hello.......almost all security suites....firewalls...and even stand alones today stress on hips........i was wondering which one should be preferred....outpost 2009...kis2009...OA.....or..any stand alone...???which one would provide best peace of mind....with top notch protection.....

my current set up:
laptop and home pc-kis2009+spysweeper 6
office pc's-outpost pro 2009+avast 4.8/avira

Suite:
KIS 2009

Firewalls:
Outpost 2009
Online Armour 3
Comodo 3

Standalone:
Real-Time Defender
Malware Defender
EqSecure (with Alcyon's Ruleset).

I personally use KIS, Comodo, Outpost 2009 in my systems. You should test them out, see which one suites you best. IMO, they are all very effective.

-{ Quote: "hello.......almost all security suites....firewalls...and even stand alones today stress on hips........i was wondering which one should be preferred....outpost 2009...kis2009...OA.....or..any stand alone...???which one would provide best peace of mind....with top notch protection....." }-

This is the question which is impossible to answer. One needs to run a lot of the same tests for all the software in question under the same conditions. The only resource I know which satisfy those requirements is Matousec, but his set of tests I think is a _bit_ hm .. biased .. toward his personal ideas. So one should take them only as a hint :)

-{ Quote: "hello.......almost all security suites....firewalls...and even stand alones today stress on hips........i was wondering which one should be preferred....outpost 2009...kis2009...OA.....or..any stand alone...???which one would provide best peace of mind....with top notch protection....." }-
There's nothing like trying them out and judging for yourself. As mentioned, since all software runs differently on different systems, it's hard to make summary judgements. Personal 1st hand experience on your own machine can't be beat.

I like the middle level D+ in Comodo's new RC2. You can later check keyboard and screen access detection. I'm running it with the AntiVir Suite (without the Avira firewall.)

Hmmm... You might get more answers to your questions about HIPS if you ask them in the Wilders forum that covers HIPS, which is Other Anti-Malware (http://www.wilderssecurity.com/forumdisplay.php?f=35).

However --

IMO the BEST classical HIPS are (in no particular order)...

Malware Defender (http://www.torchsoft.com/en/md_information.html)

System Safety Monitor (http://syssafety.com/product.html)

Online Armor (http://www.tallemu.com/)

As I see it, the BEST behavior-blocker HIPS are (in no particular order)...

Mamutu (http://www.mamutu.com/en/software/mamutu/)

Threatfire (http://www.threatfire.com/)
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

If you are an experienced computer wonk, or if you are patient to research pop-up alerts from time to time, then you should use a classical HIPS.

On the other hand, if you want *almost as good* protection as is afforded by a classical HIPS, BUT with less pop-up alerts & less need for user to have expertise, then you should use a behavior-blocker HIPS.

Simple answer, Comodo.

Comodo's HIPS default settings are improved for less pop ups in CIS 3.5. Off course, you can tweak & customize it anyway you want.

+1 for Comodo. Its the best in terms of sheer configurability and feature set. Not for novice users, but its a sword in the hands of a Ninja.

Also another reason, I support Comodo is that it provides similar protection across platforms ( XP, Vista x86, x64). Which is not seen with some other products, like KIS2009 HIPS is limited in Vista and most products are not functional in Vista x64.

Hi,

I feel secure with Online Armor's HIPS

Regards,

MaB

It was infact ProSecurity. Sadly it died.

Now CFP Dfence Plus and OA HIPS are good choices IMO.

-{ Quote: "Comodo's HIPS default settings are improved for less pop ups in CIS 3.5. Off course, you can tweak & customize it anyway you want." }-

Yeah, the CIS 3.5 provides much better out-of-the-box experience, lot less noisy.

IMO default settings of CIS are not good. Default settings of OA are better than CFP. Although CFP has more granular control but they made default settings weaker while reducing pop ups. OA default settings are quite strong while still maintaing less pop ups.

