bases? I know the best solution is smart web browsing, but let's presume that I am an absolute retard. With that presumption, are all of my software selections sound? How can they be improved?" }-
Your software selections are indeed sound. However you apparently have no real-time spyware protection. This might not be as important since you are using Firefox w/ NoScript within sandboxie, but it would provide a more complete and thorough security setup. If you don't want to buy an real-time anti-spyware, you could go with windows defender or spyware terminator, both offer excellent protection for the price ;D. Also, a hardware firewall always provides further protection, but if you use comodo correctly you should probably be ok. Others might recommend 'hardening' your system, but I am as of yet less familiar with this so I will not comment on it any further. And as I'm sure your aware, given that you created a thread about it, a HIPS program would round out your security setup. Almost forgot, it's always a good idea to have a backup plan, for even the best security setups are succeptible to failure.

-{ Quote: "... you could go with windows defender or spyware terminator, both offer excellent protection for the price ;D. " }-

Or if you are using NOD32 ver 2.70.xx, just use its built-in antispyware option and surf with Opera or Firefox, and don't bother wasting money and system resources on a separate antispyware app. In fact, antispyware apps are IMHO the least essential of all security apps normally recommended for inclusion in one's security environment..

I will say SSM.

SSM will be best as a classical HIPS. But still I will prefer a sandbox HIPS like DefenceWall, GesWall etc over SSM.

-{ Quote: "If you don't want to buy an real-time anti-spyware, you could go with windows defender or spyware terminator, both offer excellent protection for the price" }-

In my experience even as free both are almost useless as AS( not talking of their HIPS function).

I am impressed with Noeava (something) Guard. Bit of a simple interface. Trailing it right now.

-{ Quote: "I am impressed with Noeava (something) Guard. Bit of a simple interface. Trailing it right now." }-

Hi all,

I like it too as a free HIPS : very light and effective.
His author is finalizing a new UI which give to NG a really new start

MaB

-{ Quote: "I am impressed with Noeava (something) Guard. Bit of a simple interface. Trailing it right now." }-
ProcessGuard?

-{ Quote: "ProcessGuard?" }-
Neoava Guard (http://www.neoava.com/)

STSEM SAFETY MONTIR

Best of the best IMOH>

-{ Quote: "I am impressed with Noeava (something) Guard. Bit of a simple interface. Trailing it right now." }-

Any conflicts between Neoava and SensiveGuard? Seems there would be some double-duty there. Also, how stable do you feel Neoava is? I read some other threads where it seems it caused some problems, but, of course, could be user error rather than the program. Have been thinking about trying it, but wanted to make sure it was sound before doing so.

Monkey Feces,
Keep in mind that Neoava Guard v1.0 is a BETA software, which means not for average users, although nobody cares anymore nowadays.

-{ Quote: "Any conflicts between Neoava and SensiveGuard? Seems there would be some double-duty there. Also, how stable do you feel Neoava is? I read some other threads where it seems it caused some problems, but, of course, could be user error rather than the program. Have been thinking about trying it, but wanted to make sure it was sound before doing so." }-

I did not trail it on PC-1 (DW, SSM, SG, AV), but on th eone with Antivir + CyberHawk + GeSWall Pro as a replacement for CyberHawk. ErikAlbert is right I am a monkey face and it is a Beta with incompatibility with GeSWall Pro (when switching from isolated to non-isolated).

I will wait until it comes out of Beta, to replace CyberHawk. When you get NG working on your rig, it offers the best protection available. Until then (not working) I'll stick to my opinion SSM-free the best by far.

Thanks for the Neoava tip. I will probably try it when it comes out of beta.
Aigle,
Our security setups are nearly identical. Have you had any experience with sandboxie? If you did, is GeSwall noticeably better than Sandboxie?


TypicallyOffbeat,
Would Spyware Guard offer adequate anti malware protection?

-{ Quote: "Would Spyware Guard offer adequate anti malware protection?" }-
No. It only provides protection against spyware, and even at that it's not really sufficient in itself. Here (http://www.javacoolsoftware.com/spywareguard.html) is a description of what SpywareGuard does. Last I heard, it wasn't being developed and updated anymore, not sure on that though.

Prosecurity in my opinion because developement is very very very very active.

My left eye is keeping close watch on ProSecurity. Some BSOD issues turned me off eifgr away bur thats been months ago now.

