Alternative to DefenseWall for Win 7 – 64 bit

Discussion in 'other anti-malware software' started by Feandur, Nov 22, 2011.

Thread Status:
Not open for further replies.
  1. Feandur

    Feandur Registered Member

    Joined:
    Jun 15, 2005
    Posts:
    401
    Location:
    Australia
    Until DW comes out in 64bit .... :'( ....... Can I substitute Private Firewall (v7.0.25.5) + Appguard (v3.2) to get approximately the same level of protection, in practice, as DW [HIPS + FW] might have given for 64bit?

    http://www.blueridgenetworks.com/products/appguard.php

    http://www.privacyware.com/PF_support.html


    Anything other apps' I've missed? :doubt:

    [well,,, I do have a license for Shadow Defender...but would prefer to keep that for the XP - SP3 box
    where I'm thinking of running it just with a combo of Defense wall (hips + fw) + Private FW + EAM....but suggestions accepted;]


    I'm thinking for the Win7 - 64 bit box to have….

    [active real time] Private Fire Wall + Emsisoft AntiMalware + AppGuard;
    [passive real time] EMET + Spyware Blaster;
    [on demand] Sandboxie (for firefox protection when random surfing)+ MBAM (for 2nd opinion) + SP (for disc image - i have a license)


    any advice?

    feandur
     
  2. chris1341

    chris1341 Guest

    Unfortunately Defensewall (and Geswall to a lesser extent) are fairly unique and there are no products 'the same' that I am aware of for 32 bit let alone 64 bit as yet. There are however products that will cover the same threats.

    AppGaurd that you have mentioned restricts the behaviour of gaurded applications in user space. Sandboxie (if properly configured) can give excellent restriction on 64 bit and adds virtualisation but both need you to do some of the work youself to set up properly unlike Defensewall which is pretty much good to go out of the box.

    I love PFW but not on 64 bit but if you team it up with AppGaurd you would do OK I think.

    Defensewall is a policy based HIPS so would a classic HIPS like PFW, Online Armor, Outpost, Comodo even plus some form of restriction from AppGaurd or Sandboxie meet your needs?

    Use real time AV if you want but might not need it with something like that. EMET and MBAM or Hitman Pro for second opinion or OD scans is a good idea and imaging is really important as you will know.

    I'm sure someone will recommend some OS tweaks and Windows internal mechanisms to restrict applications using SRP or icalcs or similar to reduce integrity/rights etc to cover some of the Defensewall territory without needing a third party application. I prefer (lets face it need :) ) a third party application to do most of this for me though as I don't have the skill or inclination to adapt such set-ups to my needs. You may have different thoughts though.

    Cheers
     
  3. Feandur

    Feandur Registered Member

    Joined:
    Jun 15, 2005
    Posts:
    401
    Location:
    Australia
    Thanks Chris1341

    Is there a problem / bug / limitation with PFW on 64bit? I used it OK out of the box on 32bit, but have no experience at all on 64bit. I would love to understand more before installing.

    Should I consider an alternative....ZAP, or OA - [btw...I've always had a view that OA can be troublesome at times...re / stability / conflicts, etc..but I may be wrong as Noob uses it as per his signature].

    At least it seems a bit more research / reading up is needed before I start installing any apps'

    cheers all.
    feandur
    Brisbane [11:40am]
     
  4. Brandonn2010

    Brandonn2010 Registered Member

    Joined:
    Jan 10, 2011
    Posts:
    1,849
    AppGuard. I've used it with little incident. I threw a bunch of malware from malwaredomainslist at it on a VM and nothing got past it, even the fake AVs.

    Plus $40 for a lifetime license is great.
     
  5. Feandur

    Feandur Registered Member

    Joined:
    Jun 15, 2005
    Posts:
    401
    Location:
    Australia
    Done! Appguard it is then....hope it is not too complicated to set up


    That just leaves the FireWall to settle on ....

    Some concerns about PFW on 64bit...
    https://www.wilderssecurity.com/showthread.php?t=288509&page=9

    ; https://www.wilderssecurity.com/showthread.php?t=288509&page=11

    The performance on 32bit is excellent....
    http://www.matousec.com/projects/proactive-security-challenge/results.php#interpretation-of-results

    But I notice from his signature Kernelwars uses it on 7x64 [ https://www.wilderssecurity.com/showthread.php?t=309746 ].......anyone else happy / unhappy with PFW on 64bit ??

    Is ZAP or Comodo an alternative? maybe OA - but is it still naggy and slow in the latest version??

    cheers,
    feandur
     
  6. chris1341

    chris1341 Guest

    If you give any credence to leaktests etc then PFW does not perform as well on 64 bit as 32 bit. Not many do because of patchgaurd restrictions but the gap is wider with PFW than others IMO.

    ZAP is not as comprehensive a HIPS as the others you have mentioned but if it is just firewall you want it could do the job. OA 5.1 is better but heavy when compared to PFW and I'm not a fan of Comodo but you should give them a spin and see for yourself. Outpost is another you might want to look at.

    Pegr who speaks very eloquently and informatively about AppGaurd on these forums uses Comodo successfully with AppGaurd if that is your definite choice.

    Cheers
     
  7. Feandur

    Feandur Registered Member

    Joined:
    Jun 15, 2005
    Posts:
    401
    Location:
    Australia
    Thanks :
    My hope was to use Emsisoft Security suite...EAM + OA

    but both are still heavy [even with v6] and EAM still throws up FP's .. http://www.softwarecrew.com/2011/10/emsisoft-anti-malware-6-0-now-much-faster-more-accurate/

    ....although it achieved 100% at MRG flash tests.
    http://malwareresearchgroup.com/201...-test-–-emsisoft-anti-malware-novemeber-2011/
    and
    http://malwareresearchgroup.com/category/malwareproducttesting/

    Not so keen on Comodo.
    So... ?

    That seems to leave ESET and NIS...as IS packages...plus extra 3rd parties

    ....still looking.

    thanks for the pointers
    :)

    feandur
     
  8. Kees1958

    Kees1958 Registered Member

    Joined:
    Jul 8, 2006
    Posts:
    5,857
    Look for an AV with some sort of HIPS + FW build in, like NIS, KIS or Webroot Secure Anywhere, or run a free AV of your liking (e.g. AVG or Avast) with Windows Firewall and the freebie Windows FireWall Notifier (as far as I know it runs on x64 also, http://wokhan.online.fr/progs.php?sec=WFN) set UAC to high and use chrome as your browser.
     
    Last edited: Nov 24, 2011
  9. Feandur

    Feandur Registered Member

    Joined:
    Jun 15, 2005
    Posts:
    401
    Location:
    Australia
    Respected Sir:
    Thank you Kees1958...

    Before reading your post I had rushed down to my local store and bought a shrink-wrap package of NIS 2012 on the strength of ...

    Noob & Arms963 @ https://www.wilderssecurity.com/showthread.php?t=312578

    Bellgamin @ < can't find the posting :'( > where I recall he made reference to using NIS as 'effective and fairly light'..

    ...good enough for me.

    But heartened but your recommendation that included NIS.

    thank you Sir.

    feandur.
     
Loading...
Thread Status:
Not open for further replies.