Any stand alone Behavior Blocker left?

Discussion in 'other anti-malware software' started by The Dragonfly, Sep 20, 2014.

  1. The Dragonfly

    The Dragonfly Registered Member

    Joined:
    Sep 20, 2014
    Posts:
    29
    Mamutu and Threatfire is gone with the wind. Is there any Behavior Blockers left?
     
  2. RejZoR

    RejZoR Registered Member

    Joined:
    May 31, 2004
    Posts:
    6,426
    Not really. Only way to get them is to use AV that has it (AVG, Comodo) and disable all the rest of their features. It sucks i know but that's all it's left now. I did like ThreatFire (and Cyberhawk before) as well, it was free and it actually performed really well back then.
     
  3. ichito

    ichito Registered Member

    Joined:
    Jan 14, 2011
    Posts:
    1,485
    Location:
    Poland - Cracow
    Micropoint Proactive Defense is still to download from its own page, but I don't know is it still developed or not...my latest installation of it was in Dec 2011.
    http://www.micropoint.cn/download.php
    Quoting older thread
    https://www.wilderssecurity.com/threads/my-micropoint.164621/#post-939423
    http://www.turboimagehost.com/p/9970169/2011-12-06_22_26_49.png.html

    We can also still download standalone version of DSA that is currently included in Privatefirewall
    http://fileforum.betanews.com/detail/Dynamic-Security-Agent/1150224527/1
     
  4. Overkill

    Overkill Registered Member

    Joined:
    Mar 16, 2012
    Posts:
    2,134
    Location:
    USA
    Mamutu was awesome
     
  5. siketa

    siketa Registered Member

    Joined:
    Oct 25, 2012
    Posts:
    2,695
    Location:
    Zagreb, Croatia
    It still is.
     
  6. trott3r

    trott3r Registered Member

    Joined:
    Jan 21, 2010
    Posts:
    830
    Location:
    UK
    Except if you are a new user you cant get it as it needs activating or buying when i tried it recently. :(
     
  7. trott3r

    trott3r Registered Member

    Joined:
    Jan 21, 2010
    Posts:
    830
    Location:
    UK
    "Proxy Error
    The proxy server received an invalid response from an upstream server.
    The proxy server could not handle the request GET /.

    Reason: DNS lookup failure for: hot.hotdownloads.com"

    Cant download "Dynamic Security Agent 2.0" either :(
    Has anyone got a link for DSA please?

    Martin
     
  8. ichito

    ichito Registered Member

    Joined:
    Jan 14, 2011
    Posts:
    1,485
    Location:
    Poland - Cracow
    Martin...check PM :)
    ThreatFire is to download from Tom'sGuide...link works properly
    http://www.tomsguide.com/us/download/ThreatFire-AntiVirus-Free-Edition,0301-30933.html
    and DSA from Brothersoft but they offers only downloader not real installation file and one must to be careful not to install crap-software
    http://www.brothersoft.com/dynamic-security-agent-48732.html
     
  9. RejZoR

    RejZoR Registered Member

    Joined:
    May 31, 2004
    Posts:
    6,426
    ThreatFire doesn't work on Win8 at all. So why even bother. besides, it's dead and ineffective now.
     
  10. trott3r

    trott3r Registered Member

    Joined:
    Jan 21, 2010
    Posts:
    830
    Location:
    UK
  11. trott3r

    trott3r Registered Member

    Joined:
    Jan 21, 2010
    Posts:
    830
    Location:
    UK
    v 2.0.11 22 Nov 2007 17-42 digital signature

    Looks like the pm version is a bug fix out of date.
    Does anyone have the slightly newer version?

    thanks
    Martin
     
  12. ichito

    ichito Registered Member

    Joined:
    Jan 14, 2011
    Posts:
    1,485
    Location:
    Poland - Cracow
  13. trott3r

    trott3r Registered Member

    Joined:
    Jan 21, 2010
    Posts:
    830
    Location:
    UK
    ok thanks for the reply.

    All links refer to v1
     
  14. Mayahana

    Mayahana Banned

    Joined:
    Sep 13, 2014
    Posts:
    2,220
    I think that largely, these stand alone products have been replaced by HTTP/HTTPS scanning, URL Validation, and IP screening.

    I would recommend getting something on the front-door of your network to replace these kinds of products. Either a SOHO UTM appliance, or one of the newer routers that have it. ASUS RT-86 series have Trend DPS (deep packet security), which according to some tests, such as PCMag catches 80%+ of the threats at the door. Then all your stand alone AV's need to worry about are 20-40% of the threats out there. I personally think these types of solutions replace things like Threatfire.
     
  15. trott3r

    trott3r Registered Member

    Joined:
    Jan 21, 2010
    Posts:
    830
    Location:
    UK
    Mayahana:

    They still cost a far amount of money compared to free or 10s of pounds
     
  16. Mayahana

    Mayahana Banned

    Joined:
    Sep 13, 2014
    Posts:
    2,220
    I guess it depends on what a lot of money is to each of us. You can buy a cheap, yet effective UTM for under $200. The RT-86 will set you back $280, I just bought one today myself, but that comes with a 'lifetime' license to Trend DPS, which costs enterprise customers - at the least - $500-$1000 per yearly renewal.