-{ Quote: "IMO default settings of CIS are not good. Default settings of OA are better than CFP. Although CFP has more granular control but they made default settings weaker while reducing pop ups. OA default settings are quite strong while still maintaing less pop ups." }-

COMODO wouldn't leave you vulnerable knowing so. ;) The technology has been updated as well, So it plays nicely with CIS AV or your pre existing AV, Where the AV covers the other D+ Settings, etc...

The main problem of CIS is that its antivirus is one of the worse antiviruses in the world (now..).

I'd install a good antivirus plus a good firewall/HIPS, like Online Armor or Comodo

-{ Quote: "IMO default settings of CIS are not good. Default settings of OA are better than CFP. Although CFP has more granular control but they made default settings weaker while reducing pop ups. OA default settings are quite strong while still maintaing less pop ups." }-

I agree with you aigel, the default D+ settings in CIS are not good.
Josh please try some tests with it, you will find the default settings aren't that great, For example keyloggers can record keystrokes. Though you can easy change the settings and then it's bullet proof :P

*Read* for files and folders is only things which missing from CFP, and huge amount of rules are making CFP secured systems very slow when creating new rules (don't know is this improved in newest CIS)...
KIS 2009 HIPS don't have such problems, but KIS 2009 in other hand missing some APIs to defend...

-{ Quote: "COMODO wouldn't leave you vulnerable knowing so. ;) The technology has been updated as well, So it plays nicely with CIS AV or your pre existing AV, Where the AV covers the other D+ Settings, etc..." }-AV is not so good ATM to be relied upon.

Two thing. First I was surprized that by default explorer.exe is allowed to execute any thing withoput any execution alert.

Secondly I think they must have an option where it scans C drive/ partition and mraks all executables on C as trusted alongwith a large white list. It will make popups very less. Also default mode should be free of parent child relations for Execution just like OA and PG.

Current complex Parent child relation can be left in adbanced mode for advanced users.

Try Outpost firewall is better than online armor

http://www.matousec.com/projects/firewall-challenge/results.php#firewalls-ratings

-{ Quote: "Try Outpost firewall is better than online armor

http://www.matousec.com/projects/firewall-challenge/results.php#firewalls-ratings" }-

Please tell us why that is.

Matousec
That is reffering to Leaktests, A good place for HIPS tests etc is at.
www.testmypcsecurity.com

-{ Quote: "Please tell us why that is.

Matousec
That is reffering to Leaktests, A good place for HIPS tests etc is at.
www.testmypcsecurity.com" }-

Matousek tests the HIPS more than the firewall, ans it's more impartial than testmypcsecurity, which is sponsorized by Comodo

-{ Quote: "Matousek tests the HIPS more than the firewall, ans it's more impartial than testmypcsecurity, which is sponsorized by Comodo" }-

Negative, it is totally fair. Anybody may Join the site and download + submit the test results them selves.

EDIT: Also unlike matousek - www.testmypcsecurity.com does not charge the providing developer per newly submitted version.
It's a test for the people by the people.
Some people believe that some of the tests running on Matousek are irrelivant in the real world.. This has been discussed in another thread, if your interested please search for it but stay on topic here :)

-{ Quote: "Please tell us why that is.

Matousec
That is reffering to Leaktests, A good place for HIPS tests etc is at.
www.testmypcsecurity.com" }-


testmysecutiyt is much more misleading than matousec. For one it is not professional, different products are tested by different people under different conditions and finally it's obviously biased.

-{ Quote: "testmysecutiyt is much more misleading than matousec. For one it is not professional, different products are tested by different people under different conditions and finally it's obviously biased." }-

Most enviroments are not the same, Thats why you may download the tests and run them your self, and make up your own mind about the program. and please stop making false claims of things being biased as any one that uses any program has an equal oppertunity.

-{ Quote: "Negative, it is totally fair. Anybody may Join the site and download + submit the test results them selves.

