Best free HIPS right now?

Discussion in 'other anti-malware software' started by Monkey_Feces, Mar 5, 2007.

Thread Status:
Not open for further replies.
  1. Monkey_Feces

    Monkey_Feces Registered Member

    Joined:
    Aug 24, 2006
    Posts:
    52
    The only ones i know of are Prevx1, Cyberhawk, and Processguard. I tried processguard and cyberhawk, but not extensively since i would have to invest a lot of time configuring them so I won't get compatability errors. Which is the best out of the 3? Can anyone name other free alternatives?
     
  2. acr1965

    acr1965 Registered Member

    Joined:
    Oct 12, 2006
    Posts:
    4,954
  3. yankinNcrankin

    yankinNcrankin Registered Member

    Joined:
    May 6, 2006
    Posts:
    406
    Prosecurity :)
     
  4. cheater87

    cheater87 Registered Member

    Joined:
    Apr 22, 2005
    Posts:
    3,125
    Location:
    Pennsylvania.
    Spyware Terminator is pretty good.
     
  5. Kees1958

    Kees1958 Registered Member

    Joined:
    Jul 8, 2006
    Posts:
    5,857
    Free HIPS
    Set and forget
    - PrevX1 : strong combines whitelist and community blacklisting with some behavorial protection (not as strong as CyberHawk)

    Some pop-ups
    - CyberHawk (really strong)
    - When you want some outbound protection, combine it with DSA is also an easy to setup process startup monitor as a bonus you will get mail-bot protection

    Strongest with pop-ups
    - SSM-free has by far the most process/memory protection of all freeware HIPS (the registry module can be set yourself as a really strong registry defense)

    - When you want outbound protection, use SensiveGuard (try it), It is a real pitty the developers of Sensive Guard have not made it working on all hardware configurations. It has the incredible advantage that it recognises user initiated, program initiated and programs with internet connection initiated actions. As a bonus you will get a data protection wall,
    Examples
    All internet programs are not allowed to create/modify/delete sensive files on your C-drive = extra defense against worms/trojans/rootkits,
    All internet programs are not allowed to read your data files from your D-drive when not initiated by the user = extra defense layer on data theft (above the outbound traffic protection). Search for review SensiveGuard on this forum.

    I would also use a free Sandbox (SandboxIE, BufferZone, GesWall free, ShadowPower) or better buy GesWall Pro or DefenseWall
     
  6. Monkey_Feces

    Monkey_Feces Registered Member

    Joined:
    Aug 24, 2006
    Posts:
    52
    Thanks for the sandbox suggestion, I'm currently trying out Sandboxie(and will probably stick with it). This is an egregious thread hijack, but at least i'm hijacking my own thread. My current security suite involves spyware blaster, AVG antispy free, Avira Antivir free, Comodo, Sandboxie, and Mozilla w/ noscript. Am I covered on all bases? I know the best solution is smart web browsing, but let's presume that I am an absolute retard. With that presumption, are all of my software selections sound? How can they be improved?
     
  7. walking paradox

    walking paradox Registered Member

    Joined:
    Feb 9, 2007
    Posts:
    234
    Ian 'Gizmo' Richards did a fairly comprehensive tests on several HIPS programs. You can view his results here. According to his tests, DefenseWall sweeped the field with a nearly perfect performance. However, I would run the trial versions of all the ones you are interested in to test their interface, usability, and compatiblity with your system. Some HIPS programs require much more user interaction than others, so you should take this into account when deciding.
     
    Last edited: Mar 6, 2007
  8. walking paradox

    walking paradox Registered Member

    Joined:
    Feb 9, 2007
    Posts:
    234
    Your software selections are indeed sound. However you apparently have no real-time spyware protection. This might not be as important since you are using Firefox w/ NoScript within sandboxie, but it would provide a more complete and thorough security setup. If you don't want to buy an real-time anti-spyware, you could go with windows defender or spyware terminator, both offer excellent protection for the price :D. Also, a hardware firewall always provides further protection, but if you use comodo correctly you should probably be ok. Others might recommend 'hardening' your system, but I am as of yet less familiar with this so I will not comment on it any further. And as I'm sure your aware, given that you created a thread about it, a HIPS program would round out your security setup. Almost forgot, it's always a good idea to have a backup plan, for even the best security setups are succeptible to failure.
     
  9. cprtech

    cprtech Registered Member

    Joined:
    Feb 26, 2006
    Posts:
    335
    Location:
    Canada
    Or if you are using NOD32 ver 2.70.xx, just use its built-in antispyware option and surf with Opera or Firefox, and don't bother wasting money and system resources on a separate antispyware app. In fact, antispyware apps are IMHO the least essential of all security apps normally recommended for inclusion in one's security environment..
     
  10. aigle

    aigle Registered Member

    Joined:
    Dec 14, 2005
    Posts:
    11,047
    Location:
    Saudi Arabia/ Pakistan
    I will say SSM.

