DCS Replacement

Discussion in 'other anti-malware software' started by ill, Jul 7, 2007.

Thread Status:
Not open for further replies.
  1. ill

    ill Registered Member

    Joined:
    Dec 22, 2005
    Posts:
    6
    With DCS gone, what security software can I use as a comparable replacement? I'm still using ProcessGuard v3.150 and Wormguard v4.0. My AV is NOD32. My firewall is Outpost Pro. I'm also using Blocklist Manager with ProtoWall. Thank you.
     
  2. farmerlee

    farmerlee Registered Member

    Joined:
    Jul 1, 2006
    Posts:
    2,585
    System safety monitor and prosecurity are comparable alternatives. Both have free and paid versions.
     
  3. ill

    ill Registered Member

    Joined:
    Dec 22, 2005
    Posts:
    6
    Thanks farmerlee

    Which is the better of the two? If it is a toss up, will I suffer from software conflicts using both progs?
    I'm viewing this

    https://www.wilderssecurity.com/archive/index.php/t-155087.html

    I consider myself an advanced user. I will be purchasing the prog(s). Has anything changed since the last reply in the thread above?

    I checked the leak tests. I'll go with SSM. I'm also looking at Comodo.
     
    Last edited: Jul 7, 2007
  4. LoneWolf

    LoneWolf Registered Member

    Joined:
    Jan 2, 2006
    Posts:
    3,408

    If you need it Bellgamin gives some instructions on setting up SSM here.
    https://www.wilderssecurity.com/showthread.php?t=178217

    The only thing I can add is to enable all modles except window filter.
    Not sure why not to enable window filter this is just what i have read over at the SSM forums.
    http://www.syssafety.com/forum/viewtopic.php?t=956
     
    Last edited: Jul 7, 2007
  5. ill

    ill Registered Member

    Joined:
    Dec 22, 2005
    Posts:
    6
    Thanks for helping me with this.
     
  6. TECHWG

    TECHWG Guest

    there was just something i did not like about ssm. When i tested it, things were not in a place where i would expect to look for them. It confused me
     
  7. bellgamin

    bellgamin Very Frequent Poster

    Joined:
    Aug 1, 2002
    Posts:
    5,648
    Location:
    Hawaii
    A) TechWG is a forum moderator for ProSecurity & personal friends with the ProSecurity developer. Comments about competing HIPS should be viewed accordingly. Also, a nebulous criticism like "Something I did not like about ssm" isn't very helpful.

    B) SSM would be a superb replacement for DCS, as would ProSecurity (PS) and Cyberhawk (CH) and Dynamic Security Agent (DSA)

    1) SSM - In addition to XP, SSM's latest beta 2.4.0.618 runs fairly stable on Vista, in case you are using that OS.

    2) Cyberhawk -

    * They now have their own support forum -- pretty active and competently moderated.

    **CH is a behavior blocker, and operates VERY quietly as a set-it-forget-it security app, if that is your preference. However, if you want power & configurability somewhat on a scale with SSM & PS, then CH's optional module for setting Rules is quite excellent.

    ***CH has a rules-setting wizard for those who want help. For EACH rule that you want to custom-define, the wizard asks 5 or 6 simple questions with multiple choice check boxes. Answering those questions is pretty easy and -- POOF! -- you have a custom-designed rule each time you do it.

    ****For example, take a look at posts by Kees in THIS CH forum thread to get a feeling for how powerful the CH rules module is.

    *****If you do NOT choose to use the rules module, I would put CH about on a par with Prevx in terms of set-it-forget-it. If you DO choose to use the rules module, I would put CH about on a par with SSM & PS, but a good bit easier to use than either of them.

    3) Dynamic Security Agent - DSA is a combination firewall & behavior-blocker HIPS.

    *DSA is a product of the Private Firewall (PFW) folks, and is quite top-drawer. It is light as a feather & teaches itself almost everything it needs to know in order to keep your computer tightly secured.

    **As a firewall, DSA makes ports invisible to port scans and protects unauthorized entry the same as a dedicated firewall. DSA also contains PFW's layer-3 firewall using Stateful Packet Inspection (SPI) technology running in the background. DSA also provides protection for TCP, UDP, ICMP and and UDP Protocols, just like Privatefirewall. In summary - DSA provides a comparable amount of protection as PFW except it lacks PFW's capabilities to create custom rules, maintain logs, and display port tracking details.

    ***As a HIPS - DSA has 4 visible modules in its interface (System Anomaly, Email Anomaly, Process Detection, and Application Security). DSA enables you to be aware of the activity on your computer and detects, blocks and alerts you to suspicious activity. DSA detects malware and intrusions based on behaviors characteristic of unauthorized system use. Some of these include:

    - Attempts to access a protected registry area
    - Attempts to access a protected object
    - Attempts to Initiate a foreign process
    - Attempts to control Windows service
    - Attempts to create a DNS request
    - Attempts to initiate outgoing TCP traffic***

    C) Reviews & tests...

