Heimdal Free and Pro

Discussion in 'other anti-malware software' started by JEAM, Jun 30, 2015.

  1. JEAM

    JEAM Registered Member

    Joined:
    Feb 21, 2015
    Posts:
    202
    I just read about this application in the August 2015 issue of Maximum PC.

    Turns out it has been discussed on Wilders Security before, for example here, but that was three years ago. Apparently nothing much since then.

    Does anybody here use Heimdal, and/or know how useful or effective it is? Reading their website doesn't give me great understanding of what exactly it does, how it works, or what security function it's intended to serve. How does it compare to, say, HitmanPro.Alert? Would one run it alongside HMP.A or instead of it?

    Any insights are welcome.
     
  2. boredog

    boredog Registered Member

    Joined:
    Feb 1, 2015
    Posts:
    1,172
    Actually their site has some good info. read the blog section. I appears they were part of Operation Tovar is an international collaborative operation carried out by law enforcement agencies from multiple countries against the Gameover ZeuS botnet, which is believed by the investigators to have been used in bank fraud and the distribution of the CryptoLocker ransomware.[1]

    They are listed as one of the players on my wiki link below.


    https://en.wikipedia.org/wiki/Operation_Tovar

    And this page shows comparison between Free, Paid and Corp.

    https://heimdalsecurity.com/en/products
     
    Last edited: Jul 3, 2015
  3. boredog

    boredog Registered Member

    Joined:
    Feb 1, 2015
    Posts:
    1,172
    Has there ever been a Rep from this company here at Wilders?
     
  4. anon

    anon Registered Member

    Joined:
    Dec 27, 2012
    Posts:
    4,094
  5. Rasheed187

    Rasheed187 Registered Member

    Joined:
    Jul 10, 2004
    Posts:
    8,026
    Location:
    The Netherlands
    I felt like it wasn't really offering that much, it's not my cup of tea, I'm more of a HIPS kind of guy.
     
  6. haakon

    haakon Registered Member

    Joined:
    May 25, 2015
    Posts:
    756
    Location:
    SW USA
    Very thought provoking...

    HeimdalAgent.exe and HeimdalAgentService.exe work through 127.0.0.1.

    The Pro version "Secure DNS" changes the DNS settings to one 127.0.0.1. Disabling that under Modules will revert to your configured server(s).

    Heimdal's DNSService.exe runs a boat load of stuff.

    HeimdalDNSSvc.jpg

    As far as I can determine, DNS queries are handled by api.heimdalsecurity.com which is hit constantly while surfing teh webbuhnetz.

    So far, so good on a Windows 7 x64 test system.
     
    Last edited: Jul 4, 2015
  7. trjam

    trjam Registered Member

    Joined:
    Aug 18, 2006
    Posts:
    9,057
    Location:
    North Carolina
    I have been using Pro for quite awhile and really like it.
     
  8. JEAM

    JEAM Registered Member

    Joined:
    Feb 21, 2015
    Posts:
    202
    Thanks for the info, everyone.

    What kind of security software would you say is most comparable to Heimdal -- for example, is it like Malwarebytes Anti-Exploit or HitmanPro.Alert?

    I'm just trying to get a handle on this new (to me) software and to understand where it fits in the overall PC security scheme. (I do understand the part about patching Flash etc.)

    Will carefully read through their blog and the 7tutorials.com review.
     
  9. chillstream

    chillstream Registered Member

    Joined:
    Aug 2, 2013
    Posts:
    49
    Location:
    Croatia
    Try Secunia PSI - it's free and it also covers a lot more software than Heimdal
    It also does automatic updating of outdated programs, but I avoid that and set it only to notify me that there are updates available.
     
  10. JEAM

    JEAM Registered Member

    Joined:
    Feb 21, 2015
    Posts:
    202
    Thanks, chillstream. Secunia PSI is a fantastic product.

    I did understand that part of what Heimdal Free does, but the services offered by the Pro version were more mysterious. The review in 7tutorials.com helped a lot: I use Norton as my main line of defense, but it's always bothered me that they only protect a few major browsers. From the 7tutorials review, it sounds like Heimdal Pro protects you from (warns against) visiting any dubious websites no matter which browser you're using, which is a big plus over Norton.

    Are there potential conflicts running Heimdal Pro alongside any other security products, or not really?
     
  11. trjam

    trjam Registered Member

    Joined:
    Aug 18, 2006
    Posts:
    9,057
    Location:
    North Carolina
    I have used it with Eset, Mcafee and Trustport with no issues. It does work though at keeping you safe.
     
  12. boredog

    boredog Registered Member

    Joined:
    Feb 1, 2015
    Posts:
    1,172
    Ok so I tried both Heimda Free and Secunia PSI Free.

    I found on my system Heimda was way faster at finding and updating programs. However since it doesn't list what programs are updated like Secunia, I don't know if they are looking at all the same apps.

    Since I use Quietzone and all and I mean all changes are lost on restart of computer , I know my VLC player is not up to date,. so When I run either program and restart my computer I always have that app not up to date.
     
  13. boredog

    boredog Registered Member

    Joined:
    Feb 1, 2015
    Posts:
    1,172
    ScreenHunter_02 Jul. 04 16.04.jpg Unless this is the only list of apps Heimada checks for updates for. way less than Secunia. Heimada shows 5 Secunia shows 42 programs it checked for updates.
     
  14. JEAM

    JEAM Registered Member

    Joined:
    Feb 21, 2015
    Posts:
    202
    Sounds promising, thanks.

