HIPS and ease of use

Discussion in 'other anti-malware software' started by tepe2, May 19, 2007.

Thread Status:
Not open for further replies.
  1. tepe2

    tepe2 Registered Member

    Joined:
    Jan 18, 2006
    Posts:
    539
    A lot of different HIPS have been discussed in this forum.

    SSM, DSA, CyberHawk, EQsecure, PG, RegDefend, AppDefend, Prosecurity, Prevx, SafenSec, AE, Neoava Guard and more....

    How easy/difficult are they to use compared to each other?

    Could be fun to see them categorised or just a list starting with the easiest.

    Maybe something like this:

    1. Prevx
    2. CyberHawk, DSA
    3. ?
    4. ?
    5. SSM
    6. ?

    I know Prevx, CyberHawk and DSA are among the easier, and SSM is more difficult. But I have only tried one HIPS so I can not make a list or put them in category. Hope someone else can.
     
  2. Mongol

    Mongol Registered Member

    Joined:
    Jul 24, 2004
    Posts:
    1,581
    Location:
    Houston, TX
    Online Armor too...don't forget the best. Extremely easy to use and just a week or two from the gold release of version 2 with firewall. For info just go to: www.tallemu.com...:cool:
     
  3. WSFuser

    WSFuser Registered Member

    Joined:
    Oct 7, 2004
    Posts:
    10,632
    From quiet to noisy, id list them like this:

    Prevx
    Cyberhawk
    Online Armor
    PG
    AppDefend
    Neoava Guard
    SafenSec
    ProSecurity, SSM
     
  4. tepe2

    tepe2 Registered Member

    Joined:
    Jan 18, 2006
    Posts:
    539
    Thanks to both of you :)

    I hope there will be more replies.

    Feel free to add other HIPS if you like.
     
  5. GES/POR

    GES/POR Registered Member

    Joined:
    Nov 26, 2006
    Posts:
    1,490
    Location:
    Armacham
    Primary Response SafeConnect
    Online Armor
    Cyberhawk
    Prevx
     
  6. bellgamin

    bellgamin Very Frequent Poster

    Joined:
    Aug 1, 2002
    Posts:
    5,648
    Location:
    Hawaii
    The topic's title limits comments to "ease of use" so I shall only say that, in terms of EFFECTIVENESS, the HIPS list/sequence would be quite different IMO.
     
  7. Kees1958

    Kees1958 Registered Member

    Joined:
    Jul 8, 2006
    Posts:
    5,857
    Guys,

    You are forgetting the absolute noiseless application DEFENSEWALL.

    On a shared second place

    Behavior Blockers which do the thinking for you as much as possible (like Primary Response Safe Connect), Anti Exectables which have build in black and white lists (Online Armour, Anti Executable), all this with community based knowledge sharing (PrevX).
     
    Last edited: May 20, 2007
  8. ErikAlbert

    ErikAlbert Registered Member

    Joined:
    Jun 16, 2005
    Posts:
    9,455
    That's right. The full name is DefenseWall HIPS according its home page and it is quiet. I always forget it.
    Check it out :
    http://www.softsphere.com/
     
  9. tepe2

    tepe2 Registered Member

    Joined:
    Jan 18, 2006
    Posts:
    539
    I agree.

    I only tried SSM Free. Found it difficult. But I did not put much in to learn it.

    I know Prevx, CyberHawk and DSA would suite my knowledge, but what about those between: EQsecure, Neoava Guard and more. Are they close to SSM or the easier mentioned? I want to know what is between SSM and Prevx, CH, DSA when it comes to ease of use, not effectiveness. For me it is more important to use programs I can understand or learn to understand in short time. If that gives me 97 % protection instead of 99% it is ok.

    Kees and EA mention DefenseWall. I also consider such an alternative. I guess DefenseWall, GesWall, Sandboxie and Bufferzone offer the same ease of use. By the way is DefenseWall a one time cost, or you have to pay every year? (This question could also go for GesWall and Bufferzone paid, SSM Full, Prosecurity and CH pro. Prevx and SafenSec I found out myself)
     
  10. poirot

    poirot Registered Member

    Joined:
    May 4, 2005
    Posts:
    299
    tepe2,on a 1 to 10 scale,these are my experiences with the HIPS i used:

    Ease of Use

    Cyberhawk 9
    Antihook 3.0 8
    ProSecurity Free 7
    ProSecurity Pro 6
    Antihook Free 2,6 5
    Neoava Guard 3
    SSM Free 3

    As Degree of Protection is concerned :
    Cyberhawk 6
    Antihook 3.0 6
    ProSecurityFree 7
    ProSecurityPro 9
    AntihookFree 5
    Neoava Guard 7
    SSMFree 9





    I think that by using a classical HIPS (this doesnt apply to Behavioural Blockers) you can expect disappointments in the beginning with all of them.
    I had to rollback to previous images three times with SSM Free and i still dont know why for two instances.
    With Neoava i had trouble,but i was (more) inexperienced (than i am now) and made probably mistakes.

