Any stand alone Behavior Blocker left?

Mamutu and Threatfire is gone with the wind. Is there any Behavior Blockers left?

 

Not really. Only way to get them is to use AV that has it (AVG, Comodo) and disable all the rest of their features. It sucks i know but that's all it's left now. I did like ThreatFire (and Cyberhawk before) as well, it was free and it actually performed really well back then.

 

Micropoint Proactive Defense is still to download from its own page, but I don't know is it still developed or not...my latest installation of it was in Dec 2011.
http://www.micropoint.cn/download.php
Quoting older thread

https://www.wilderssecurity.com/threads/my-micropoint.164621/#post-939423
http://www.turboimagehost.com/p/9970169/2011-12-06_22_26_49.png.html

We can also still download standalone version of DSA that is currently included in Privatefirewall
http://fileforum.betanews.com/detail/Dynamic-Security-Agent/1150224527/1

 

Mamutu was awesome

 

It still is.

 

Except if you are a new user you cant get it as it needs activating or buying when i tried it recently.

 

"Proxy Error
The proxy server received an invalid response from an upstream server.
The proxy server could not handle the request GET /.

Reason: DNS lookup failure for: hot.hotdownloads.com"

Cant download "Dynamic Security Agent 2.0" either
Has anyone got a link for DSA please?

Martin

 

Martin...check PM
ThreatFire is to download from Tom'sGuide...link works properly
http://www.tomsguide.com/us/download/ThreatFire-AntiVirus-Free-Edition,0301-30933.html
and DSA from Brothersoft but they offers only downloader not real installation file and one must to be careful not to install crap-software
http://www.brothersoft.com/dynamic-security-agent-48732.html

 

ThreatFire doesn't work on Win8 at all. So why even bother. besides, it's dead and ineffective now.

 

thanks for the dsa pm

 

v 2.0.11 22 Nov 2007 17-42 digital signature

Looks like the pm version is a bug fix out of date.
Does anyone have the slightly newer version?

thanks
Martin

 

Sorry..I have only that one...and here there are some useful info about DSA
https://www.wilderssecurity.com/search/970092/?q=dynamic security agent&o=date&c[title_only]=1

 

ok thanks for the reply.

All links refer to v1

 

I think that largely, these stand alone products have been replaced by HTTP/HTTPS scanning, URL Validation, and IP screening.

I would recommend getting something on the front-door of your network to replace these kinds of products. Either a SOHO UTM appliance, or one of the newer routers that have it. ASUS RT-86 series have Trend DPS (deep packet security), which according to some tests, such as PCMag catches 80%+ of the threats at the door. Then all your stand alone AV's need to worry about are 20-40% of the threats out there. I personally think these types of solutions replace things like Threatfire.

 

Mayahana:

They still cost a far amount of money compared to free or 10s of pounds

 

I guess it depends on what a lot of money is to each of us. You can buy a cheap, yet effective UTM for under $200. The RT-86 will set you back $280, I just bought one today myself, but that comes with a 'lifetime' license to Trend DPS, which costs enterprise customers - at the least - $500-$1000 per yearly renewal.

But given the $280 is for the fastest consumer router in the world, and lifetime Trend @ 80% detection, that's probably not a bad deal. Then whatever AV you use is probably adequate.

 

@Mayahana: Based on a few quick searches, it looks as though the Asus AiProtection feature includes support for malicious URL checking (on HTTP URLs at least, I didn't attempt to research HTTPS MITM capabilities) and checking remote IP Addresses to see if they are known C&C servers. Are you familiar with how those work? Do you know whether those and/or other protection features are cloud based and involve the router phoning home information about traffic/activity?

 

ASUS licensed Trend's Enterprise Deep Security Platform for inclusion into their hardware. The primary impetus for this was the well known 'hacks/attacks' done on ASUS routers last year, and the year before that which cost Asus quite a bit in the reputation department. The inclusion of enterprise level security in a home router is largely a response to that, and to help ensure it doesn't happen again. TDSP also checks clients that attach to your network for vulnerabilities, and malicious activity. So if someone has a laptop in your home, connects to your network, and has an active bot on it, ASUS/Trend will close off that client until the situation is resolved, and alert you to this activity. That way compromised guests don't compromise your network. What isn't really mentioned is with TDSP it will literally 'patch' your router on the fly to block new, even unknown exploits/attacks/malware, this is exceptionally advanced enterprise level activity for the home.

Trend Micro’s TDSP for ASUS features four-phase defense to address the before-during-after stages of home network security. This in effect is a complete, systematic security system process at the front gate.

1) It will check the router configuration--for example, the password strength, to lower the risk of being compromised, ports open, incorrect settings, potential exploit openings..

2) Both inbound and outbound malware protection. For inbound protection (attacks from outside), Trend Micro’s Intrusion Prevention engine protects system and application vulnerabilities of the router and home network devices, and creates a “Virtual Patch.”. Essentially patching the vulnerability on the fly, while alerting you to the activity. The idea behind this is even when exploits are found, users don't always apply new firmware. This solves that to some extent.

3) For outbound protection, TDSP checks the Website or server’s reputation and integrity before users attempt to reach malicious ones. This process is so fast as to be transparent.

4) Stopping infections - If a PC or handheld device gets(or already is) infected by malware, it will have some abnormal behaviors such as talking to a hacker’s “Command and Control” servers or trying to infect neighborhood devices. The solution could detect and notify so that users clean up accordingly, or to block the compromised machine until remediation takes place.

Some additional notes, this technology will likely appear on less costly models in the future, although that will depend on the hardware capabilities of those, and other factors obviously. Since it's essentially a consumer version of TDSP you can read up on that here;
http://www.trendmicro.com/us/enterprise/cloud-solutions/deep-security/

 

So what Anti Virus has a good Behavior Blocker other than Emsisoft Anti-Malware?

 

Asus's solution is interesting but I don't know how it can be compared to the behavioral blocker or similar...we are speaking not about "holistic view on security" but rather about some specific apps that can detect some suspicios bahavior in system BTW...I found info about problems Asus technology while installing Bitedefender...it can mean that not only this software can have some incompatibility and can give more common issues

http://www.bitdefender.com/support/...fails-due-to-asus-ai-suite-software-1209.html

 

While we are partially on the subject of UTM:s, Sitecom has a very solid product in their X-series. https://www.sitecom.com/en/routers

http://www.sitecomcloudsecurity.com/about.aspx
and
https://www.sitecom.com/en/advice-scs/325

I do not know any % of protection, but so far (1 year) it is amazing in my own tests. (Then again it is HitmanPro tech inside) Fully cloud, no signatures to download.

Sorry for derailing the thread a bit. Just wanted to give you the info.

/E

 

Bitdefender with active virus control, Quihoo 360. Avg identity protection is very weak.

 

out
Thanks for info...I was searching info but results aren't so optimistic. I've found review on CHIP.pl page with info about router Sitecom WLR-400...it's in Polish so please translate yourself because I don't want to do some mistake.
http://www.chip.pl/testy/akcesoria/routery-wifi-n/sitecom-wlr-4000

 

That test seems to be from 2011, I think this feature was released at that time. A lot have happened since then. Like I said, in my case at least, not much passes trough if you try live malware links.
There is a thread here at Wilders regarding this feature from Surfright, but I can´t find it...
Here you have some info from Surfright: http://www.surfright.nl/en/hitmanpro/utm

/E

 

Thanks Esse BTW I found a bit forgotten thread about Sitecom Cloud
https://www.wilderssecurity.com/threads/sitecom-cloud-security-hitman-pro-in-the-router.331472/