EDIT: Also unlike matousek - www.testmypcsecurity.com does not charge the providing developer per newly submitted version.
It's a test for the people by the people.
Some people believe that some of the tests running on Matousek are irrelivant in the real world.. This has been discussed in another thread, if your interested please search for it but stay on topic here :)" }-

I AM in the testmypcsecurity team, but I don't think it's fair to put in the comparison 5 different tests of Online Armor (so that they can show that previous versions of OA weren't good), and only one test of each of all the other products.

I've already said it in the board, but nobody listened to me (edit: or maybe I wrote a PM to melih.. not sure..).

-{ Quote: "
..., A good place for HIPS tests etc is at.
www.testmypcsecurity.com" }-
I can't find a single standalone/classical HIPS test there (EQS, RTD/PS, SSM etc.), just outdated tests of Firewalls and Suites.

Do you really recommend this site for HIPS tests, no mistake?

Cheers

-{ Quote: "Most enviroments are not the same, Thats why you may download the tests and run them your self, and make up your own mind about the program. and please stop making false claims of things being biased as any one that uses any program has an equal oppertunity." }-

I'm not going to argue with you. I just said my opinion based on my personal experience and I do not want that anybody was misled by testmysecurity. All you say has nothing to do with the quolity of testing and reliability of the results. "Equal opportunities" do not make it more valid or more professional.

How well HIPS can protect you, and how well it does against tests, is extremely dependent on how it's configured. My experience with HIPS is limited to SSM, both versions, so I can't comment on how other HIPS perform. Most of them get evaluated pretty hard with more comprehensive test procedures than those lousy "leaktests". Barring major flaws that are undetected at the moment, the classic HIPS give the user enough control over their system to prevent its being compromised.

Classic HIPS are enforcement tools. They don't differentiate between good and malicious, necessary and unneeded, etc. They enforce rules. The default rules are seldom good enough to completely protect any system. There's too many variables for that to be possible. If the users security policy is sufficient to keep malicious code from running and their system and security apps (not just HIPS) are configured well enough to enforce that policy, a PC can be made nearly bulletproof. Classic HIPS do not directly protect or secure a PC. They give the user the power and control to secure it to the limits of their skills and knowlege.

-{ Quote: "I AM in the testmypcsecurity team, but I don't think it's fair to put in the comparison 5 different tests of Online Armor (so that they can show that previous versions of OA weren't good), and only one test of each of all the other products.

I've already said it in the board, but nobody listened to me (edit: or maybe I wrote a PM to melih.. not sure..)." }-

If you read the results it shows that not all OA versions prevents the same things.. Some earlier versions prevent things that the later version does not, and Vice versa.

-{ Quote: "If you read the results it shows that not all OA versions prevents the same things.. Some earlier versions prevent things that the later version does not, and Vice versa." }-

I know: that's why they should do the same with all the other firewalls :dry:

-{ Quote: "I know: that's why they should do the same with all the other firewalls :dry:" }-
I have made a post regarding this and I will get back to you with the most info as I can here.

-{ Quote: "I have made a post regarding this and I will get back to you with the most info as I can here." }-

thanks :) :thumb:

-{ Quote: "I can't find a single standalone/classical HIPS test there (EQS, RTD/PS, SSM etc.), just outdated tests of Firewalls and Suites.

Do you really recommend this site for HIPS tests, no mistake?

Cheers" }-

Yes, No mistake- tests code injection,termination,creation, autostart etc etc etc - If you are a user of EQS etc.. Can you please join, + submit your results? Much appreciated.
You can take the tests without signing up and submitting.. But it helps other users if you do :)

@leolas, Very much welcome. I'll get an answer from the horses mouth for you.

-{ Quote: "thanks :) :thumb:" }-

Talked to CEO, this was his reponse


-{ Quote: "Well, users decide what to test.
the users who tested it wanted to test different versions I guess. As I belive different versions fix different things.

