Previosuly discussed at:
http://www.wilderssecurity.com/showthread.php?p=533721&posted=1#post533721

Since anti-trojans only provide a bit extra help to the resident AV ANd are only focussed on trojans only, here's the question:

- Does anyone have any good alternatives to introduce to prevent trojans and also other malware?
If so, what are they? And any good security software to introduce?

-{ Quote: " Does anyone have any good alternatives to introduce to prevent trojans and also other malware?" }-As I mentioned in the other thread, anti-intrusion/execution protection is as good a preventative measure as any.

As I understand it, AT programs detect, not prevent from getting in, and would only be necessary if one wasn't confident enough in his/her good judgment and other preventative measures. (Same thing with AV)

-{ Quote: " And any good security software to introduce?" }-There are many good products - just search these forums for anti intrusion, etc. and read about the products, go to the web sites, etc. Personal recommendations are not as useful as on-hands testing, etc.

(lots of etcs, etc)

regards,

-rich
________________
~~Be ALERT!!! ~~

-{ Quote: "As I mentioned in the other thread, anti-intrusion/execution protection is as good a preventative measure as any.

There are many good products - just search these forums for anti intrusion, etc. and read about the products, go to the web sites, etc. Personal recommendations are not as useful as on-hands testing, etc.

regards,

-rich" }-

Ditto,
Rich
________________
~~Be ALERT!!! ~~" }-

-{ Quote: "- Does anyone have any good alternatives to introduce to prevent trojans and also other malware?" }-Online Armor (http://www.tallemu.com/) is a superb Host Intrusion Protection System (HIPS) that protects against a very broad spectrum of malware.

-{ Quote: "Online Armor (http://www.tallemu.com/) is a superb Host Intrusion Protection System (HIPS) that protects against a very broad spectrum of malware." }-


Online Armor also has excellent customer service. MikeNash is also willing to listen to questions/suggestions/problems and actually responds to them.

Online Armor also appears to be heading to be more "user-friendly" than a lot of the other HIPS products ot there. This might possibly be a product that combines excellent protection with ease of use. It is a product to research.


Starrob

Can I use Online Armor with Snoop Free? Are they essentially the same?

Thanks,
Jerry

-{ Quote: "Can I use Online Armor with Snoop Free? Are they essentially the same?

Thanks,
Jerry" }-
Hi Jerry,

They provide coverage for basically the same thing in regards to keylogger detection (using "behavior based" detection rather than signatures"), and while I know that Snoop Free is able to detect and prevent "screenshot capturing", I'm not absolutely certain if OA does this (Mike hasn't mentioned or indicated this for sure). But my guess is that YES, it absolutely does (because it would likely PREVENT the program from being installed on your machine *at the very least, alert you to it* and if it was installed before OA was, OA would likely catch it as it was activated to run). OA could also remove the offending program and all of the files that it created, if it was allowed to run by mistake.

OA provides more coverage in more areas than Snoop Free, and is definitely a product on the rise. While Snoop Free IS free and OA comes with a price....considering the additional protection that OA provides and areas that it covers (which could save you the headache of possible financial loss as well as valuable personal information and data), it is worthy of the cost.

Hey there! Just downloaded Online Armor and like it so far. What firewall to you use with it? I was going to use Tiny Firewall 2005 but there is a problem with compatibility between the two. I can't stand ZA and Sygate hasn't been updated in two years. I don't lke how much resources Kerio takes up. Any suggestions??? Also are there any other good programs to compliment Onlne Armor?

Thanks! :D

OA is planning on putting in a firewall, among many other things, in an upcoming version soon. FileSecLab makes a good free firewall, but I've been very very happy with Look n Stop. Mike has stated that you will be able to disable the firewall and use whatever one you want, should you decide to do so. To supplement OA I use NOD32, Ewido, and do some hardening (including using PreEmpt). I do use some other behavior blockers as well, but since they're still in beta I won't recommend anything until they're finished.

Hmmm, interesting bellgamin, thanks for mentioning OA, I had never even heard of it. How does it compare to ProcessGuard (which I have never used)? Does OA work with Opera? Thanks again.

Acadia

-{ Quote: "Hmmm, interesting bellgamin, thanks for mentioning OA, I had never even heard of it. How does it compare to ProcessGuard (which I have never used)? Does OA work with Opera? Thanks again.

Acadia" }-

Heres the thread on OA

http://www.wilderssecurity.com/showthread.php?t=83899&page=1&pp=25

World Industries

-{ Quote: "Online Armor (http://www.tallemu.com/) is a superb Host Intrusion Protection System (HIPS) that protects against a very broad spectrum of malware." }-

Hi, bellgamin.
I know you are the beta tester of OA.
Have you tried ProcessGuard or System Safety Monitor or Viguard as well?

How will you compare it with the above?

And one more question:
- can I run more than 1 intrusion detection system in my computer?

-{ Quote: "Hey there! Just downloaded Online Armor and like it so far. What firewall to you use with it? I was going to use Tiny Firewall 2005 but there is a problem with compatibility between the two. I can't stand ZA and Sygate hasn't been updated in two years. I don't lke how much resources Kerio takes up. Any suggestions??? Also are there any other good programs to compliment Onlne Armor?

Thanks! :D" }-

Hi.
Tiny Firewall 2005 is not simply a normal firewall which people refer to. Normal firewall here means Network Firewall. It also deals with many other things, and it's both network and application firewall.

So it's possible for OA to conflict with Tiny Firewall in this regard.

-{ Quote: "Hmmm, interesting bellgamin, thanks for mentioning OA, I had never even heard of it. How does it compare to ProcessGuard (which I have never used)? Does OA work with Opera? Thanks again.

Acadia" }-

Hi Acadia,

OA *should* work with Opera, but at the moment there is a known issue whereby the WebShield is somehow bypassed by Opera. We're looking into it - the idea is that OA should work with ALL browsers (its implemented as a transparent proxy).

Best way is just to grab a copy though - no need to mail me any more, there's a key on the site - although, I love to get feedback email, keep that coming guys :-)

Hope that helps

Mike

-{ Quote: "Hi Jerry,

They provide coverage for basically the same thing in regards to keylogger detection (using "behavior based" detection rather than signatures"), and while I know that Snoop Free is able to detect and prevent "screenshot capturing", I'm not absolutely certain if OA does this (Mike hasn't mentioned or indicated this for sure). But my guess is that YES, it absolutely does (because it would likely PREVENT the program from being installed on your machine *at the very least, alert you to it* and if it was installed before OA was, OA would likely catch it as it was activated to run). OA could also remove the offending program and all of the files that it created, if it was allowed to run by mistake.

OA provides more coverage in more areas than Snoop Free, and is definitely a product on the rise. While Snoop Free IS free and OA comes with a price....considering the additional protection that OA provides and areas that it covers (which could save you the headache of possible financial loss as well as valuable personal information and data), it is worthy of the cost." }-

JR, you do us too much credit - Screen Capture is not in there yet - but it's on the (ever growing) list. I'm finalising the 1.2 feature list this weekend - ScreenCapture protection is on it.

You are of course, absolutely correct that if the program is not allowed to run then it cannot snag screenshots - OA's webshield and program blocker will at least give you the opportunity to prevent it initialising.

(My favorite demo of OA was visiting Citibank's website with a keylogger installed - it initialised as soon as we got to the login page - it could have been doing screencaps as well, but the keylogger warning was enough to make sure I didnt type in real details - that, of course, and my lack of Citibank account).


Mike