Best free complement for SSM Free

Appdefend has basic allow/deny outbound network control of applications. For simplicity and to stop overlaps with ssm it can be setup to just control network connections.

 

Hi, I need network control applications only.

Like some said, i do not need hundreds of popups coming.

I tried appdefend, but it's a little bit to much for what I need (process allow or block like in look and stop)

Thanks

 

I don't know if you have used it or not, but it does more than just signature scans. I've had it alert to 'suspicious' behaviors (albeit by other legit security apps) that had nothing to do with signatures. On several occasions it has given me prompts very similar to what I have received from SSM, all of which were behavioral in nature rather than signature based. It may be scanning processes as they enter memory, but how is that any different than what a HIPS does? I don't think SSM or any of the other HIPS alert on anything until the process initiates and enters memory. BoClean also alerts if an app is not on the exclusion list and attempts to view or open certain system folders. Again, that is behavioral analysis, and has nothing to do with sigs.

 

because I posted in the "anti-malware" forum, and I am hoping that the discussion will restrict to a free HIPS complement to SSM free, instead of a replacement to my other security applications like my firewall and antivirus.

exactly

 

Hi, folks: What would happen when there is not many options available for your precisive question? Asking us to INVENT one for you? Like I said earlier, if fw can not control outbound network access, that firewall is only a HALF-firewall, like border patrol checking influx traffic while allowing any exiting flow-- a big joke. We simply suggest you to examine closely your mainframe setup, perhaps incidently something can be improved from thereon. Again it is your private business, take it or brush it aside, no harm is done. Meantime some members here may ,just may get benefit from these outside- subject types of discussions. I would listen very seriously to what other peers have advised. Perhaps some day in near future you may just need them. Have a nice choice.

 

I see

I'm still convinced you do not need to add anything to your current security profile. It looks rock-solid to me. If you don't like the firewall, there is no harm in trialing another product, since you may come across something you like better.

 

I would go for sandboxing solutions as an add on to SSM.
As they are guarding on the answers that you might not be able answer right when SSM popups are given.

Currently I use PG free instead SSM since in my previous computer some problems with SSM cause my computer itself was not so stable.

Anyways, I have more ease with PG as a not so knowledgeable user and as a solution and as a complementing to a hips I run Sandboxie.
NOW I am thinking with my new puter to try SSM again, but afraid to get paranoid from them popups, especially as I now run Comodo, that causes that too, heh.

I like Sandboxie anyways very much.

 

A couple of things become evident from this thread...
1- Opinions are like noses. Everybody has one.
2- You ask people: "What time is it it?" and some of them will INSIST on telling you how to make a clock.

Meanwhile, back at the topic -- I suggest that you...

1- Take a good look at the HIPS Comparative Features Table over on THIS page.

2- Scroll down the column headed "SSM" and take notice of those line items where SSM has a "No" entry -- meaning that SSM lacks that particular capability.

3- When you see a "No" entry for SSM, scroll ACROSS and notice those columns which, unlike SSM, have a "Yes" entry. Then notice which HIPS program applies to each given "Yes" entry. Ostensibly, that particular HIPS application will *probably* complement-rather-than-duplicate SSM with respect to that particular HIPS capability.

For example, the above defined technique shows that OnlineArmor could be a good fit with SSM. One of the MANY nice things about OA is the fact that it is very modular -- allowing you to enable just those specific modules which you want to use. (On the other hand -- unlike DSA -- OA is not free.)

I just hope you make a back-up image of your system disk before you begin testing out all these suggestions you are getting here. Otherwise, if you suddenly stop posting, we will have a pretty good idea of WHY.

 

Bellgaming, may I ask something, since I tire to read all the posts that have been written before?
To another hips or what might be another addon that would not have so much overlap with existing software running? It was a very nice feature review (if reliable of course, but cannot comment), but it was not something that could go adding much protection as complementing to SSM?
None as much as virtualization software in my opinion.

 

If this was already mentioned my apologies for double listing but i found EQSecure (Beta) quite a dependable piece of work alongside System Safety Monitor.

A lot of very good program suggestions are already mentioned in this thread but with this i'm focusing strictly on HIPS since SSM (free) is one. Many will say you don't need but (1) and for most this is true, however dual-shielding like that is been one of my system's strong points when it comes to monitoring/intercept apps like this.

CyberHawk is due to release yet another updated version that promises to correct some limitations discoverd so i would definitely keep an out for that one too when announced. Is been a STRONG performer for me.

 

Just configure the default rules to only monitor network connections and nothing else. You can do the same with prosecurity. This way the only alert you will get is when something tried to access the network.

For example,

 

IMO, virtualization software is the *third tier* of security protection. Concerning which I rank security apps (generically) as follows...

First Tier (Most important) - Make periodic/frequent images of your system disk onto an external hard drive.

Second Tier - Router

Third Tier - Virtualization software

Fourth Tier - Classic HIPS w/application control

Bottom Tier - Broad spectrum AV with strong heuristics

Further unsolicited opinion- The notion that virtualization is bullet proof is questionable. There never was a horse that couldn't be rode. There never was a rider that couldn't be throwed.

If you put all your money on virtualization, then keep running & never look back. Why? Because some day, some how, when you least expect it -- something evil WILL be gaining on you.
(bwa-ha-ha-ha)

 

No doubt this one should be practiced FIRST & FOREMOST above all others.

