HIPS & AE VS UAC?

Discussion in 'other anti-malware software' started by Cutting_Edgetech, Sep 17, 2010.

Thread Status:
Not open for further replies.
  1. Cutting_Edgetech

    Cutting_Edgetech Registered Member

    Joined:
    Mar 30, 2006
    Posts:
    4,947
    Location:
    USA
    What is the difference in protection using UAC (User Account Control) on W7 64bit vs HIPS like Comodo or Online Armor? Is there any benefit in using UAC with one of the above HIPS? How does UAC function to prompt you when something is attempting to perform an action on your machine VS a modern HIPS? Do they function similar or do they behave totally different? Lastly, is their any benefit in running UAC with a good AE (anti-executable) like Faronics or say PG from Blueridge Networks once it is compatible with 64bit? What type of attacks is UAC able to block? If i only better understood the mechanics in which UAC works o_O
     
    Last edited: Sep 17, 2010
  2. jmonge

    jmonge Registered Member

    Joined:
    Mar 20, 2008
    Posts:
    12,883
    Location:
    Canada
    if you are runing anti-exe or hips programs dont realy need uac;) a hips programs alerts as the uac alerts and hips programs do more protection like start up registry protection and programs/files keyboard protection etc etc,the anti-exe is silent but one of the most secure around:thumb:
     
  3. safeguy

    safeguy Registered Member

    Joined:
    Jun 14, 2010
    Posts:
    1,709
    UAC and HIPS caters to different scopes of protection....

    User Account Control (MSDN)

    In simple terms: With UAC on, you are basically running as a user with standard rights system-wide and you only 'grant' admin rights when you approve the UAC prompt for a certain task/app. If you disable UAC, you are running as a user with admin rights. And in security perspectives, that isn't a good idea.


    HIPS


    With HIPS, it "monitors a single host for suspicious activity by analysing events occurring within that host."

    Spot the difference now?

    I'd suggest keeping UAC on even if you have HIPS installed or when running an AE. I'll leave it to the rest who are more knowledgeable to put in the right words to explain why this is recommended.
     
  4. Kernelwars

    Kernelwars Registered Member

    Joined:
    Aug 12, 2010
    Posts:
    2,155
    Location:
    TX
    silence + security = keeper:thumb:
     
  5. jmonge

    jmonge Registered Member

    Joined:
    Mar 20, 2008
    Posts:
    12,883
    Location:
    Canada
    hips covers alot more when it comes to security to any thing withing the system,SRP and anti-exe are also goot have for peace of mind:) with a hips you will be cover for all types of attacks,including system attacks
     
  6. blacknight

    blacknight Registered Member

    Joined:
    Sep 25, 2007
    Posts:
    2,433
    Location:
    Europe

    Absolutely true, and well said jmonge.
     
  7. Boyfriend

    Boyfriend Registered Member

    Joined:
    Jun 7, 2010
    Posts:
    1,070
    Location:
    Pakistan
    Use any good/compatible HIPS/AE, but with UAC enabled. Any executable want to make critical change, at least UAC will warn you. UAC complements good HIPS/AE softwares.
     
  8. MrBrian

    MrBrian Registered Member

    Joined:
    Feb 24, 2008
    Posts:
    6,032
    Location:
    USA
    UAC encompasses more than just "the prompt."

    I used HIPS when I ran as admin on XP. On Windows 7 however, I use a limited user account for everyday activities, UAC on max, AppLocker, and no HIPS.
     
  9. Tarnak

    Tarnak Registered Member

    Joined:
    Feb 5, 2007
    Posts:
    3,873
    I will keep running in Admin mode in XP, because I prefer to do it that way...until make the change to Windows 7 or next release. I will learn about UAC, etc... then!...and not before.

    So, for the present I still use HIPS. :)
     
  10. blacknight

    blacknight Registered Member

    Joined:
    Sep 25, 2007
    Posts:
    2,433
    Location:
    Europe

    I too. No UAC, no SRP: multi layer defense, not only - but " especially " - HIPS based.
     
  11. jmonge

    jmonge Registered Member

    Joined:
    Mar 20, 2008
    Posts:
    12,883
    Location:
    Canada
    i have enough with hips,more than enough;)
     
  12. Kernelwars

    Kernelwars Registered Member

    Joined:
    Aug 12, 2010
    Posts:
    2,155
    Location:
    TX
    hmmmm hopefully everything allright J!!!!! saw a sudden change of signatureo_O
     
  13. Cutting_Edgetech

    Cutting_Edgetech Registered Member

    Joined:
    Mar 30, 2006
    Posts:
    4,947
    Location:
    USA
    Ok, Safeguy, I see. UAC allows one to run as an under privilege user with Admin rights on the fly. I'm going to do some more research on the fine mechanics of how this is accomplished. Thanks Safeguy!
     
  14. wat0114

    wat0114 Guest

    Cutting,

    recommended reading, check it out:

    -http://technet.microsoft.com/en-us/library/dd835561%28WS.10%29.aspx
     
  15. jmonge

    jmonge Registered Member

    Joined:
    Mar 20, 2008
    Posts:
    12,883
    Location:
    Canada
    whta i meant was the to have hips is more than enough security,powerfull;) :thumb:
    i am testing this litle chihuahua:)
     
Loading...
Thread Status:
Not open for further replies.