Confused about HIPs programs

Discussion in 'other anti-malware software' started by angus49, Jul 25, 2006.

Thread Status:
Not open for further replies.
  1. angus49

    angus49 Registered Member

    Joined:
    Jun 26, 2006
    Posts:
    106
    Location:
    Hudson,Florida - USA
    Are PG, AntHook, Prevx1, SSM and Saf n' Sec all HIPs? If so, should more than one be run at a time? Which is best? Which is easier? Does SpySweeper and ZA provide the same coverageo_O? A lot of questions I know, but before shelling out $50 I need some guidance. Thank for you help.
     
  2. WSFuser

    WSFuser Registered Member

    Joined:
    Oct 7, 2004
    Posts:
    10,632
    yes they're all considered HIPS.

    If used in ABC mode, Prevx1 would be the easiest as it would make the majority of decisions.

    heres a question: why are you looking for an HIPS? if u surf safely and your AV/FW/AS are updated then u should be protected fine.

    also keep in mind that any paid version of ZA has OSFirewall which acts much like an HIPS. you should try it and see what u think.

    and lastly, if ur seriously considering an HIPS, i recommend u try u trial it first before even purchasing it. It would be best if u decided which program works best for you.
     
  3. angus49

    angus49 Registered Member

    Joined:
    Jun 26, 2006
    Posts:
    106
    Location:
    Hudson,Florida - USA
    WSFuser,
    Thanks for the response. I guess two reasons I am investigating alternatives are to lessen the amount of programs used for security, if possible, and by doing so lessen my memory load.
     
  4. Infinity

    Infinity Registered Member

    Joined:
    May 31, 2004
    Posts:
    2,651
    seems plausible :D
     
  5. WSFuser

    WSFuser Registered Member

    Joined:
    Oct 7, 2004
    Posts:
    10,632
    HIPS are not meant as a replacement for traditional AV/AS/AT, so if u decide to use one, would might be adding to teh programs u use.
     
  6. herbalist

    herbalist Guest

    Before you spend any money on HIPS software, System Safety Monitor has a free version. I would also limit to running one such program, same as you would a firewall. Using 2 will give very little if any increase in security and may even lower it if they happen to conflict. Using 2 would definitely increase your system load and give you a lot of unnecessary configuring to do.
    Rick
     
  7. bellgamin

    bellgamin Very Frequent Poster

    Joined:
    Aug 1, 2002
    Posts:
    5,650
    Location:
    Hawaii
    I recommend Online Armor AV+. It is a full-scope HIPS PLUS Kaspersky antivirus PLUS a spam killer PLUS antikeylogger PLUS web surfing guard PLUS (soon) a firewall. Small footprint. Great support.
     
  8. Edwin024

    Edwin024 Registered Member

    Joined:
    Nov 14, 2004
    Posts:
    1,000
    I find it a pity that OA still only really looks at IE... Just like Kaspersky by the way. I find that they should include Firefox/Thunderbird support in any case. Maybe Opera too.
     
  9. MikeNash

    MikeNash Security Expert

    Joined:
    Jun 9, 2005
    Posts:
    1,654
    Location:
    Sydney, Australia
    OA does support FF and all POP3/IMAP mail clients :) We don't manage the FF extensions at the moment, and Opera support will be coming along with the Firewall/Kernel Mode release.

    Hope that helps!

    Mike
     
  10. Tommy

    Tommy Registered Member

    Joined:
    Dec 24, 2002
    Posts:
    1,169
    Location:
    Buenos Aires - Munic
    I want to jump in and see if a HIPS is necessarry in my case. If so, which did you recomand. Recomandation should refer to efficience and not if it is easy to configurate or not. Freeware or payed, doesn't matter.