    DSA- HERE and HERE.

    CH- Go HERE then click "Comparatives" then scroll down to "Comparative of various protection tools October 2006" & click on "Report."

    SSM- HERE and HERE

    D) For a somewhat outdated comparison of capabilities, go HERE

    E) My personal set-up is DSA + SSM + AV + router. I am now giving PS's new beta a try, as well as CH's current version. If SSM lags too long, then my prime choice for replacement would be CH, for reasons given above. As regards DSA -- for the foreseeable future, DSA is an immortal in my security wall.
     
    Last edited: Jul 14, 2007
  8. MikeNash

    MikeNash Security Expert

    Joined:
    Jun 9, 2005
    Posts:
    1,654
    Location:
    Sydney, Australia
    This thread prompted me to go take a look at the DCS site, which has not changed in a long time. I notice that as of the current moment, it is currently offline for maintenance.
     
  9. Jarmo P

    Jarmo P Registered Member

    Joined:
    Aug 27, 2005
    Posts:
    1,184
    I am still using PG free 3.410. It fills my basic needs that are program control and to monitor what runs in my system. And it is stable and simple and light as a program can be.
    Other software are Avira AntiVir Premium, Comodo 2.4, Prevx 2, Sandboxie and with these my system does not take CPU.
    Though Prevx 2 and Avira take a lots of virtual memory.

    One strange thing I have noticed is that free ProcessGuard blocks wgatray.exe from connecting to internet even if it is allowed in PG. I have only seen it with Comodo 2.4 firewall. Without PG installed wgatray tries to connect out to internet at the system restart. But PG free somehow blocks it, even if PG is stopped from running. It could of course be that it bybasses Comodo. But I have also tested this by running Wireshark packet capture program and wgatray.exe generates no internet traffic.
    Other firewall users are of course wanted to confirm my finding with PG free.
     
    Last edited: Jul 14, 2007
  10. Alphalutra1

    Alphalutra1 Registered Member

    Joined:
    Dec 17, 2005
    Posts:
    1,160
    Location:
    127.0.0.0/255.0.0.0
    Actually, you can access the product specific pages, but not just the home page, which is weird, for example:

    http://www.diamondcs.com.au/processguard/

    Cheers,

    Alphalutra1
     
  11. MikeNash

    MikeNash Security Expert

    Joined:
    Jun 9, 2005
    Posts:
    1,654
    Location:
    Sydney, Australia
    Yep. I found it interesting because it implies that either someone is doing something, or something is broken... I suppose we may find some more clues over the fate of DCS over the coming days
     
  12. Mongol

    Mongol Registered Member

    Joined:
    Jul 24, 2004
    Posts:
    1,581
    Location:
    Houston, TX
    I seem to remember a long-long-long time ago they mentioned improvements to the website:eek:, maybe this is it:shifty: . Then again, maybe not...
     
  13. Kees1958

    Kees1958 Registered Member

    Joined:
    Jul 8, 2006
    Posts:
    5,857
    May I suggest some freeware

    a) Try EQSecure or
    b) Combo of DSA free (Anti executable, outgoing internet travel, quards critical windows systems directories and registry entries) and CyberHawk free (protects against data injection and process modification)

    and Payware
    a) GSS suite (appdefend and regdefend)
    b) Online Armour 2 (first choice) or Antiexecutable (second choice)

    When your porcessor supports it, enable DEP for all programs in XP.

    Regards K
     
  14. Osaban

    Osaban Registered Member

    Joined:
    Apr 11, 2005
    Posts:
    4,215
    I still have ProcessGuard 3.410 full, and it's working fine. I suppose that improvements might be needed, but I tend to think that HIPS are not signature based so PG for the next couple of years should be fine.

    Privacy is a very serious matter, and buying a software doesn't automatically gives us the right to know what happened to the company that produced it.

    On the other hand it would be polite from DCS to inform its customers as to why they have disappeared or suddenly stopped their activities.
     
  15. Mele20

    Mele20 Former Poster

    Joined:
    Apr 29, 2002
    Posts:
    2,495
    Location:
    Hilo, Hawaii
    https://www.wilderssecurity.com/showthread.php?t=159189

    I'm surprised that you evidently can still buy PG and Port Explorer from Regsoft. It is interesting that the only pages you cannot access now at DCS is the home page and the About Us page.

    I still use PG full version 3.15 and I have tried most of the substitutes. I didn't like any of them. The sad fact is that there is NOTHING that can compare to PG. I just keep hoping that either Wayne gets it together and comes back or has sold DCS to someone who will continue its development and be dedicated to it.
     
Loading...
Thread Status:
Not open for further replies.