You all know my fierceness when it come to there HIPS so answer this Batman. Is it all all possible to run BOTH SSM and ProSecurity together, i want some actual results from your experience plz, no bluff just tough results of what you noticed when using them together if that;s possible at all.

Thanks

Tried ProSecurity a week ago, the free version not beta, and don't work on this computer. I downloaded it, installed it and it instantly went into reboot.

After the reboot, as soon as PS started, another reboot began. No warning, no nothing. So, PS is gone. I had to go into safe mode to get rid of it. Once it was gone, all was okay again.

And, when I downloaded it, no other HIPS type programs on this box, and I disabled the antivirus.

Another useful little tool for hardening: pure rules based HIPS/Blocker:

Samurai: reg tweaks and driver install blocker.
Difficult to categorise within the current HIPS apps.

http://www.turbotramp.fre3.com/

I have to reiterate System Safety Monitor again because i dropped my AV for it when it first came out and it intercepted intrusions perfectly. Combine that with another HIPS and an AV has no work to do at all.

If i'm imagining my results to this i'm wide open to opinions to the contrary.

You should not run SSM and ProSecurity together ! What are you thinking?

-{ Quote: "I tried processguard and cyberhawk, but not extensively since i would have to invest a lot of time configuring them so I won't get compatability errors." }-

Use System Safety Monitor free and Processguard free and there won't be must time configuring (Learn-modes). I use SSM Full with PG free and have not encountered any issues so I guess the same will go for SSM free/PG free.

I tried cyberhawk for a few days and I have some serious problems with it bogging my computer to a crawl down whenever i try to install something. I always had to resort to pressing the reset button on my tower. I tried out SSM, Spyware Terminator and Prevx1 to replace it. I liked the last 2, but SSM was a bit too time consuming to learn (I have spent way too much time reading help files and tutorials in the last few days). Anyway, does Prevx1 offer similar protection to ST's realtime defense? I would rather keep my suite limited to Avira, sandboxie, comodo, prevx1, and one on-demand scanner with AVG AS.

-{ Quote: "Use System Safety Monitor free and Processguard free and there won't be must time configuring (Learn-modes). I use SSM Full with PG free and have not encountered any issues so I guess the same will go for SSM free/PG free." }-
I appreciate the advice, but I would rather use simpler apps. Even after using SSM's learning mode, to learn my startup programs, I still got popups while idling on my desktop.

*Edit I will probably try SSM again after my Prevx1 trial runs out. I just find myself wasting too much time searching things on google to respond to all my alerts. Such alerts that made me pull my hair out were false positives from ZAP's component control about me having a keylogger on company of heroes, how I was warned that my hardware drivers were observing my activities, and when I got popups from 2 different apps asking me to allow whenever i opened up something(process guard, and ZAP).

You can suspend Cyberhawk when installing something. I don't remember it slowing My PC down when doing that.

True and Safe PC Security requires some effort, not much, but additional time to familiarize yourself with just what's going on with your computer (internet) on a daily basis. SSM affords gret flexibility and is a valuable learning program too. If it's too much hassle then leave it for a Prevx1 or other that will pretty much do everything on it's own. Theres no two ways about it, SSM once you set the rules will stop popping up unless there is some caution that requires serious attention. Otherwise your attention will focus only on that as an annoyance. Simply put.

The internet is like a bad neighborhood where you must always keep one eye open and stay fully alert to make your way thru it. Thats just the nature of how it stands right now.

There are many apps though that can make up that slack and become the eyes for you. I think that's what you prefer and theres nothing wrong with that really.

Examine the choices suggested here and you will find just what you need to make your experience what you expect it to be with minimum effort on your part.

I'm currently using DefenseWall HIPS and I like the methodlogy. Not as intrusive on the alerts yet very powerful in not allowing stuff to happen. Pretty amazing program, at 1st I was skeptical since I'm so use to being alerted of every little detail happening on my machine. I would recommend this program to anyone that wants an easy to use and powerful defense. Memory usage is low as well, 6,000k or less. I mainly use this program for detection of unknown file and registry entries but as a bonus it does STOP bad .exes' and processes assossiated with it from doing anything to your system. :) However it doesnt remove the traces of the files that get created by the baddies, but then for me a clean restore would be in order. Its much faster to detect system changes than it is to run a full virus, malware, trojan, and RK scan and hope they 110% clean everything. (FACT)

-{ Quote: "Even after using SSM's learning mode, to learn my startup programs, I still got popups while idling on my desktop." }-

??? Strange, because when you start/close all the stuff you use and reboot your pc (twice) while in learning mode there shouldn't be much popups anymore, unless you use a lot of new software regularly.

