HIPS with Outbound Protection

im sure it still does give good protection, but i know it has some bugs still, and id prefer a product that is still being updated

 

Yes correct, the main problem with NG, is that it´s not stable on some systems, for example on my work PC, I get BSOD´s. Hopefully Arman will fix this in the coming months.

 

is ther any news wen production is going to start again?

 

I thought Webroot fiewall had the Dynamic Security Agent HIPS built in to it, likewise for Private Firewall.

IMO, the mass fascination with outbound control is unwarranted as its post infection detection. Security efforts should be first directed at avoiding infection. HIPS does provide that sort of protection. A lot of the outbound protection provided by a HIPS is a result of preventing the installation of malware (or a leak test) in the first place.

 

Malware doesn't require "installation". A self running properly coded executable is capable of leaking out through Explorer or IE via methods that any respectable HIPS should flag anyway. Of course, a HIPS can restrict the type of data that such malware can access, but how much data do you feel comfortable being leaked? I prefer to block ALL non-user initiated connections w/o a firewall rule and whether the firewall or HIPS handle the duties is immaterial, as long as they're blocked. With my current setup, using Windows Advanced Firewall (whitelist with no leak prevention except for system service spoofing), I need my HIPS to do the job.

 

No one knows. Arman- the developer of NG- has recently got a new job and he must be very busy in that. Though he said that development will be suspended for few months but i highly suspect that the development can stay still like this for many many months or even indefinetely.