Melih" }-

-{ Quote: "Talked to CEO, this was his reponse" }-

Melih's reputation goes far ahead his title. I'd recommend to say "Talked to Melih, this was his response". Then many people would just laugh :)

-{ Quote: "Melih's reputation goes far ahead his title. I'd recommend to say "Talked to Melih, this was his response". Then many people would just laugh :)" }-

Come again?

-{ Quote: "Come again?" }-

Information is only valuable when it is accurate. Melih used to be known as agressive and demagogic type, which is untipical for CEO in general. This is why to be accurate you need to specify what CEO you talked to.

-{ Quote: "Information is only valuable when it is accurate. Melih used to be known as agressive and demagogic type, which is untipical for CEO in general. This is why to be accurate you need to specify what CEO you talked to." }-

Thanks for pulling in your personal agenda and ad hominem junk and killing this thread. :thumbd:

-{ Quote: "Thanks for pulling in your personal agenda and ad hominem junk and killing this thread. :thumbd:" }-

This thread is about "best" HIPS, so it is blind alley from the very beginning. There is not unbiased way to say which HIPS is the best. Though, some hints can be got from some tests. In general any tests are also biased (intentionally or not), for one because they use some restricted set of tests, for two because they are performed by human being. But testmysecurity is the worsest and most biased and misleading project I ever saw. I can repeat once again the facts people should know about testmysecurity before to make any decision:

1.) different products tested by different people is nonsense.
2.) different products tested at the different systems, accompanied by nobody knows what other products is nonsense
3.) old versions of the same product included in the same result sheet is nonsense
4.) and finally CEO who invented _this_ and continue to advocate and support _this_ should be named.

This is about the thread. My main point is the whole thread is incorrect. Instead of answering the original question it tuned into popularity poll and it can mislead a person who can try to make decision based on some links provided in THIS thread.

-{ Quote: "
4.) and finally CEO who invented _this_ and continue to advocate and support _this_ should be named.
" }-

Perhaps you should read more carefully next time before making similar remarks which contribute nothing to the topic in question?

-{ Quote: "
Well, users decide what to test.
the users who tested it wanted to test different versions I guess. As I belive different versions fix different things.

Melih
" }-

How he wasn't named in the first place?

Let's move on from this as I'm not very interested to know Alex_S's response anyway.

-{ Quote: "Perhaps you should read more carefully next time before making similar remarks which contribute nothing to the topic in question?



How he wasn't named in the first place?" }-

Actually, he was. I'm very very sorry :)

-{ Quote: "Talked to CEO, this was his reponse" }-

Thank you ;)

Anyway, also Comodo has been tested several times; here are just some tests:


http://forums.comodo.com/computer_security_testing_board/test_results_and_comments_comodo_3021329-t21466.0.html
http://forums.comodo.com/computer_security_testing_board/test_results_comments_comodo_fw_3018309_updated-t20717.0.html
http://forums.comodo.com/computer_security_testing_board/tests_results_and_comments_new_version_of_comodo_3020320-t20823.0.html
http://forums.comodo.com/computer_security_testing_board/test_results_for_comodo_firewall_pro_2418184_working-t20911.0.html


But on testmypcsecurity there's only one result of Comodo..

Ok Thank you :) Most users here won't be able to view those topics.
I will get the whip out and find out whats going on :) find out whens the next update. Get back to you soon!

edit:
Ok, From what I have read - there is no need to include other verions of comodo since they achieve the same result (explains why *.309 is there and not *.378 of comodo because they achieve the same results.) This shows the progress of the app, for example it's showing that OA has improved (Y). Tests results will be updated as soon new tests are created or users review and submit the results.

Hope this clears it up for you! and thanks for getting me thinking & asking questions :)

-{ Quote: "I will get the whip out and find out whats going on :) find out whens the next update. Get back to you soon!" }-

What's going on is quite obvious. Dirrefent rules are applied to different products. You can ask one of the testmysecurity testers Ailef why OA result that was better than Comodo result was never published by testmysecurity.