    SSM will be best as a classical HIPS. But still I will prefer a sandbox HIPS like DefenceWall, GesWall etc over SSM.
     
    Last edited: Mar 6, 2007
  11. aigle

    aigle Registered Member

    Joined:
    Dec 14, 2005
    Posts:
    11,047
    Location:
    Saudi Arabia/ Pakistan
    In my experience even as free both are almost useless as AS( not talking of their HIPS function).
     
  12. Kees1958

    Kees1958 Registered Member

    Joined:
    Jul 8, 2006
    Posts:
    5,857
    I am impressed with Noeava (something) Guard. Bit of a simple interface. Trailing it right now.
     
  13. MaB69

    MaB69 Registered Member

    Joined:
    Dec 9, 2005
    Posts:
    540
    Location:
    Paris
    Hi all,

    I like it too as a free HIPS : very light and effective.
    His author is finalizing a new UI which give to NG a really new start

    MaB
     
  14. dawgg

    dawgg Registered Member

    Joined:
    Jun 18, 2006
    Posts:
    817
    ProcessGuard?
     
  15. Pedro

    Pedro Registered Member

    Joined:
    Nov 2, 2006
    Posts:
    3,502
    Neoava Guard
     
  16. EASTER.2010

    EASTER.2010 Guest

    STSEM SAFETY MONTIR

    Best of the best IMOH>
     
  17. KDNeese

    KDNeese Registered Member

    Joined:
    Dec 16, 2005
    Posts:
    236
    Any conflicts between Neoava and SensiveGuard? Seems there would be some double-duty there. Also, how stable do you feel Neoava is? I read some other threads where it seems it caused some problems, but, of course, could be user error rather than the program. Have been thinking about trying it, but wanted to make sure it was sound before doing so.
     
  18. ErikAlbert

    ErikAlbert Registered Member

    Joined:
    Jun 16, 2005
    Posts:
    9,455
    Monkey Feces,
    Keep in mind that Neoava Guard v1.0 is a BETA software, which means not for average users, although nobody cares anymore nowadays.
     
  19. Kees1958

    Kees1958 Registered Member

    Joined:
    Jul 8, 2006
    Posts:
    5,857
    I did not trail it on PC-1 (DW, SSM, SG, AV), but on th eone with Antivir + CyberHawk + GeSWall Pro as a replacement for CyberHawk. ErikAlbert is right I am a monkey face and it is a Beta with incompatibility with GeSWall Pro (when switching from isolated to non-isolated).

    I will wait until it comes out of Beta, to replace CyberHawk. When you get NG working on your rig, it offers the best protection available. Until then (not working) I'll stick to my opinion SSM-free the best by far.
     
  20. Monkey_Feces

    Monkey_Feces Registered Member

    Joined:
    Aug 24, 2006
    Posts:
    52
    Thanks for the Neoava tip. I will probably try it when it comes out of beta.
    Aigle,
    Our security setups are nearly identical. Have you had any experience with sandboxie? If you did, is GeSwall noticeably better than Sandboxie?


    TypicallyOffbeat,
    Would Spyware Guard offer adequate anti malware protection?
     
  21. walking paradox

    walking paradox Registered Member

    Joined:
    Feb 9, 2007
    Posts:
    234
    No. It only provides protection against spyware, and even at that it's not really sufficient in itself. Here is a description of what SpywareGuard does. Last I heard, it wasn't being developed and updated anymore, not sure on that though.
     
  22. TECHWG

    TECHWG Guest

    Prosecurity in my opinion because developement is very very very very active.
     
  23. EASTER.2010

    EASTER.2010 Guest

    My left eye is keeping close watch on ProSecurity. Some BSOD issues turned me off eifgr away bur thats been months ago now.

    You all know my fierceness when it come to there HIPS so answer this Batman. Is it all all possible to run BOTH SSM and ProSecurity together, i want some actual results from your experience plz, no bluff just tough results of what you noticed when using them together if that;s possible at all.

    Thanks
     
    Last edited by a moderator: Mar 9, 2007
  24. Chuck57

    Chuck57 Registered Member

    Joined:
    Sep 2, 2002
    Posts:
    1,422
    Location:
    New Mexico, USA
    Tried ProSecurity a week ago, the free version not beta, and don't work on this computer. I downloaded it, installed it and it instantly went into reboot.

    After the reboot, as soon as PS started, another reboot began. No warning, no nothing. So, PS is gone. I had to go into safe mode to get rid of it. Once it was gone, all was okay again.

    And, when I downloaded it, no other HIPS type programs on this box, and I disabled the antivirus.
     
  25. Longboard

    Longboard Registered Member

    Joined:
    Oct 2, 2004
    Posts:
    3,187
    Location:
    Sydney, Australia
    Another useful little tool for hardening: pure rules based HIPS/Blocker:

    Samurai: reg tweaks and driver install blocker.
    Difficult to categorise within the current HIPS apps.

    http://www.turbotramp.fre3.com/
     
Loading...
Thread Status:
Not open for further replies.