What is the difference in protection using UAC (User Account Control) on W7 64bit vs HIPS like Comodo or Online Armor? Is there any benefit in using UAC with one of the above HIPS? How does UAC function to prompt you when something is attempting to perform an action on your machine VS a modern HIPS? Do they function similar or do they behave totally different? Lastly, is their any benefit in running UAC with a good AE (anti-executable) like Faronics or say PG from Blueridge Networks once it is compatible with 64bit? What type of attacks is UAC able to block? If i only better understood the mechanics in which UAC works ???

if you are runing anti-exe or hips programs dont realy need uac;) a hips programs alerts as the uac alerts and hips programs do more protection like start up registry protection and programs/files keyboard protection etc etc,the anti-exe is silent but one of the most secure around:thumb:

UAC and HIPS caters to different scopes of protection....

User Account Control (MSDN) (http://msdn.microsoft.com/en-us/library/aa511445.aspx)

In simple terms: With UAC on, you are basically running as a user with standard rights system-wide and you only 'grant' admin rights when you approve the UAC prompt for a certain task/app. If you disable UAC, you are running as a user with admin rights. And in security perspectives, that isn't a good idea.


HIPS (http://en.wikipedia.org/wiki/Intrusion_prevention_system)

With HIPS, it "monitors a single host for suspicious activity by analysing events occurring within that host."

Spot the difference now?

I'd suggest keeping UAC on even if you have HIPS installed or when running an AE. I'll leave it to the rest who are more knowledgeable to put in the right words to explain why this is recommended.

-{ Quote: "if you are runing anti-exe or hips programs dont realy need uac;) a hips programs alerts as the uac alerts and hips programs do more protection like start up registry protection and programs/files keyboard protection etc etc,the anti-exe is silent but one of the most secure around:thumb:" }-
silence + security = keeper:thumb:

hips covers alot more when it comes to security to any thing withing the system,SRP and anti-exe are also goot have for peace of mind:) with a hips you will be cover for all types of attacks,including system attacks

-{ Quote: "hips covers alot more when it comes to security to any thing withing the system,SRP and anti-exe are also goot have for peace of mind:) with a hips you will be cover for all types of attacks,including system attacks" }-


Absolutely true, and well said jmonge.

Use any good/compatible HIPS/AE, but with UAC enabled. Any executable want to make critical change, at least UAC will warn you. UAC complements good HIPS/AE softwares.

UAC encompasses more than just "the prompt." (http://www.sevenforums.com/system-security/92159-bad-turn-off-user-account-control-7.html#post800206)

I used HIPS when I ran as admin on XP. On Windows 7 however, I use a limited user account for everyday activities, UAC on max, AppLocker, and no HIPS.

I will keep running in Admin mode in XP, because I prefer to do it that way...until make the change to Windows 7 or next release. I will learn about UAC, etc... then!...and not before.

So, for the present I still use HIPS. :)

-{ Quote: "I will keep running in Admin mode in XP, because I prefer to do it that way..." }-


I too. No UAC, no SRP: multi layer defense, not only - but " especially " - HIPS based.

i have enough with hips,more than enough;)

-{ Quote: "i have enough with hips,more than enough;)" }-
hmmmm hopefully everything allright J!!!!! saw a sudden change of signature:wacko:

-{ Quote: "UAC and HIPS caters to different scopes of protection....

User Account Control (MSDN) (http://msdn.microsoft.com/en-us/library/aa511445.aspx)

In simple terms: With UAC on, you are basically running as a user with standard rights system-wide and you only 'grant' admin rights when you approve the UAC prompt for a certain task/app. If you disable UAC, you are running as a user with admin rights. And in security perspectives, that isn't a good idea." }-

Ok, Safeguy, I see. UAC allows one to run as an under privilege user with Admin rights on the fly. I'm going to do some more research on the fine mechanics of how this is accomplished. Thanks Safeguy!

Cutting,

recommended reading, check it out:

-http://technet.microsoft.com/en-us/library/dd835561%28WS.10%29.aspx

whta i meant was the to have hips is more than enough security,powerfull;) :thumb:
i am testing this litle chihuahua:)