which has/is the best ...almost unbreachable HIPS to date..?

hello.......almost all security suites....firewalls...and even stand alones today stress on hips........i was wondering which one should be preferred....outpost 2009...kis2009...OA.....or..any stand alone...which one would provide best peace of mind....with top notch protection.....

my current set up:
laptop and home pc-kis2009+spysweeper 6
office pc's-outpost pro 2009+avast 4.8/avira

 

Suite:
KIS 2009

Firewalls:
Outpost 2009
Online Armour 3
Comodo 3

Standalone:
Real-Time Defender
Malware Defender
EqSecure (with Alcyon's Ruleset).

I personally use KIS, Comodo, Outpost 2009 in my systems. You should test them out, see which one suites you best. IMO, they are all very effective.

 

This is the question which is impossible to answer. One needs to run a lot of the same tests for all the software in question under the same conditions. The only resource I know which satisfy those requirements is Matousec, but his set of tests I think is a _bit_ hm .. biased .. toward his personal ideas. So one should take them only as a hint

 

There's nothing like trying them out and judging for yourself. As mentioned, since all software runs differently on different systems, it's hard to make summary judgements. Personal 1st hand experience on your own machine can't be beat.

 

I like the middle level D+ in Comodo's new RC2. You can later check keyboard and screen access detection. I'm running it with the AntiVir Suite (without the Avira firewall.)

 

Hmmm... You might get more answers to your questions about HIPS if you ask them in the Wilders forum that covers HIPS, which is Other Anti-Malware.

However --

IMO the BEST classical HIPS are (in no particular order)...

Malware Defender

System Safety Monitor

Online Armor

As I see it, the BEST behavior-blocker HIPS are (in no particular order)...

Mamutu

Threatfire
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

If you are an experienced computer wonk, or if you are patient to research pop-up alerts from time to time, then you should use a classical HIPS.

On the other hand, if you want *almost as good* protection as is afforded by a classical HIPS, BUT with less pop-up alerts & less need for user to have expertise, then you should use a behavior-blocker HIPS.

 

Simple answer, Comodo.

 

Comodo's HIPS default settings are improved for less pop ups in CIS 3.5. Off course, you can tweak & customize it anyway you want.

 

+1 for Comodo. Its the best in terms of sheer configurability and feature set. Not for novice users, but its a sword in the hands of a Ninja.

Also another reason, I support Comodo is that it provides similar protection across platforms ( XP, Vista x86, x64). Which is not seen with some other products, like KIS2009 HIPS is limited in Vista and most products are not functional in Vista x64.

 

Hi,

I feel secure with Online Armor's HIPS

Regards,

MaB

 

It was infact ProSecurity. Sadly it died.

Now CFP Dfence Plus and OA HIPS are good choices IMO.

 

Yeah, the CIS 3.5 provides much better out-of-the-box experience, lot less noisy.

 

IMO default settings of CIS are not good. Default settings of OA are better than CFP. Although CFP has more granular control but they made default settings weaker while reducing pop ups. OA default settings are quite strong while still maintaing less pop ups.

 

COMODO wouldn't leave you vulnerable knowing so. The technology has been updated as well, So it plays nicely with CIS AV or your pre existing AV, Where the AV covers the other D+ Settings, etc...

 

The main problem of CIS is that its antivirus is one of the worse antiviruses in the world (now..).

I'd install a good antivirus plus a good firewall/HIPS, like Online Armor or Comodo

 

I agree with you aigel, the default D+ settings in CIS are not good.
Josh please try some tests with it, you will find the default settings aren't that great, For example keyloggers can record keystrokes. Though you can easy change the settings and then it's bullet proof

 

*Read* for files and folders is only things which missing from CFP, and huge amount of rules are making CFP secured systems very slow when creating new rules (don't know is this improved in newest CIS)...
KIS 2009 HIPS don't have such problems, but KIS 2009 in other hand missing some APIs to defend...

 

AV is not so good ATM to be relied upon.

Two thing. First I was surprized that by default explorer.exe is allowed to execute any thing withoput any execution alert.

Secondly I think they must have an option where it scans C drive/ partition and mraks all executables on C as trusted alongwith a large white list. It will make popups very less. Also default mode should be free of parent child relations for Execution just like OA and PG.

Current complex Parent child relation can be left in adbanced mode for advanced users.

 

Try Outpost firewall is better than online armor

http://www.matousec.com/projects/firewall-challenge/results.php#firewalls-ratings

 

Please tell us why that is.

Matousec
That is reffering to Leaktests, A good place for HIPS tests etc is at.
www.testmypcsecurity.com

 

Matousek tests the HIPS more than the firewall, ans it's more impartial than testmypcsecurity, which is sponsorized by Comodo

 

Negative, it is totally fair. Anybody may Join the site and download + submit the test results them selves.

EDIT: Also unlike matousek - www.testmypcsecurity.com does not charge the providing developer per newly submitted version.
It's a test for the people by the people.
Some people believe that some of the tests running on Matousek are irrelivant in the real world.. This has been discussed in another thread, if your interested please search for it but stay on topic here

 

testmysecutiyt is much more misleading than matousec. For one it is not professional, different products are tested by different people under different conditions and finally it's obviously biased.

 

Most enviroments are not the same, Thats why you may download the tests and run them your self, and make up your own mind about the program. and please stop making false claims of things being biased as any one that uses any program has an equal oppertunity.

 

I AM in the testmypcsecurity team, but I don't think it's fair to put in the comparison 5 different tests of Online Armor (so that they can show that previous versions of OA weren't good), and only one test of each of all the other products.

I've already said it in the board, but nobody listened to me (edit: or maybe I wrote a PM to melih.. not sure..).