Question: HIPS vs HIPS

I've been trying to find a solution for myself to lock down my system.

I would like to use a HIPS solution.

I tried threatfire at level 4 but it made my computer very slow on startup and would spin my drive a lot, I could hear it, on occasion if it became at all unresponsive it would cause system instability as well.

What I wanted to know was how/why some HIPS are better than other HIPS.

Don't they all lock down the applications allowed, lock down registry and startup settings?

Which is the most comprehensive?

Or do different HIPS protect different things?

I've done a lot of reading, I was eager to try EQsecure but no english, so I'm leaning towards trying Defencewall, but I don't want to keep clogging my system with stuff I'm going to uninstall.

 

Hi,

You can try Mamutu or Dsa, in my opinion Mamutu is very strong and light Dsa is more agressive.

Regards
Rules.

 

Hi, I'll try to answer a couple of your questions - for one I don't think that one h.i.p.s. is better than another, it's just a matter of which program works best for a particular setup, and which meets a specific individuals needs/wants, so it's not an issue of "better".

Most classical h.i.p.s. protect the same areas, most i.d.s. protect similar areas - they fill different niches.

It sounds to me like you may be wanting a classical h.i.p.s. - one where the user makes the decisions of what runs when, there is no "intelligent" agent to analyze behaviors on a system and make recommendations. If this is so, you may wanna check out real-time defender (based on prosecurity) eqsecure, we know the deal with that, or online armor free - i'm sure there are some others i'm not thinking of now, but they're around....

Mamatu and defensewall aren't classical h.i.p.s., mamatu is an i.d.s. intrusion detection system, it tries to analyze behaviors on a system and detect and prevent malicious actions based on what it finds.

Defensewall is a policy based h.i.p.s. it governs programs based on and inbuilt or added list and how it anticipates said programs to function.

The different approaches all can offer excellent protection - it just depends on the user and how he/she prefers to handle defense. A gun, a knife, and an axe all can offer protection, it's mainly the preference of the wielder.

You could easily use a combination of the above described approaches for "better, more well-rounded protection". But be careful - you can easily fall into a trap of concentrating so heavily on security applications that you wind up never actually using your computer besides fortifying it - something I was very guilty of myself in the past. These days I am focusing far less on security and much more on using my computer.

Good luck, and feel free to ask further questions

 

If it's a classical HIPS your looking for you might want to take a look at Malware Defender

 

Comodo Firewall's Defense+ is one of the most rock solid around.

 

You mention wanting to try EQSecure but no English?

The best, stable version, at present, is v3.41 and can be downloaded from below, also you might want to look at Alcyon's rulesets too.
You will find these rules here:- http://drop.io/eqsecure

These 'lock you down' and make your system almost bulletproof.

There's a lot of info on this forum on EQS so you won't be stuck for help and advice too.
https://www.wilderssecurity.com/showthread.php?t=193905&highlight=eqsecure

It's light, in fact so light it's almost invisible as far as resources go.

Have a look here:-

http://www.eqsecure.com/download/EQSysSecureSetup.exe for the official link to the English version

To preserve your config/training of the program simply close down the program from time to time and backup the EQSysSecure.xml file to a remote/backup location.
If you ever need to restore it simply make sure EQS is closed down and copy it back across, overwriting the current/original.

 

Thanks for all the suggestions, I installed malware defender and its impressive, somewhat complex to use, but powerful.

Smiggy, you touch on my original question, in that don't all the HIPS really do the same thing? Protect system files, lock down registry, lock down files, lock down application access etc.

If they do, then it doesn't matter if I use eqsecure 3.41, or eqsecure 4.1, but the fact that they did enough updating to go to 4.1 makes me wonder that maybe they added in new protection, for that reason I'd prefer to go with the most up to date version.

 

Either or, i think you've discovered by now that HIPS is your ultra LOCKTIGHT CONTROL mechanism be it COMODO, EQS, MALWARE DEFENDER, and what other that offers and proves secure protection as well as the details needed whenever an alert is raised.

Regards: EASTER