Best Free HIPS

Discussion in 'polls' started by AaLF, Dec 8, 2007.

?

Which is the 'best quality' Free HIPS around today?

  1. ProSecurity

    13 vote(s)
    9.5%
  2. SSM

    15 vote(s)
    10.9%
  3. DSA

    8 vote(s)
    5.8%
  4. ProcessGuard

    8 vote(s)
    5.8%
  5. GhostSecurity

    7 vote(s)
    5.1%
  6. NeovaGaurd

    2 vote(s)
    1.5%
  7. EQsecure

    9 vote(s)
    6.6%
  8. OnLineArmor

    42 vote(s)
    30.7%
  9. Comodo3

    35 vote(s)
    25.5%
  10. Prevx

    12 vote(s)
    8.8%
  11. DefenseWall

    14 vote(s)
    10.2%
Multiple votes are allowed.
Thread Status:
Not open for further replies.
  1. AaLF

    AaLF Registered Member

    Joined:
    Feb 20, 2005
    Posts:
    986
    Location:
    Sydney
    Many people such as students cannot afford the extra cash required to invest in a HIPS. However Wilders Forum is foremost in promoting this 'new' defense arsenal. And so many realise the benefits but money keeps it out of reach.

    Now we know there is a difference between free & paid versions and many threads refer to paid versions of HIPS.

    So this POLL is to give a guide as to what is a 'quality-featured' FREE HIPS on the market as of December 2007. I have included some like PG that are no longer 'in production' but can still be installed and used troublefree. Some come with a firewall bolted on like OLA & Comodo. (For these please consider their HIPS benefits only).

    I have made the POLL multiple Choice so you can nominate more than one.
     
  2. lucas1985

    lucas1985 Retired Moderator

    Joined:
    Nov 9, 2006
    Posts:
    4,047
    Location:
    France, May 1968
    For classical HIPS I prefer Process Guard (free), the most user-friendly of all and 100 % bullet-proof used as anti-executable.
    For behavioural HIPS, Threatfire and Prevx are both very good products with high potential.
    For sandboxes HIPS, Sandboxie, Defensewall (not free), GeSWall, SafeSpace are pretty good. I happen to prefer (and use) GeSWall, the lightest of all.
     
  3. WSFuser

    WSFuser Registered Member

    Joined:
    Oct 7, 2004
    Posts:
    10,632
    Just an fyi, Prevx only offers detection for free. It no longer has the 30 days of cleanup.

    Anyways I voted for Online Armor because its easy to use but it still is powerful. Also I havent much experience with the other classical HIPS :p
     
  4. FadeAway

    FadeAway Registered Member

    Joined:
    Apr 6, 2007
    Posts:
    270
    Location:
    USA
    I don't feel qualified to vote, having only tried about half of the
    applications listed in the poll. However, PG free has been my choice
    for a long time. Combined with a well considered overall security strategy,
    its anti-execution and anti-termination capability fills my needs very well.
     
  5. 031

    031 Registered Member

    Joined:
    Sep 5, 2007
    Posts:
    185
    Location:
    Bangladesh
    eq secure is nice . oa is also good but i think eq-secure is better than oa free .
     
  6. TVH

    TVH Registered Member

    Joined:
    Aug 9, 2007
    Posts:
    227
    Prosecurity and SSM are by far the best in my opinion though they're not for novices. I personally use Prosecurity in my setup.
     
  7. aigle

    aigle Registered Member

    Joined:
    Dec 14, 2005
    Posts:
    11,047
    Location:
    Saudi Arabia/ Pakistan
    DW is not free. Ghost Security is also not free except AD.
     
  8. AaLF

    AaLF Registered Member

    Joined:
    Feb 20, 2005
    Posts:
    986
    Location:
    Sydney
    OOppps. I meant GesWall GW (not DW) but didn't know how to edit poll.

    I'm surprised Comodo has a following. Is it it's quality or are people just nominating it because they're stuck with it as its part of Comodo FW?
     
  9. Coolio10

    Coolio10 Registered Member

    Joined:
    Sep 1, 2006
    Posts:
    1,124
    Not everyone skips at first sight. They actually learn it unlike most testers here at wilders :D.

    Anyway back on topic. Did not know polls needed any criticism.
     
  10. Mrkvonic

    Mrkvonic Linux Systems Expert

    Joined:
    May 9, 2005
    Posts:
    8,697
    Hello,
    It would be AppArmor.
    Mrk
     
  11. Pedro

    Pedro Registered Member

    Joined:
    Nov 2, 2006
    Posts:
    3,502
    AppArmor sure promises. CFP needs a few more builds.

    Right now, as in usable in this moment, i prefer SSM free, as Lucas says for PG, "100 % bullet-proof used as anti-executable", but SSM can also lock my PC with Disconnect UI: blocks new executables or completely blocks anything not allowed in the rules, and additionally it can block programs allowed with the UI connected (cmd, IE7, etc).
    To me this among a few other details makes it the best freeware choice.
    It just needs a "Wormguard module" (there's always something ..)

    Oh, and it also changes the color of the icon when changing status :)

    SandboxIE still is my favorite sandbox, but i don't use it that much. Still a powerful too to have, it doesn't need to start with Windows.
     
  12. LoneWolf

    LoneWolf Registered Member

    Joined:
    Jan 2, 2006
    Posts:
    3,408
    I'd have to say GeSWall. :thumb:
    Liking the policy based hips idea. :D
     
  13. EASTER

    EASTER Registered Member

    Joined:
    Jul 28, 2007
    Posts:
    5,633
    Location:
    U.S.A. (South)
    Well as usual it's taken long enough to disect the inner workings & settings for EQSecure 3.41 so that's gonna have to do for now as my favorite.
     