    But given the $280 is for the fastest consumer router in the world, and lifetime Trend @ 80% detection, that's probably not a bad deal. Then whatever AV you use is probably adequate.
     
  17. TheWindBringeth

    TheWindBringeth Registered Member

    Joined:
    Feb 29, 2012
    Posts:
    2,085
    @Mayahana: Based on a few quick searches, it looks as though the Asus AiProtection feature includes support for malicious URL checking (on HTTP URLs at least, I didn't attempt to research HTTPS MITM capabilities) and checking remote IP Addresses to see if they are known C&C servers. Are you familiar with how those work? Do you know whether those and/or other protection features are cloud based and involve the router phoning home information about traffic/activity?
     
  18. Mayahana

    Mayahana Banned

    Joined:
    Sep 13, 2014
    Posts:
    2,220
    ASUS licensed Trend's Enterprise Deep Security Platform for inclusion into their hardware. The primary impetus for this was the well known 'hacks/attacks' done on ASUS routers last year, and the year before that which cost Asus quite a bit in the reputation department. The inclusion of enterprise level security in a home router is largely a response to that, and to help ensure it doesn't happen again. TDSP also checks clients that attach to your network for vulnerabilities, and malicious activity. So if someone has a laptop in your home, connects to your network, and has an active bot on it, ASUS/Trend will close off that client until the situation is resolved, and alert you to this activity. That way compromised guests don't compromise your network. What isn't really mentioned is with TDSP it will literally 'patch' your router on the fly to block new, even unknown exploits/attacks/malware, this is exceptionally advanced enterprise level activity for the home.

    Trend Micro’s TDSP for ASUS features four-phase defense to address the before-during-after stages of home network security. This in effect is a complete, systematic security system process at the front gate.

    1) It will check the router configuration--for example, the password strength, to lower the risk of being compromised, ports open, incorrect settings, potential exploit openings..

    2) Both inbound and outbound malware protection. For inbound protection (attacks from outside), Trend Micro’s Intrusion Prevention engine protects system and application vulnerabilities of the router and home network devices, and creates a “Virtual Patch.”. Essentially patching the vulnerability on the fly, while alerting you to the activity. The idea behind this is even when exploits are found, users don't always apply new firmware. This solves that to some extent.

    3) For outbound protection, TDSP checks the Website or server’s reputation and integrity before users attempt to reach malicious ones. This process is so fast as to be transparent.

    4) Stopping infections - If a PC or handheld device gets(or already is) infected by malware, it will have some abnormal behaviors such as talking to a hacker’s “Command and Control” servers or trying to infect neighborhood devices. The solution could detect and notify so that users clean up accordingly, or to block the compromised machine until remediation takes place.

    Some additional notes, this technology will likely appear on less costly models in the future, although that will depend on the hardware capabilities of those, and other factors obviously. Since it's essentially a consumer version of TDSP you can read up on that here;
    http://www.trendmicro.com/us/enterprise/cloud-solutions/deep-security/
     
  19. The Dragonfly

    The Dragonfly Registered Member

    Joined:
    Sep 20, 2014
    Posts:
    29
    So what Anti Virus has a good Behavior Blocker other than Emsisoft Anti-Malware?
     
  20. ichito

    ichito Registered Member

    Joined:
    Jan 14, 2011
    Posts:
    1,485
    Location:
    Poland - Cracow
    Asus's solution is interesting but I don't know how it can be compared to the behavioral blocker or similar...we are speaking not about "holistic view on security" but rather about some specific apps that can detect some suspicios bahavior in system :) BTW...I found info about problems Asus technology while installing Bitedefender...it can mean that not only this software can have some incompatibility and can give more common issues
    http://www.bitdefender.com/support/...fails-due-to-asus-ai-suite-software-1209.html
     
  21. Esse

    Esse Registered Member

    Joined:
    May 26, 2011
    Posts:
    383
  22. garrett76

    garrett76 Registered Member

    Joined:
    Mar 18, 2014
    Posts:
    210
    Bitdefender with active virus control, Quihoo 360. Avg identity protection is very weak.
     
  23. ichito

    ichito Registered Member

    Joined:
    Jan 14, 2011
    Posts:
    1,485
    Location:
    Poland - Cracow
    out
    Thanks for info...I was searching info but results aren't so optimistic. I've found review on CHIP.pl page with info about router Sitecom WLR-400...it's in Polish so please translate yourself because I don't want to do some mistake.
    http://www.chip.pl/testy/akcesoria/routery-wifi-n/sitecom-wlr-4000
     
  24. Esse

    Esse Registered Member

    Joined:
    May 26, 2011
    Posts:
    383
    That test seems to be from 2011, I think this feature was released at that time. A lot have happened since then. Like I said, in my case at least, not much passes trough if you try live malware links.
    There is a thread here at Wilders regarding this feature from Surfright, but I can´t find it...
    Here you have some info from Surfright: http://www.surfright.nl/en/hitmanpro/utm

    /E
     
  25. ichito

    ichito Registered Member

    Joined:
    Jan 14, 2011
    Posts:
    1,485
    Location:
    Poland - Cracow
Loading...