Two free HIPS instead of one full version?

Is it possible and adviceable to combine two free HIPS applications, to cover the same features and security as paid Safe n Sec, Prevx1, SSM full version or ohter? Because free versions usually lack some thing? (SSM full vs free)

I have read a few threads the last couples of days, and I am surprised to see how many different security app some use at the same time.

 

i think one HIPS is enough, and combining two would likely have some overlap. Cyberhawk might be a good partner for a HIPS though. or if the HIPS lacks registry protection, you could pair it with RegDefend.

 

Thank you

I have not tested any HIPS yet, but think I will soon. Just read and learn a bit first.

Dont know much about Cyberhawk, why would it be a good partner for a HIPS?

What about combinaton RegDefend/AppDefend, they should be made for each other?

Have read good things about SSM, but I may wait until I gain more experience. Because of my inexperience with HIPS I may try Prevx1. Also my girlfriend use the computer (not often), and I cannot imagine her answering to complicated popup-questions. If I go for Prevx1, do I "need" Cyberhawk or other to "complete it"? I have seen other users here combine Prevx1 with other "stuff", why? Because they actually get more security, or because they think they get more security?

And could someone please tell me if Safe n Secure is a "complete" solution for a starter who is not afraid to learn?

 

I try to find out what suits me better, and what I really want. Free, full, combo or not.

1. I choose one strong HIPS paid/full version. SSM, Prevx1, SnS or other

2. I choose one strong HIPS paid/full version (see above) and a free alternative if needed

3. I choose two free alternatives if they complete each other (Cyberhawk or RegDef could be one of them)

I could end up with something like this:

Nod32
Windows FW - later Comodo v3 when released or other
HIPS - see above, 1, 2 or 3
Other - SAS full and maybe BoClean (dont know if needed)

Also - ondemand/online scanners. KAV, AVG etc...

Would be fine if one of the HIPS had a feature similar to StartUp Inspector, an app I used before, which in an easy way (checkboxes) let me decide which app should startup with Windows.

For AS I used Webroots Spysweeper. It would notify me when a program tried to add itself to the startup, and I was given the opportunity to deny. But I have decided not to use Spysweeper anymore.

 

IMHO, if you want to get the best available all-around protection with the absolute minimum of knowledge and fuss you should have:

A Router to really protect you from the outside threats-
A software firewall which is easy and effective like Comodo is now-
An antivirus like the one you already run-
BOClean , to effortlessly counteract any Trojan&Malware threat-
Cyberhawk to act as behavioural blocker and take care of all the rest-
PowerShadow or similar to go to Web sites with total impunity-

All that is free and needs no particular knowledge whatsoever.When you or your girl friend will be at ease with all these and will know a bit more, you can run something like ProSecurity, if you really want a full fledged HIPS which is understandable , simple, linear and wont BSOD your pc because you forgot a comma a month before like others tend to do.

Best wishes,

 

Thanks

I had a look at the Cyberhawk userguide. Looked OK. Not difficult. Most important difference between FREE and PRO is deep rootkit-scan. I cover rootkit-protection with other app, so FREE version is good.

As for PowerShadow and similar - not for now. I consentrate on HIPS first. Theres so many to choose from. And so hard to find which standalone or combination of two that cover the most, and at the same time is not too user-unfriendly.

 

I've trusted in System Safety Monitor exclusively and proven it's benefits, no it may not be the iron wall most expect to find in HIPS, but it is a total package of monitoring at various levels and alerting when configured properly.

CyberHawk is another that springs to mind and in fact for a time i regularly ran both with no ill effects or any serious issues to speak of. Did they work? There are plenty of demos to put them thru tests on as well as "live" malware. I wouldn't recommend however doing "live" unless you first used a
Power Shadow/ShadowUser/DeepFreeze/sandbox or some other type of blanket protection from an infestation spreading.

EQSecure is another one that is only recently surfaced here in the forums but shows some promise i must say from early results being reported from it.

 

When you are behind a hardware FW,

The combo I liked for ease of set up: DefenseWall-HIPS (100% quite) and CB-pro. On this forum you can find clues on how to set up data protection and registry protection with the Pro version. There both paid HIPS.

A good free easy to use combo:
- free sandbox (GeSWall, BufferZone, Sandboxie)
- free behavioral blocker (CyberHawk, EQSecure)
- free anti-executable (start with light ones, which are fully functional
on theire primary aspect, like PG or DSA)

When you manage to setup EQSecure, you would not be needing a anti-executable any more (it has so many features see review on this forum).

SSM-free is compared to its rivals the best to use as clasical HIPS (paid version of ProSecurity is as strong with nicer UI compared to SSM-paid). EDIT: Although DSA is also quite strong, see ZopZop's post

My favourite classical HIPS:
- PG ease of use
- DSA even simpler and blazing fast, chew up every leak test (in the time
I thought leak test were relevant) I threw at it.
- SSM free (so much for so little, so light on resources I even preferred it
over the SSM-Pro)

I liked Antihook (also sole purpose freeware, the strongest Parent - Child control available as freeware, throws a lot of pop-ups), but after you learn what is going on your PC, the use of controlling it reduces (a nice bold claim of MrK which I endorse partly)

Other HIPS:
- seamless sandboxes like GeSWall Pro and DefenseWall
- user friendly HIPS like PrevX1

 

Thanks for good info

I create/restore images with BootIt NG, so I will trial HIPS, and then I can restore an image if something goes wrong, or I dont like it.

I have decided to go for free alternative first.

Since I dont think one free can give as strong and complete protection as a full version, I have decided to try two. I wait and see if there will be more replies, and in the meantime I read some other threads to learn more. And when I find the two free alternatives I think will complete each other and offer great protection....time to test Cyberhawk definetely is among those I consider.

 

Try the following combo of freebies:
- GeSWall free and DSA free or
- CyberHawk free and BufferZone free

This would also provide enough outbound protection when behind a hardware firewall. During the training period of DSA free, use PrevX1 free (it has a black list and whitelist, so you will be safe when deciding what to pass).

 

Thanks Kees

I will check out those combos. And Prosecurity Free.

Since my last post I have tried SSM Free, for a very short time only. I found it to difficult for me right now, but I did not take the time to learn it. I think I could learn it, but I start with someting easier.

 

Hi,

Have a look at this board, although Prosecurity Pro is as strong as SSM with a nicer GUI, the free version is very crippled down version (unlike SSM). From all those anti-antiexecutables SSM free and DSA have the broadest scope.

SSM free won't be updated is my guess, but a new version of DSA is likely to be released in the future. When comparing DSA with SSM-free:

a) DSA is an antiexecutable with the ease of use of old ProcessGuard
b) It offers all what SSM offers, but
- registry protection is much stronger
- sensitive os files protection is tronger
- has got an inbound/outbound protection which passes all leaktest

c) one minor point it checks the MD5 hash to verify whether a program is changed, it only does not stop process modification like SSM-free.

d) It is just a bit faster