I decided to give SSM an extended try. After using it, I realized it was a less informative, but more powerful cyberhawk. E.G. - Instead of asking me once per program launch about whether or not I trust the program to resources a keylogger would use (Starting some Microsoft services), SSM asks me to allow or block the library unhooker thingamabob and the explorer.exe parent access to *insert any .dll file*. Honestly, all I do is click allow because all of these parent and application warnings popup during installations. Would it be redundant to have Prevx1 running at the same time to discern whether an app might be malicious, or should I just migrate back to Prevx1 altogether?

Also, would a HIPS and antivirus real time scanner negate the need for Spyware terminator's real time services? Many people have already recommended it, but I would like to keep my system resources as available as possible since I mostly game on my computer.

Prefer my FF - Noscript - Sandboxie - Powershadow setup so far but am considering a hips.

Defensewall IMHO is the best available HIPS atm but on reading the Neoava blog I just may try the new version when released.

Will be interesting to see the fellas over here get hold of it and see if they can tear it to pieces!

-{ Quote: "I estimate the new beta to be ready for public release around mid March.

This time I promise the new version can make it as the best HIPS available on net, not only among the free ones but also others.

I will just keep it free, not to help people protect their computers (which will be done anyways) but to show how powerful Neoava Guard is and how creative I am in programming.

Just wait and see, cuz u aint seen nothin yet!" }-
http://www.neoava.com/weblog.htm

-{ Quote: " Honestly, all I do is click allow because all of these parent and application warnings popup during installations. " }-

It,s Ok to do like this while using legitimate programes/ launching applications on ur system as it will make permanant rules but while installing software it is useless. Either disable application rules while installing some software or choose allow once only in pop up.
Full version has an install mode though.

im searching for a program that allows me to put some files (like a file that i downloaded) in a kind of "sandbox". What program should i use?

-{ Quote: "im searching for a program that allows me to put some files (like a file that i downloaded) in a kind of "sandbox". What program should i use?" }-
Sandboxie?.. can also execute the file in a sandbox (incase you think its malicious)

-{ Quote: "im searching for a program that allows me to put some files (like a file that i downloaded) in a kind of "sandbox". What program should i use?" }-
Yea, as dawgg said Sandboxie would work if your strictly looking for a sandbox. You might also consider DefenseWall, which is a Sandbox and HIPS of sorts.

Any news on what Novatix's Cyberhawk is doing recently? I think they are still doing some beta testing but any feedback from Cyberhawk Support or others would be welcome.

About SandboxIE, 2.80 is out. Not official yet, he will wait to see if bugs are found. If not, it will be official.
Sandboxie version 2.80 Released
(http://sandboxie.com/phpbb/viewtopic.php?t=1185&sid=bf56958fc9b7d4e9528b7d20eb619621)
Sounds like a big improvement:thumb:

It's running good here:)

I would search the Sourceforge(dot)net projects for some very good, very stable HIPS, IDS and lockdown systems which use few system resources.

Dave

-{ Quote: "I would search the Sourceforge(dot)net projects for some very good, very stable HIPS, IDS and lockdown systems which use few system resources.

Dave" }-

Links are always welcome if you care to share a few of your finds.

-{ Quote: "I would search the Sourceforge(dot)net projects for some very good, very stable HIPS, IDS and lockdown systems which use few system resources.

Dave" }-
I don,t think u need more.
SSM
PS
PG
NG etc

Thanks for the note of confidence but this setup is for research interests at this point.

-{ Quote: "Links are always welcome if you care to share a few of your finds." }-
Easter, I RECANT! Those apps work well for a few hours -- yea, even for a few days, after which time, one must restoreth much.

Dave

Thanks dw2108

I been around that block before too and didn't always find acceptable what was offered so i know the feeling.

Eeye Blink Neighborhood Watch Edition is the today state-of-the-art HIPS.
I use the personal Edition that is not free but very cheap and uses the Norman anti-virus engine.

Regards
joter