comparison of anti-trojan programs and intrusion protection systems when dealing with

Re: comparison of anti-trojan programs and intrusion protection systems when dealing

Espically when the education required to use some application is hard to achive or are so specialised that they become useless when the application changes.

Applications come and go. Next year this time, for all we know HIPS/IDP whatever is already considered dead and burried and we will be talking about some other must have technology.

That is fine if you enjoy coming to this forum and keeping with the bleeding edge. But for the noob who was told by some "expert" that he must have HIPS , and is then told the next year he must have some other cool technology, it is very fustrating.

Eg , People were hot on PG, then RD, then safensec and then Online Armor etc.. Some people are constantly playing with security software, asking about new security software and how it stacks up to PG,RD, is that really a good time saver?

I don't think it's truly as difficult as you have it seem. I think it's a myth that because some people working in the antivirus industry and disassemblers files for fun, every "expert" we meet who runs minimal security setups does that too.

Simple rules like always keep updates to patches, don't download and install from untrusted sources, maybe an hour learning how to lock down your browser , handling emails , etc, maybe a little knowledge of how your computer works PLUS some careful selection of security software (even freeware will do).

Will it protect you from the zero day exploit, or super rootkit hacker defender gold that people seem obessed with here? Of course not. But neither does chasing after the newest hipest security software that is mentioned here.

The time people spend playing with, testing, checking reviews etc of the latest HIPS , antivirus, firewall doesn't really strike me as an obviously better investment in both time and money either.

In the case of software like HIPS, I don't really think the trade off between time and money works here, since learning how to use the HIPS is even more time consuming than antiviruses.

For example, is it really that a good expenditure of money and time saver if you need to go learn about global hooks and driver installaions? Learning how to respond to prompts, what each options means etc? Is that really what you call a "time saver" ?

The main point is that the user has to want to care about security. With that they can learn to protect themselves. Software can aid in this, but ultimately, are not the main thing protecting them.

The general advise to download and install software only from trusted sources should be followed whether you use PG or not. Call that rule 1.

With PG, you could add the additional rule only give programs install rights for hooks,drivers only if they are trusted. Call that rule 2.

if you follow rule 1 absolutely, rule 2 is pretty much redudent. All programs you install are trusted, so obviously they can have all the rights they want.

If you break rule 1, and install programs you are not absolutely sure of, a warning from PG that it does possibly dangerous behavior X gives you a chance to bail out, but if you don't care enough for rule 1, what are the chances you will keep to rule 2?

You forgot to mention a special group that is very relevant here.

There are those who are in the first group but still feel they need to beef up security with lots of security programs.

 

"education is more important than security applications" seems to be a recurring theme.

I don't doubt that education is import.

But would someone who supports this theme actually like to dotpoint what they mean by education, and what it can achieve ? Just saying the above theme seems rather ambigious to me.

 

Re: comparison of anti-trojan programs and intrusion protection systems when dealing

First off. Vikorr do you consider yourself as having 'user education'?