What is your security setup these days?

What is HIPS, and which one would you recommend I try? Thanks.

 

Host Intrusion Prevention System

That would be a god idea, except that you are a newbie. I don't think that those products are for people with little experience. They can be quite powerful yet quite complicated. Essentially it is up to the user to provide rules for what can and cannot be done on your system. If you want to wet your feet a little try Threatfire or Mamuntu, a behavioral HIPS. But, stay away from rule-based ones for now.

There are many way of dealing with system security. I prefer the sandbox/virtualization method, where ther is little to no user intervention after getting everything configured.

 

HIPS / Host Intrusion Prevention System

 

Beat ya that time!!

 

Did'nt know it was a race.

 

Threatfire 4 is making positive advances IMO which are welcome indeed but MAMUTU is leading the charge so far, not to take anything away from TF. I meant what i said, TF is working on being historic and i wish them all the best.

EASTER

 

MalWare Defender Beta
Ashampoo AtiSpyWare 2 Guard trial(40 days)

 

Trying a lighter than light set up on the home PC (E5200@3Ghz, 2 GB RAM)

General security features
1. Behind a properly configured hardware router/firewall
2. Image backup's and data backup to external harddisk (connected only at backup)

PC specific feature
XP PRO Policy restriction Is configured as s (special) Limited User with extra Power User rights to change some system wide settings
- power user, with tweak to add limited user rights as extra option in SRP
- additional rules:
a) removed default rules of unlimited access to root, root *.exe and system32 *.exe
b) changed default rule of unlimited access of program dirs to limited user
c) reduced rights of data directories to limited user
d) set block to all temp + P2P directories (on D:\)

Spyberus (to guard installation of software in poweruser/user mode space), works well for this purpose

AVG Free
- default setting + tracking cookies

Security versus system performance
Although security now with two aps instead of one (was ThreatFire), everything runs real light because
a) Policy restriction is build in XP Pro (no extra)
b) Spyberus uses few CPU, it protects file and registry changes as a file driver (plus hook setting, driver loading and injection protection), so only when these change Spyberus uses overhead
c) AVG is fast on dual core machines with surprisingly little I/O

Using IE7 as browser

 

Active:
Defensewall HIPS 2.45
Windows Vista built-in security (AS,FW,UAC,DEP)

On-Demand:
Dr.Web Cureit!

Can anyone recommend me a nice AV for on-demand scanner only?
(not using any resources just like cureit?)

 

it is a Host Intrution Prevention System which one of main purpose it is to prevent or it is intended to protect critical areas of your pc like:application,files and registry in real time applying restrictions to get the best protection as posible i will recomend EQSecure and Malware Defender

 

As good as those products are, and they are, I do not recommend that people new and unfamilar with HIPS products use any kind of rule-based HIPS. EQSecure is perhaps the best of its breed but it is extremely difficult to set up. If you are not absollutely ceratin what you are doing you could end up 'fubaring' your system.

 

You could try AVP. If is an on-demand scanner from Kaspersky. It's quite good.
There are other ways to rid yourself of malware. Try some of the online scans, such as NOD32, or Housecall. They will require no instalations.

 

i am a new with this aproach too and i have to learn if i want to be protected for my own good,and now i understand it,if soulfood take time to read he/she will learn and dont need bunch of security apps(mediocre) in place or insted of a real time shield as a hips one day he/she has to learn anyway if interested.my only advice is read and try to understand and if you feel(soulfood)it is hard for you go simple with just with antivirus/antispyware

 

Areed. Learning is a process. Start simple. Then, when you're ready, evolve.

 

to be honest it takes time and some times couple of blue screens to the menu i also started simple too with only avira (free antivirus)

 

and when you've evolved you realize it's ok to go back to being simple

 

for me to be simple is 2 layer a well configure hips program and me in charge

 

Oh is this ever true. But to find the apps that KISS and provide moderate to good protection is the problem.

Sul.

 

My current setup are the following (Win XP Pro):

LUA
SRP (restricting choosen fileextensions and WSH)
DEP "AlwaysOn"
Comodo Memory Firewall
Avast (minor problem with the DEP "AlwaysOn" switch)
SuRun
Sandboxie
KeyScrambler
WinPatrol
Windows Defender (HIPS activated)

Even if I at times tries out different security applications/tools, those above mentioned are the ones I have kept for a longer period now. Regarding redundancy among these, then it would be between WinPatrol and Windows Defender (the HIPS part). But since they are both very light (CPU) and runs well together without any conflict (even at detection), I have kept them both on my system.

/C.

 

Active

Online-Armor 3 Build 190
AntiVir 8
Defensewall 2.45
EQS3.41
SandboxIE 3.30
Returnil
Mamutu - removed

On demand

MBAM
SAS (paid)
RootRepeal
IceSword
GMER
A-Squared
TinyWatcher
FileChangeAlarm
MJ Registry Watcher
Spyware Blaster
AVZ
Runscanner
FingerPrint
What's Running
RegShot

Backup

FD-ISR
True Image 10
DriveImageXML

 

No conflicts or slowdowns with 3 HIPS programs running?

 

Fortunately no. I've been running the same setup for a few months and occasionally tried TF and Mamutu. Not really convinced by these behavioural blockers though.

 

The real slowdown is when they pop up about everything and waste your time.

 

Fortunately Defensewall is extremely quiet. OA is not too bad for pop-up's but to be honest, EQS can be quite a pain sometimes. Especially as it sometimes take 2 or more Allow's before EQS accepts a rule. In Wife mode, I have to disable EQS or my mouse may get implanted!

 

MAMUTU?? What kind of program is that? i know of A-squared 4. But is MAMUTU a product with HIPS?

I use GDATA IS 2009. I dont think the firewall has HIPS. Is there a program i can use that has it? I use SAS PRO realtime and MBAM for scanning sometimes.