    With ProSecurity i had a BSOD which prevented even booting ,but it was hardly PS fault,as the culprit was Rootkit Unhooker: when removed, problems ended. I find it provides good protection even with out of the box settings.And it's much more understandable and clear than SSM.

    Cyberhawk and Antihook 3.0 never produced any white hair on my scalp, working like a Behavioural Blocker should, (and could). I would recommend them to any beginner.
    Personally i found ProSecurity gives the easier efficient protection one can get without too much hassle.
     
  11. ErikAlbert

    ErikAlbert Registered Member

    Joined:
    Jun 16, 2005
    Posts:
    9,455
    I just installed SSM Free. That's not a software for an average user and requires a very long learning curve. Only good for users, who like to spend their time on security softwares.
    SSM is a nightmare compared with DefenseWall.
     
  12. tepe2

    tepe2 Registered Member

    Joined:
    Jan 18, 2006
    Posts:
    539
    I do believe you EA :)

    Poirot. Thank you so much for great reply. This was helpful. I did try SSM Free, but uninstalled after short time, before I was as frustrated as ErikAlbert :D (EA I read your SSM-thread)

    I thaught Prosecurity was as difficult as SSM, but now i know better. So now I have learned that SSM and Neoava Guard is no alternative to me right now. And Prosecurity can be an alternative to the easier CH and DSA.

    I know nothing about Antihook.

    Does someone know how EQsecure would compare to PS and SSM?
     
  13. stapp

    stapp Global Moderator

    Joined:
    Jan 12, 2006
    Posts:
    7,293
    Location:
    England
    Coming in as a complete beginner as regards HIPS, I can totally recommend Online Armour for ease of use.

    Takes care of everything for me.
     
  14. tepe2

    tepe2 Registered Member

    Joined:
    Jan 18, 2006
    Posts:
    539
    Thanks. I see 4 "easy-HIPS", OA, Prevx, CH and DSA. I lean more towards CH and DSA. But Im sure they are all great for beginners.
     
  15. MaB69

    MaB69 Registered Member

    Joined:
    Dec 9, 2005
    Posts:
    540
    Location:
    Paris
    Hi all,

    What make a HIPS easy to use ? When a community helps you to answer to a notification so 3 HIPS are eligible IMO : Online Armor, Prevx and Cyberhawk

    Regards,

    MaB
     
  16. tepe2

    tepe2 Registered Member

    Joined:
    Jan 18, 2006
    Posts:
    539
    As for my post #9 I found out this:


    Prosecurity - $29.95 - All updates in major version. For example when you order version 1.2, you will get all the updates until version 2.0 comes out.

    CyberHawk - $24.95 - Subscriptions include free product upgrades and unlimited customer support for 1 year.

    DSA - Free

    DefenseWall - $29.00 - Can not find if this is a one-time cost or not

    GesWall Pro - Can not find price or info

    Bufferzone Pro - $29.95 - Can not find if this is a one-time cost or not


    As you can see I lack some info. If you have this info please share :)

    When you change to/from sandbox, do you have to reboot with DW, GW and BZ?
     
  17. tepe2

    tepe2 Registered Member

    Joined:
    Jan 18, 2006
    Posts:
    539
    I like what I have read about CyberHawk. I read its manual, and it did not look so difficult. As I understand there will be a new version soon.

    Something just hit me: I think this would be a great combo:

    Prosecurity Pro and CyberHawk Pro.

    If you look at the comparison table at CC you can see that you would be vell covered. But to pay for both these two, AV and perhaps other could be expensive.

    http://wiki.castlecops.com/HIPS/IDP_programs/services
     
  18. walking paradox

    walking paradox Registered Member

    Joined:
    Feb 9, 2007
    Posts:
    234
    Cyberhawk has a free version.

    DefenseWall - "The DefenseWall HIPS program license is Lifetime, however updates, email notifications and first-queue support expire after 1 year unless you renew (prolongate) your license."