Since falling into the lap of FD-ISR it's proven a vital recovery program that's greatly improved my own priority of establishing several backups where before i must admit i didn't take it so seriously or else laziness got the better of me. Power Shadow does the virtualizing for my systems while FD-ISR's snapshots are ARCHIVED ahead of going Online, and with the whole ball of wax Imaged beforehand by Paragon, for the first time in a long time i finally have full control of this system/programs etc. and solidly shielded plus preserved from ANY malicious encounters, beit self-made or forced unawares.

 

@Easter, I can see that your enthusiasm for EQSecure is almost at par with PowerShadow. May I ask how it complements SSM Free? Might give it a try...

 

Without hogging up too much bandwidth i'll see if i can at least post up some screenshots soon that will offer you a better overview of the reason for my enthusiasm of EQSecure.

In addition, i tested some extraordinary malwares on it and they were duly intercepted by EQ that as with any HIPS they should. The only thing that concerned me was that with some of my tests the same PROCESS that attempted to signal and/or enter my system WHICH WAS BLOCKED also remained in the running processes list which an experienced user might simply close out, that is if it would close out at all without a reboot. Now mind you this was the very first beta posted here at Wilder's, i did experience some sort of issue after installing the following version after that and i'm not certain if another release since then has been published for distribution yet.

 

Very interesting thread. I'm looking for a good free HIPS app was about to load SSM until someone posted in another thread that it may conflict with Avira Premium AV. I currently have Avira Premium, ZA Pro, and BoClean installed.

Someone mentioned ProSecurity Free, and I was impressed after seeing the Castle Cops comparison wiki. Then I read their conclusion, and they seem to recommend SSM.

What I don't understand is McAfee's Site Advisor. Who's in control of that program and website? It's supposedly one of the largest vendors, and they never seem to update the Site Advisor info. They give ProSecurity's site an X, because it links to a questionable site.

http://www.siteadvisor.com/sites/proactive-hips.com


Their analysis of the program is clean (as is all the downloads they've tested from the site):

http://www.siteadvisor.com/sites/proactive-hips.com/downloads/4041979/

I really like Site Advisor as it does keep me from selecting sites that aren't what they seem to be, but sometimes their warnings are absurd.

 

Quadraphonic,

All capabilities of ProSecurity are that of teh Pro version. The free version of Prosecurity lacks many features in comparison to SSM-Pro.

When considering free: SSM-free although old has much more features than Prosecurity free. When considering paid, I think their on par, with ProSecurity having some nicer interface.

Regards K

 

The main advantage ps free has over ssm free is network protection, it can control both inbound and outbound connections. Other that that ssm covers more areas.

 

Another advantage of Appdefend free: It can be configured as a behavior blocker. Pitty the nag-screen is so irrating. Can't it be stopped using AD itself?

Regards K

 

I gave up on DSA, I always have to manually start it's service, even though it set to automatic.
Now trying SensiveGuard. Is there any setting I need so as not to duplicate SSM Free features?

 

update:
I'm almost sold with SensiveGuard until I tried it with P2P, although I created a rule to fully allow the P2P app, it keeps on asking for every port the P2P app uses...
Am now trying AppDefend. I configured it as Farmerlee suggested, that is just for network access. Works well, so far. Very, very light. Now, if I can only live with the nag screen...

 

I still stand strongly in support of EQSecure as a very good "free" compliment to SSM. Of course there are others including AppDefend which i also personally like myself (except NAG screen )

Keep an eye on the Experience EQSecure topic in these next following days since a new release is due out very soon. Version 3.4

If it can prove out to offer even more added benefits along with the bug fixes suggested it should create quite a stir. I'm excited for it from experiencing and testing it's first beta release.

This field appears limited ATM because of the interest in the "free" HIPS and only a choice handfull offer reasonable enough safety with these type versions to run them full-time.

Regards: EASTER

 

Pardon me if I miss it, Easter, but does EQSecure control network access? I'm also very interested in this security app.

btw, I can see that you've trim down your security apps

 

I wouldn't expect HIPS like CyberHawk, AppDefend, etc. including this one to fashion network security per say since that's better left to a separate firewall app IMO, but then thats just me and those developers also seem to think along these same lines. SSM added some network security feature but i halted at some versions before it was added for fear of both bloat & the fact "IF" SSM did by chance get taken out there would be no network protection at all without a firewall.

And you're quite right, i've returned to once again eliminating completely any AV protection and maybe not even On-Demand since you can always do a OnLine virus sweep at sites that offer it. Frankly, once i gauged the entire spectrum of threat possibility, i found again that HIPS was more than adequate enough to intercept & shield from ANY incoming signalling to my system or files system, Low Level or user-mode, but if that wasn't enough POWER SHADOW will fill in any remaining blanks perfectly and all i need is a single reboot to flush away anything shadowed during that session.

When you can finally fine tune your machine to the point of this delicate a sensitivity and support that with a dependable RollBack (FD-ISR) as well as IMAGING (Paragon) solution you've pretty much sealed the fate of any intrusions whether forced or self-initiated.

 

Well, maybe I can add EQSecure to my security app as behavior base HIPS.