    Wonder why it's not better known, I only first heard about it last week and there's not a lot of talk around the Web.
     
  15. boredog

    boredog Registered Member

    Joined:
    Feb 1, 2015
    Posts:
    1,172
    The first time I went to Heimada's website and looked around I got a pop up mentioning something about getting a free lifetime LIC for the pro version.
     
  16. boredog

    boredog Registered Member

    Joined:
    Feb 1, 2015
    Posts:
    1,172
    I just thought it kinda strange too not much mentioned about this product online when they were involved with the big bust I posted above.
     
  17. boredog

    boredog Registered Member

    Joined:
    Feb 1, 2015
    Posts:
    1,172
    JEAM also go to about web page and click the Tell Me More About Heimada and it tells you a bit more about what it does but now how. I am guessing this is the PRO version.

    https://heimdalsecurity.com/en/about
     
  18. boredog

    boredog Registered Member

    Joined:
    Feb 1, 2015
    Posts:
    1,172
    The pop up was able to catch it again.
     

    Attached Files:

  19. haakon

    haakon Registered Member

    Joined:
    May 25, 2015
    Posts:
    756
    Location:
    SW USA
    Caution: this post contains more than 140 characters.

    The feature set is impressive, as it should be at its price point. Not dismissing Heimdal's reputation by any means, there is no representation in the testing arena, peer or professional. (I could stand to be corrected on that, but I think if there was we'd have seen links posted up by now.) With no published tests, we depend solely on trust for system and identity security.

    While the local securedns.bloom file is updated occasionally, the malware and patches dat files have not, even when forced. While I haven't scoured the Heimdal site, data regarding the file releases are not posted, limiting the user to the "wait and see" Signature Details in the GUI.

    The Secure DNS module is a noble effort but it removes all control the user has for a protocol over which users already have very little control.

    Disabling Secure DNS disables Enable detection based on network traffic analysis, which makes sense.

    Enable patching of software can be disabled, but disabling Enable scan for software updates also disables Malware Detection, both behavioral and network traffic, the latter even if Secure DNS is enabled, which makes no sense.

    Echoing the case of other "companion" layering solutions, the Web site states, "Heimdal works with the vast majority of antivirus programs as there are no overlapping functions." And there should be no reason to doubt that claim. But certainly it's logical those overlapping functions will conflict when in parallel with the overlapping functions of another layering product.

    As attested to by others here, Secunia is a better solution to software updates. Software updates is all you get with Heimdal Free.

    IMHO, for the money, MBAM and MBAE Premiums are a better choice over Heimdal Pro. And with free Trusteer Rapport (or the like) for security during banking and commerce. As well, I don't see how Heimdal's malware/phishing filtering could be any better than MBAM's Web Protection and, say, Google Safe Browsing and/or that offered by the Top Dogs in the AV biz.

    Speaking of money: as of this posting, https://goz.heimdalsecurity.com/ has a 60-day trial and a 23.80€ discount off the regular 34€ price for a 1 PC 12 month license: EU 10.20
     
    Last edited: Jul 5, 2015
  20. trjam

    trjam Registered Member

    Joined:
    Aug 18, 2006
    Posts:
    9,057
    Location:
    North Carolina
    type the word vaccine in the voucher code and get 70% off Pro.:) 10,20 euros $11.33 US
     
  21. faircot

    faircot Registered Member

    Joined:
    May 17, 2012
    Posts:
    106
    Location:
    UK
    Thanks for that, trjam. At that price it's worth trying for a year. Installing as I type.
     
  22. JEAM

    JEAM Registered Member

    Joined:
    Feb 21, 2015
    Posts:
    202
    That does say a little more, thanks. And you're right, most of it has to do with the Pro version.

    Slowly but surely, we're getting a better idea what this software does and how.

    FWIW, I'm running it on a Windows 10 test system alongside Windows Defender and EMET. No apparent problems yet.
     
  23. haakon

    haakon Registered Member

    Joined:
    May 25, 2015
    Posts:
    756
    Location:
    SW USA
    Caution: this post contains more than 140 characters.

    The malware.dat remains not-updated since install. The SecureDNS bloom file has seen marginal updating. In light of the current threat landscape, this schedule is uncomfortable - even if it were free. From their FAQ, apparently this product depends on these dat files.

    Heimdal-updates.jpg

    Even though Heimdal has set the primary DNS server to 127.0.0.1 (secondary 0.0.0.0), I came to notice my otherwise primary (only) is still subject to query.

    Using Nirsoft's DNS Query Sniffer, monitoring the NIC:

    Heimdal-DSNquery-NIC.jpg

    (The obfuscated Destination Address is my primary DNS; Source Address is the workstation IP.)

    Monitoring 127.0.0.1:

    Heimdal-DSNquery-local.jpg

    This is an interesting scheme, but as I mentioned earlier, one in which the user has no control except to disable.

    I wonder if the secdns.dk failure is a result of an abandoned Heimdal Agent process, or something to be rolled out for v2??

    Anyhow... uninstalling.
     
  24. boredog

    boredog Registered Member

    Joined:
    Feb 1, 2015
    Posts:
    1,172
    Ya I always use Quietzone when installing software so when I reboot all traces are gone. When installing new software. if the software requires a reboot to use I don't bother so that doesn't leave too many. I only have one good back up of my original system and that is fine for me.
     
  25. boredog

    boredog Registered Member

    Joined:
    Feb 1, 2015
    Posts:
    1,172
    I do hope I get an invite to test their pro version though.
     
Loading...