    AFAIK GesWall is free
     
  19. tepe2

    tepe2 Registered Member

    Joined:
    Jan 18, 2006
    Posts:
    539
    Yes I know CH and GW also has free versions. Thanks for your info on DW, I did not know that. :)
     
  20. ErikAlbert

    ErikAlbert Registered Member

    Joined:
    Jun 16, 2005
    Posts:
    9,455
  21. BlueZannetti

    BlueZannetti Administrator

    Joined:
    Oct 19, 2003
    Posts:
    6,590
    Just to clarify the two options, GeSWall is free, GeSWall Pro is paid ( €29.66 for license plus one year of Safe Applications update - this is the 15% off price).

    Blue
     
  22. bellgamin

    bellgamin Very Frequent Poster

    Joined:
    Aug 1, 2002
    Posts:
    5,648
    Location:
    Hawaii
    A tricycle is easier to use than an automobile. On the other hand, if you want to go very far, you need to learn how to drive an automobile. Further, you need to evaluate which make of automobile has good reliability -- otherwise, you might end up with a Yugo.:p

    To me, these same factors hold true for security. At the present state of the situation, I believe that I must learn enough about security to enable me to select and use excellent protection -- which is why I hang out here at Wilders. I also believe that I must select security programs based mainly upon TESTED reliability, and not based largely upon merely anecdotal comments.

    Speaking of tests, quite a few have been done within the HIPS/sandbox arena. I will list some of them. If you know of others, please share them with us.

    As is true for all tests, you should consider dates/versions tested, plus "subjective" factors (and yes, ease of use IS a consideration).

    Some test links...
    Gizmo's HIPS tests - DefenseWall had excellent results. Cyberhaw & Prevx1 (expert mode) were close behind it.
    Matousek's recent leak test -- this test includes several firewalls but ALSO includes DSA & SSM, both of which have HIPS & firewall capabilities conjoined.
    Comparison of HIPS capabilities -- not a test. Moreover, the list is caveated as being "beta" in nature. Even so, there is some very useful information.
    List of behavior blockers -- it's just a list but I find it handy for helping me remember some apps that I might otherwise forget; plus it has links to all of them.
    3/2006 Kareldjag article comparing several HIPS
    Article that describes classes of security software -- including HIPS, of course :)
    8/2006 Kareldjag "top HIPS list"

    For AV-Comp's HIPS tests...
    Goto http://www.av-comparatives.org/
    Click "Comparatives"
    Scroll about half-way down the page for following:
    >BufferZone- press release
    >Safe'n'Sec w/antivirus- press release
    >Safe'n'Sec 2.5 HIPS- press release
    >Comparative of various protection tools- report (pdf)

    Links to Kareldjag's comments on specific security apps...
    abtrusion protector http://kareldjag.over-blog.com/11-categorie-69553.html
    abuse shield http://kareldjag.over-blog.com/categorie-69553.html
    all-seeing eye http://kareldjag.over-blog.com/1-categorie-69553.html
    antihook http://kareldjag.over-blog.com/2-categorie-86447.html 7/10
    DefenseWall http://security.over-blog.com/categorie-566881.html
    Ossurance desktop http://kareldjag.over-blog.com/5-categorie-69553.html
    PG vs SSM vs ViGuard http://kareldjag.over-blog.com/2-categorie-69553.html
    Process Guard http://kareldjag.over-blog.com/7-categorie-69553.html
    SafeNsec test http://kareldjag.over-blog.com/3-categorie-86447.html 8/10
    SafePC http://kareldjag.over-blog.com/categorie-86447.html
    Securitask http://kareldjag.over-blog.com/9-categorie-69553.html
    SSM test http://kareldjag.over-blog.com/8-categorie-69553.html 9/10
    ViGuard http://kareldjag.over-blog.com/6-categorie-69553.html
     
  23. tepe2

    tepe2 Registered Member

    Joined:
    Jan 18, 2006
    Posts:
    539
    Thank you guys :)

    Only miss answer to this:

    "When you change to/from sandbox, do you have to reboot with DW, GW and BZ?"

    I know that you dont have to reboot when using Sandboxie.

    One beautiful day in future (not near future) i might try this overkill :)

    Nod32
    Comodo FW
    Prosecurity Pro
    Cyberhawk Free
    DSA
    DW or SB or BZ or GW

    And some On-Demand-scanners

    Overkill ? YES !!! But would be fun to try
     
    Last edited: May 20, 2007
Loading...
Thread Status:
Not open for further replies.