I was looking for HIPS. Asked you nice people at Wilders. Many good replies. Many different suggestions from you, like Prevx, Cyberhawk, AE, SSM, PS, DSA and so on. But most of you gave me advice to use it together with sandbox.

At first I didnt see why. To make the story short - I kept on reading and now I can see why sandbox may be a good idea. I will use it as a part of my layer protection.

These are often mentioned: Sandboxie, DefenseWall, GesWall and Bufferzone.

I struggle to choose between those four. From what I read they all offer good protection and are easy to use, even for a novice. So what to look for? I dont know if it matters, but I have two user accounts, use Firefox and Thunderbird, and I use XP, not Vista.

Does it matter which one I choose? Whats the difference?

Almost forgot, Im only looking for free version.

iirc, DefenseWall and GesWall dont offer file virtualization whereas the other two do. What this means is that cookies, cache, and other files wont be separated.

Im not very familiar with each program so I dont know other major differences among them, but I do suggest you try them and see which you like best.

One other thing: DefenseWall is not free. And if youre considering Bufferzone, its free version(s) work only for a particular app. For example, theres one version for Firefox, another for Thunderbird etc.

Thank you so much, very helpful.

-{ Quote: "One other thing: DefenseWall is not free. And if youre considering Bufferzone, its free version(s) work only for a particular app." }-

I forget about DW and BZ. You just made it easier for me to make a decision.

-{ Quote: "DefenseWall and GesWall dont offer file virtualization whereas the other two do. What this means is that cookies, cache, and other files wont be separated." }-

Not sure what this means.

I came over this, about Sanboxie:

http://www.wilderssecurity.com/showthread.php?t=173052

Maybe GesWall is the right choice for me.

-{ Quote: "I came over this, about Sanboxie:

http://www.wilderssecurity.com/showthread.php?t=173052

Maybe GesWall is the right choice for me." }-
it could just be his system...dont be scared to try sandboxie.

but whether you go with sandboxie or geswall theyre both good choices.

Im sure you are right.

The last thing to find out before testing is - what is file virtualization? What is good/bad about file virtualization? If I can understand this, then I know if I need it or not.

I found Sandboxie 2.86 to be very unstable and had some major problems with it. Could not get Maxthon or IE7 to access the Internet at all. Uninstalled 2.86 and reinstalled Sandboxie version 2.64, which works just fine. Sandboxie is the easiest to use of all the programs, IMO. Just right click your browser, email, or whatever program and select "Run Sandboxed," and that's all there is to it. I have never used Bufferzone, but GeSWall can be a major pain. While it may run fine on some machines, it really hosed mine, and I needed to do system restore in safe mode to get things working again. None of these programs are without bugs, but the older version of Sandboxie works well.

-{ Quote: "Im sure you are right.

The last thing to find out before testing is - what is file virtualization? What is good/bad about file virtualization? If I can understand this, then I know if I need it or not." }-
its hard for me to explain but when u run a program in sandboxie, any files that are created by the program will also be sandboxed. When you empty the sandbox those files will be deleted.

It can be good or bad. If you download files or add new bookmarks, you should remember take them out of the sandbox before emptying it.

hey tepe2
this is as good as any testing:
http://www.techsupportalert.com/security_virtualization.htm
He also gives DW a run here:
http://www.techsupportalert.com/security_HIPS.htm

Michel tests DW and this is an older version:
http://security.over-blog.com/categorie-566881.html
"kareldjag" has a really exhaustive set of tests of many tools in his blog: search around at the above link.

Hard decisions. :blink:
Just to make it harder: DW v2.0 is almost here....PrevX about to upgrade...OA 2.0 nearly ready ..... Anti-Exe getting some good support......

Despite what E-A has posted, Sandboxie works well for me: highly configurable if/as required: almost fully functional trial (cheap anyway you look at it :) ) rapidly evolving, good support. To date; excellent protection as part of other tools.

Good Luck with your choice. :thumb:

Thanks to all of you :)

-{ Quote: "Four of the products tested, Altiris SVS, GeSWall, VELite and Virtual Sandbox failed to protect the host PC from malware infection and cannot be recommended." }-

-{ Quote: "SandBoxie too performed well and only failed in one test; user data is accessible to sandboxed processes." }-

I probably test Sandboxie first.