-{ Quote: "What's going on is quite obvious. Dirrefent rules are applied to different products. You can ask one of the testmysecurity testers Ailef why OA result that was better than Comodo result was never published by testmysecurity." }-

Can you please link me to the proof of this please.

-{ Quote: "Can you please link me to the proof of this please." }-

Ailef is this link. He made that test. Ailef is testmysecurity tester. I think you also can find him at Comodo forum.

-{ Quote: "I can't find a single standalone/classical HIPS test there (EQS, RTD/PS, SSM etc.), just outdated tests of Firewalls and Suites.

Do you really recommend this site for HIPS tests, no mistake?

Cheers" }-



You Can't? What about Process Guard or AppDefend they are Both Programed by Jason Annice a Brilliant Programmer and the Creater of the First H.I.P.S ever Released to the world>>>>>>.PROCESS GUARD

-{ Quote: "Ailef is this link. He made that test. Ailef is testmysecurity tester. I think you also can find him at Comodo forum." }-
False, He never said that As I've done some looking into this.

Do not make up claims about something just because you like it's "rival" You should be more worried about improving and helping out with it then degrading another.

I guess this thread will be locked pretty soon... Kyle don't worry mate. :)

-{ Quote: "I guess this thread will be locked pretty soon... Kyle don't worry mate. :)" }-
I do hope not! This thread is very interesting to me :)

@Alex_S; Please let's just keep on topic now. we both have better things to do :)

As high as i am over such great service that Malware Defender & Real-Time Defender offers, this particular topic question recalls to my mind that IMHO, the most formidable and strongest & unbreachable HIPS has to be EQSecure 3.41 when equipped with Alcyon's Rules.

Why?

With EQS you can literally fashion it's settings to perform even better then an LUA/SRP because i've tried it and it works! It's as simple as setting selected folders/files to block or blind any external/internal signals from even reaching them to begin with.

In my opinion, EQS is not been taken seriously enough and is grossly underrated for the all the protection that it offers for absolute CONCRETE SECURITY; especially if a user wants to keep their protection to a bare minimum of program safety.

hey easter ! will EQSecure 3.41 work with kis2009? And what is the download link for EQSecure 3.41 with Alcyon's Rules..?Thanks.......

Here are Alcyon's Rules + download link of EQSecure:
http://drop.io/eqsecure

thanks a ton murderlove........but can it happily co-exist with kis 2009 ?

If it can co-exist with KIS 2009 is something I do not know. But if you really want to know, test it. Make sure to make an image/backup/snapshot first before installing :)

EQsecure is compatible with x64 bit systems?

The Most Unreachable H.I.P.S to Date is "YOU" ( The Human Mind ) !!!
Any given H.I.P.S program only asks Question , Ultimately its "You" that decides Yay or Nay so unless you really understand what the question is that the Program asked you are not really secure are you?

Unless their design is flawed, HIPS will allow or block what you tell it to. Assuming the user makes no mistakes when answering its prompts, has configured it well, and has made it part of a well thought out security package, most classic HIPS have the potential to be nearly bulletproof. It's the "if's" that'll get you. Most likely, the HIPS won't fail. The user will.

-{ Quote: "As high as i am over such great service that Malware Defender & Real-Time Defender offers, this particular topic question recalls to my mind that IMHO, the most formidable and strongest & unbreachable HIPS has to be EQSecure 3.41 when equipped with Alcyon's Rules.

Why?

With EQS you can literally fashion it's settings to perform even better then an LUA/SRP because i've tried it and it works! It's as simple as setting selected folders/files to block or blind any external/internal signals from even reaching them to begin with.

In my opinion, EQS is not been taken seriously enough and is grossly underrated for the all the protection that it offers for absolute CONCRETE SECURITY; especially if a user wants to keep their protection to a bare minimum of program safety." }-Hi
I use the newest released CIS 3.5 on quite a few Vista based machines, and overall I'm happy with it.