    Using:
    AntiVir personal edition
    Jetico Firewall (changed from Blackice)
    a2-squared freeware for weeky on demand scans
    Ad-Aware for weekly on demand sans.
    (testing Neoava Guard in the moment)
     
  11. herbalist

    herbalist Guest

    Is HIPS necessary or right for you? That depends on several things:
    Do you engage in high risk online activities like file sharing or visiting warez or porn sites?
    Is your PC a multi-user or family PC and are there other users whose practices might not be safe?
    Are you using win98 or winME?
    If you answered yes to any of these and you're up to the task of configuring it, HIPS would be a valuable asset.
    On Win98 and WinME systems, I would consider HIPS a necessity now that M$ isn't supporting these systems anymore and many security-ware vendors are following suit. While several HIPS programs don't run on these operating systems, System Safety Monitor does, and the version that these use is free and very good. It's especially valuable on multi-user PCs where you can set up a separate ruleset and filter list for the inexperienced user and set it to block any unknown instead of prompting the user. A well configured HIPS can offset many a vulnerability. There is another factor to be considered. Malware is getting harder to remove, and in many cases difficult to detect. HIPS greatest benefit is its ability to stop the unknown, as long as you are knowlegable enough to answer the alerts properly. While I can't say regarding the other HIPS programs, if you're using System Safety Monitor and don't have the UI connected, the user won't be prompted when an unknown is encountered. It'll just be blocked. This is especially useful if you have kids who want to install whatever they see. Installers are unknown processes as far as SSM is concerned and will be blocked. The filter module also makes an excellent parental control tool. Once a HIPS program is well configured and assuming the user doesn't permit things they shouldn't, your adware/malware scanners won't have much to do.
    Rick
     
  12. Tommy

    Tommy Registered Member

    Joined:
    Dec 24, 2002
    Posts:
    1,169
    Location:
    Buenos Aires - Munic
    Sometimes file sharing and by accident looking at some nice naked girls ..jajaja

    Using WinXP SP2 on a Laptop, which is used only by me. So i think i am not a high risk internet user, but you never now. I am testing Neova Guard seams a good complement so it uses very less CPU and memory. I will check out SSM.
     
  13. angus49

    angus49 Registered Member

    Joined:
    Jun 26, 2006
    Posts:
    106
    Location:
    Hudson,Florida - USA
    This may seem paranoid (I am about my system) but from where does SSM originate? I get leery of sites that don't list their location in their company information, only email contacts.
     
  14. Optimist

    Optimist Registered Member

    Joined:
    Nov 6, 2002
    Posts:
    90
    Russia, I think.
     
  15. bellgamin

    bellgamin Very Frequent Poster

    Joined:
    Aug 1, 2002
    Posts:
    5,650
    Location:
    Hawaii
    SSM folks R N Ukraine. I think that's somewhere north of Texas. :D
     
  16. herbalist

    herbalist Guest

    It is being developed in the Ukraine. That would be a long way north of Texas, or is that north , then south again? o_O
    Their IP shows as being from the USA as they use Go Daddy out of Arizona to host their site.
    I wouldn't get too concerned about their Ukraine origins. Some excellent software comes from that region, SSM being on top of that list.
    If you decide to install SSM, make certain your system is clean, especially if you intend to use the learning mode. SSM doesn't discern what is malicious from actual system components or legitimate software. The learning mode basically tells SSM to trust what is running, and if malware is running, it will also be trusted. This is less a problem if you're setting it up manually but that requires you to know what is necessary and legitimate. Unless you really know your system, the executables it contains, and what they do, use the learning mode, but clean your system to the best of your ability with every tool you have access to before using learning mode.
    Rick
     
    Last edited by a moderator: Jul 29, 2006
  17. spindoctor

    spindoctor Registered Member

    Joined:
    Feb 28, 2006
    Posts:
    83
    IMHO you don't need a HIPS. What most can get by with just fine is a decent firewall, AV, AS and maybe an AK, if you feel you need it. Pratice safe hex, keep Windows up to date and tighten up IE and/or run an alternate browser like Opera or Firefox. That's about all most users will need. I run something similar to the above and never get malware on my system other than what I put there myself for testing purposes and boy is my system fast these days. :D
     
  18. HJam72

    HJam72 Registered Member

    Joined:
    Jul 18, 2006
    Posts:
    34
    Location:
    Kerrville, TX
    Don't pay for anything you can't try out first. I recommend HIPS, but I'm new to it and what I know is mostly recently learned from others.

    SSM is free, ProcessGuard has a free version, and RegRun has multiple trial versions. I don't know about the others.
     
  19. Mongol

    Mongol Registered Member

    Joined:
    Jul 24, 2004
    Posts:
    1,581
    Location:
    Houston, TX
    Add to that list good ole Online Armor, a fine-fine program with a thirty day trial. Very easy to set up and use and 10 bucks less than you are looking to shell out...:thumb: :D
     
Loading...
Thread Status:
Not open for further replies.