  14. 19monty64

    19monty64 Registered Member

    Joined:
    Apr 10, 2006
    Posts:
    1,302
    Location:
    Nunya, BZ
    ThreatFire with custom ruleset (SmartHips+Firewall, which is probably why it wasn't included.) :D
     
  15. Rasheed187

    Rasheed187 Registered Member

    Joined:
    Jul 10, 2004
    Posts:
    8,038
    Location:
    The Netherlands
    I have voted for Neoava Guard, it´s not perfect, but overall, I´m quite impressed. :thumb:
     
  16. subset

    subset Registered Member

    Joined:
    Nov 17, 2007
    Posts:
    825
    Location:
    Austria
    I vote for EQSecure... No, I can not sort all this stupid rule-lists.
    I vote for Comodo 3... Oh no, it looks like McDonald's Advent calendar.
    I vote for OA Free... Ah stop, no updates included, a real pain.
    I vote for DSA... Hm, maybe hope and pray ist not enough.
    I vote for ProSecurity... Win95-16Bit-colormode-look, german translation is holprig, no, maybe not.

    I have some favorites right now, but I am not sure which one :blink:

    Cheers
     
  17. Brian N

    Brian N Registered Member

    Joined:
    Jul 7, 2005
    Posts:
    2,148
    Location:
    Denmark
    SSM makes most sense to me.
     
  18. Hairy Coo

    Hairy Coo Registered Member

    Joined:
    Oct 19, 2007
    Posts:
    1,486
    Location:
    Northern Beaches
    If free HIPS are your fetish-Micropoint-Prosecurity and of course the maestro himself ;

    Threatfire :thumb:
     
  19. EASTER

    EASTER Registered Member

    Joined:
    Jul 28, 2007
    Posts:
    5,633
    Location:
    U.S.A. (South)
    Probably the most favored free HIPS would fall someplace between either OnlineArmor & System Safety Monitor, but EQSecure still holds my favor and can't wait for them to draw up another even better version soon.

    HIPS is the way out from under the stressful demands of resident AV's and their power engines.
     
  20. AaLF

    AaLF Registered Member

    Joined:
    Feb 20, 2005
    Posts:
    986
    Location:
    Sydney
    I've looked at HiPS as a support product while the AVs & firewalls are the 'regular army in charge of defense'. I wouldn't think HIPS would challenge AVs' in the market place. For the 'population at large' HiPs is like trying to drive with a ten gear manual gear stick compared to the 'auto-transmission' offered by AVs.

    So is HIPS to be considered more as an alternative to say AVs' rather than another complimentary component in one's defense-array?
     
  21. LUSHER

    LUSHER Registered Member

    Joined:
    Feb 28, 2007
    Posts:
    440

    You must be deluded.

    Wilders people/testers are pound for pound the most paranoid people who *enjoy* answering prompts as long as it makes them feel safe....

    If even testers in wilders reject it, i doubt you can even find 1 in a billion people to use it,
     
  22. Cerxes

    Cerxes Registered Member

    Joined:
    Sep 6, 2005
    Posts:
    581
    Location:
    Northern Europe
    IMO no.

    HIPS is a very powerful tool for tighten up your system and If properly configured it´s hard for malware to penetrate. But does it protect you when it´s time to install/update? If you have the skill to understand the pop-ups, then yes, but if not, then signature/behavioural based protection could save the day.

    Regarding the poll I voted for OA free since it´s simple and stable.

    /C.
     
  23. EASTER

    EASTER Registered Member

    Joined:
    Jul 28, 2007
    Posts:
    5,633
    Location:
    U.S.A. (South)
    Very good opinions both ways. For me HIPS didn't spell the demise or even dismissal of AV's, only the reduction of what used to be additional taxing to system resources/performance AV's just can't help but place on any windows unit.
    I logically rely on NOD32 only as an On-Demand probe (occasionally) but since the introduction of HIPS in the form of SYSTEM SAFETY MONITOR & now EQSecure 3.41, HIPS have released my units completely from resident AV's and nothing, i repeat, nothing is entered undetected that HIPS didn't sniff out and alert to.

    This is a New Century which in turn also follows New Technology and (HIPS) meet challenges head-on that AV's simply cannot do. When i used resident AV's i eventually fell victim like others still do today, with HIPS, that percentage has fell drastically to 0%, and folks, i am not exaggerating, not do i discount the importance and usefullness of AV's, only that in Virtualization, Sandbox, and HIPS technologies, and especially teaming them together, AV's simply are no match for this more advanced protection.

    Why do you think AV's are exploring & now implimenting some of these same Pro-Active elements into their own products now?
     
  24. jrmhng

    jrmhng Registered Member

    Joined:
    Nov 4, 2007
    Posts:
    1,268
    Location:
    Australia
    Black listing is still the bread and butter for most users. 'Dumb' HIPS is more of toy for me. It is just fun to have the system fully locked down. With an updated AV (and maybe AS) and good policy (no porn/crack sites) I think most users will be sufficiently protected.
     
  25. AaLF

    AaLF Registered Member

    Joined:
    Feb 20, 2005
    Posts:
    986
    Location:
    Sydney
    I don't know about that, Easter.

    If I download something and there's a stowaway hidden inside, NoD will smell it when its still at the door in the postman's bag. But how does SSM etc detect a virus? Don't they let the cockroaches live inside the computer software until they hatch and then try and swat them?

    I think I'd like to know my house is clean. Or have I misunderstood how HIPS tries stop a virus?
     
Thread Status:
Not open for further replies.