I must say that having tried EQSecure 3.41 on a XP machine, I was very impressed. The depth and breadth of controls provided in that software is quite awe inspiring, to say the least, and with such a frugal use of memory. It could be turned into quite a formidable and impregnable beast by even a rookie like myself :), although it took me more than a few hours of trial'n'errors to fathom the flow, and alert responses etc.

Having ventured in it, I would like to go a bit further. I understand there is a V4B3 floating about. Is there any English lang about to go with it? I have tried to search for it, but so far the info has been very patchy.

-{ Quote: "False, He never said that As I've done some looking into this.

Do not make up claims about something just because you like it's "rival" You should be more worried about improving and helping out with it then degrading another." }-

To say "he never said" you should be him, shouldn't you ? Have you asked him personally or just making conclusions browsing some forum ?

In any case it doesn't matter as long as I have personally tested OA and it was really better acoording to testmysecurity tests. Though, it was ~9 monthes ago. And no, I should not be worried with helping and improving the things I regard as completely useless.

-{ Quote: "I do hope not! This thread is very interesting to me :)

@Alex_S; Please let's just keep on topic now. we both have better things to do :)" }-

The best thing we can do is to help people to be not disinformed. The only way to stay on current topic I see is to continue to say "it's impossible to answer the topic question" and "beware of the biased ratings, they lead you to biased conclusions".

-{ Quote: "The best thing we can do is to help people to be not disinformed. The only way to stay on current topic I see is to continue to say "it's impossible to answer the topic question" and "beware of the biased ratings, they lead you to biased conclusions"." }-

Well if you don't want people to be misinformed, Submit your results.

-{ Quote: "Hi
I use the newest released CIS 3.5 on quite a few Vista based machines, and overall I'm happy with it.

I must say that having tried EQSecure 3.41 on a XP machine, I was very impressed. The depth and breadth of controls provided in that software is quite awe inspiring, to say the least, and with such a frugal use of memory. It could be turned into quite a formidable and impregnable beast by even a rookie like myself :), although it took me more than a few hours of trial'n'errors to fathom the flow, and alert responses etc.

Having ventured in it, I would like to go a bit further. I understand there is a V4B3 floating about. Is there any English lang about to go with it? I have tried to search for it, but so far the info has been very patchy." }-

After conferring with member Alcyon who by the way has singlehandledly elevated the efficiency of EQS 3.41 with his tireless but concentrated efforts in fashioning the most outstanding of RuleSets which better advanced this Super-HIPS above & beyond the ordinary, we both reached a common concensus (at least for now), that version 3.41 is the most stable & formidable and supports the many mega-rules envisioned then created by him (Alcyon).

I corresponded with Alcyon over which version was most acceptable and the both us toiled at length over the "beta 3" and i for a time even ran "beta 4", but in both of those versions i experienced some serious "lag", in part and most likely due to Alcyon's loaded ;) rulesets; many that they are. LoL

On reverting back to 3.41 after experiencing those stalling issues, again i re-loaded "ALL" his latest and very In-Depth RuleSets into v3.41, and it had absolutely no problems responding to ALL those rules and carrying them out without the slightest delay at all in functionality or performance!

I do have beta 3 & beta 4 where it's driver weighs in at 115Kb compared to 112Kb and if you still wish to give it a try, i'll do some sorting this week and divide up the respective versions w/ english translation.

EASTER

Any here using eqsecure with avira premium? Coz i wan to use it tgt ;D .

Can both of them co exist?

-{ Quote: "After conferring with member Alcyon who by the way has singlehandledly elevated the efficiency of EQS 3.41 with his tireless but concentrated efforts in fashioning the most outstanding of RuleSets which better advanced this Super-HIPS above & beyond the ordinary, we both reached a common concensus (at least for now), that version 3.41 is the most stable & formidable and supports the many mega-rules envisioned then created by him (Alcyon).

