HIPS & AE VS UAC?

What is the difference in protection using UAC (User Account Control) on W7 64bit vs HIPS like Comodo or Online Armor? Is there any benefit in using UAC with one of the above HIPS? How does UAC function to prompt you when something is attempting to perform an action on your machine VS a modern HIPS? Do they function similar or do they behave totally different? Lastly, is their any benefit in running UAC with a good AE (anti-executable) like Faronics or say PG from Blueridge Networks once it is compatible with 64bit? What type of attacks is UAC able to block? If i only better understood the mechanics in which UAC works

 

if you are runing anti-exe or hips programs dont realy need uac a hips programs alerts as the uac alerts and hips programs do more protection like start up registry protection and programs/files keyboard protection etc etc,the anti-exe is silent but one of the most secure around

 

UAC and HIPS caters to different scopes of protection....

User Account Control (MSDN)

In simple terms: With UAC on, you are basically running as a user with standard rights system-wide and you only 'grant' admin rights when you approve the UAC prompt for a certain task/app. If you disable UAC, you are running as a user with admin rights. And in security perspectives, that isn't a good idea.


HIPS

With HIPS, it "monitors a single host for suspicious activity by analysing events occurring within that host."

Spot the difference now?

I'd suggest keeping UAC on even if you have HIPS installed or when running an AE. I'll leave it to the rest who are more knowledgeable to put in the right words to explain why this is recommended.

 

silence + security = keeper

 

hips covers alot more when it comes to security to any thing withing the system,SRP and anti-exe are also goot have for peace of mind with a hips you will be cover for all types of attacks,including system attacks

 

Absolutely true, and well said jmonge.

 

Use any good/compatible HIPS/AE, but with UAC enabled. Any executable want to make critical change, at least UAC will warn you. UAC complements good HIPS/AE softwares.

 

UAC encompasses more than just "the prompt."

I used HIPS when I ran as admin on XP. On Windows 7 however, I use a limited user account for everyday activities, UAC on max, AppLocker, and no HIPS.

 

I will keep running in Admin mode in XP, because I prefer to do it that way...until make the change to Windows 7 or next release. I will learn about UAC, etc... then!...and not before.

So, for the present I still use HIPS.

 

I too. No UAC, no SRP: multi layer defense, not only - but " especially " - HIPS based.

 

i have enough with hips,more than enough

 

hmmmm hopefully everything allright J!!!!! saw a sudden change of signature

 

Ok, Safeguy, I see. UAC allows one to run as an under privilege user with Admin rights on the fly. I'm going to do some more research on the fine mechanics of how this is accomplished. Thanks Safeguy!

 

Cutting,

recommended reading, check it out:

-http://technet.microsoft.com/en-us/library/dd835561%28WS.10%29.aspx

 

whta i meant was the to have hips is more than enough security,powerfull
i am testing this litle chihuahua