I corresponded with Alcyon over which version was most acceptable and the both us toiled at length over the "beta 3" and i for a time even ran "beta 4", but in both of those versions i experienced some serious "lag", in part and most likely due to Alcyon's loaded ;) rulesets; many that they are. LoL

On reverting back to 3.41 after experiencing those stalling issues, again i re-loaded "ALL" his latest and very In-Depth RuleSets into v3.41, and it had absolutely no problems responding to ALL those rules and carrying them out without the slightest delay at all in functionality or performance!

I do have beta 3 & beta 4 where it's driver weighs in at 115Kb compared to 112Kb and if you still wish to give it a try, i'll do some sorting this week and divide up the respective versions w/ english translation.

EASTER" }-Hi
Thanks for your reply.

In light of your observations re v4, I'm going to stick to v3.41, and abandon any adventure on the v4 Beta for the time being :)

I hope in due course this excellent software does turn up in languages, other than Chinese, with all its upgrades.

-{ Quote: "Any here using eqsecure with avira premium? Coz i wan to use it tgt ;D .

Can both of them co exist?" }-Yes. And also Comodo Internet Security, just the firewall app. All three ie Avira, Comodo, and EQS happily chugging along, without any problems so far. It's early days though, about 5 days since I installed EQSecure, but it's looking very promising.

-{ Quote: "Well if you don't want people to be misinformed, Submit your results." }-

This will not help. I cannot test every product from the list. So my advise is to ignore those results. To say nothing this will be just "another voluntary testing of a single product", which is incorrect. Correct test should be run by the same person on the same system snapshot on the same computer (restored after every test cycle) for all the products.

i think EQS is nt suitable for me. Too many pop out when i open any app.

-{ Quote: "i think EQS is nt suitable for me. Too many pop out when i open any app." }-depends on the rules;D you apply.here no pop ups at all,ofcourse just block all;D by default;Donly allow the apps you regulary use,the rest is block including spywares and viruses

hello.........i tried EQSecure 3.41 with Alcyon's Rules but the pop ups kept coming incessantly. one more thing in Alcyon's Rules are the global rules supposed to be imported or not for the readme file says...- This ruleset is only for EQS v3.41 and Windows XP (English Edition) with SP2 or SP3.
- ALL rules must be removed before importing those new ones.
- The option "Automaticaly trust programs digitally signed by Microsoft" should be disabled.
- This ruleset should only be used as a template.
- Global rules must not be reordered.

EQS giv me too many pop out already. It is like controling which app that can be use rather than protecting me.

Naturally more coverage rules will spawn instant alerts. This is to be expected and not for everyone of course, because it requires manual fine tuning over a period of time to ratchet security Torque Tight! while at the same time greatly minimizing pop up prompts. EQS firewalls applications excellently but demands user attention on occasion like any HIP should.

One added benefit with EQS is it can serve as the perfect SRP.

@EASTER:
I have been unable to run EQSecure 3.41 with Alcyon's Rules under LUA with SuRun. Under LUA it reverts back to the Chinese language and then I am seeing squares etc. I believe that you ran LUA+SuRun+SRP+KAFU and EQSecure in the past right? Any idea how to fix it?

Thanks in advance.

@Murderlove: Well I´m neither EASTER or have used EQS, but maybe I can suggest a solution to your problem. Somewhere in your EQS folder you should have the English language file right? Right click and go to the security tab. There you have to add the name for the user account and/or check that you have reading rights for that user name. Now it should be fixed so you can see the English translation for EQS in your user account.

/C.

Hey Cerxes,

Thanks for a possible solution. I had already found a solution to the problem and I think it had something to do with your explanation as well. When I installed EQSecure, I installed it via my admin account. Then gave admin rights to EQS through the limited account via SuRun. Because of that I was getting the Chinese version, probably because some files in EQS did not have admin rights.

I then installed EQS via SuRun in my limited account, giving it admin rights upon installation. Voila, problem solved. I un-installed EQS by the way, I noticed a certain 'lag' because of it.