HIPS applications

Which one do you use, which one do you recommend etc.

 

in one of my computers i have DefenseWall hips and i can personally recomend it cause it is very easy to use and strong protection,seperating your system from new introduce programs
also malware defender is also good and strong but if you dont mind to answer some pop ups

 

Defense+
OSSS
Online Armor
Malware Defenser
EqSecure
System Safety Monitor ( discontinued )

Are real, complete HIPS ( I'm sure I'm forgetting someone else...

 

I use OA premium and very pleased

 

Im thinking of trying out Sandboxie with DefenseWall, but I wanted to ask: How would you rate Kaspersky 2010s HIPS among all the ones listed in this thread?

 

What is SRP?A security software?

 

I used comodo and EQSecure in the past.But they both have some problems,so I give up.I am waiting for RTD .

 

all these are great hips softwares..

My favourites are (in order):
1. Malware defender
2. Defense+
3. Online Armor

after there is RealTimeDefender, SystemSafetyMonitor..but they're discontinued, as posted before..

 

the best hips according to all major tests site is comod D+
its also totally free, and can set up easily

 

Software Restriction Policy
Overview here:
http://technet.microsoft.com/en-us/windows/cc507878.aspx

 

What sites are those then?

Per the OP it depends on your level of expertise.

If your reasonably new to HIPS and want to cut down on pop-ups I'd go for OA with its simple prompts and comprehensive white list. Great support and continued product development. I use it on the family PC as its so quiet.

If you know what you are doing and want real granularity Malware Defender is brilliant IMO. Lots of good posts on these forums about set-up/configuration. Torchsoft are a bit of a one man band but support from Xiaolin is excellent. Use it on my own laptop 'cause I like to tinker with the rules to see what it can achieve. Good fun!

D+ is good too but you might find like me a little pop-up happy. Again lots of opinions throughout these forums on the merits of this one.

Cheers

 

(The free and currently maintained ones...)

PCTools Firewall: Actually pretty good. Doesn't seem to detect keyloggers though. A little popup-heavy at times.

Online Armor Free: A bit spammy with the popups, but very thorough. Did bluescreen me once when I tried it - didn't like when I tried to run Gmer, IIRC. Not only detects keyloggers, gives you a separate list for them. Generally quite nice.

Comodo Defense+: Not too spammy if set up right, and very tweakable. However... Much as I hate to say it, trust is a big issue here, and I do not trust Comodo at all. They're making money by giving bogus legitimacy to rogue software makers - can you trust them to block the same rogues that they're supporting? I'm not willing to find out the hard way.

Privatefirewall: Buggy. On Windows XP, it gives me a blank popup window with nothing but an "OK" button about every thirty seconds.

Outpost Free: Don't know much about it - the one time I used it, the whole "Outpost News" advertising thing (which IIRC it was keeping a port open for!) put me off. There might be a way to disable that at install time, not sure. Could be worth looking into anyway.

Usec Systemshield: Little known and for good reason. Avoid.

Threatfire: Behavior-based. Not too popup-heavy even when set to level 5 ("paranoid"). Not sure how it fairs at lower levels, I would just set it 5 and leave it there.

IOBit 360: Behavior-based. Heuristics is disabled by default, but can be enabled in the free version. Not really sure how it compares to Threatfire.

 

Try Malware Defender. It is #1 by a wide margin in my book. And yes, I've tried everything else that's out there.

 

Online Armor's HIPS, if configured right, is quiet, believe it or not By configured right ... I mean run Safety Check Wizard at least once a month ... make sure anything you know, everyday applications, aka Internet Explorer, Firefox, etc, make sure they do not remain as Untrusted in the Programs section. Of course if you are not sure about a newly added application, leaving its status as Untrusted is a good idea, you can see if it is doing anything suspicious (you will be flagged for every action). Unknown status is giving an application continual "Annoying" pop-ups status, basically.

 

Under Program- Options check "Run Safer unknown programs by default"

 

Do you guys know of any HIPS applications with logging capabilities that are as good as KIS. One of the features I like in KIS is that you can see what files/registry keys an applications created, modified, deleted, etc as well as other features in its logs. I may start using Defense+, Malware Defender or DefenseWall but am still in the process of deciding, and having that amazing logging capability is something that I really want.

 

Malware Defender's logging capabilities are superb. It can show you everything that's happening.

 

I use Malware Defender and have used Online Armor in the past,both work well and not hard to setup and enjoy the net.

 

Comodo can distinguish Writing and Reading .I can't set a rule for a application to prevent it writing or reading accurately.

I think EQSecure and MD are best.They both can set some accurate rule to limit apps.

 

Thank you.

SRP seems not to support Folder Protection.If I want to stop writing some information into a folder,SRP can't help me.

 

Even though it's no longer supported, System Safety Monitor is a very well designed HIPS. The free version works on 98FE through XP-SP2. The pro version works on 2K thru XP-SP3, not sure about Vista. Vitali did release a lifetime license for the paid versions. I've used every version of SSM since its early days. It's at the core of my defenses and I will use it on any OS that it's compatible with.

I'm not familiar with KIS, but SSM does have some pretty extensive logging. See this thread.

 

Appguard seems to have very good logging. See the appguard in the cloud thread.

 

AppRanger?

 

I use Spyware Terminator. Saw a video of it and it blocked everything.

 

Classical HIPS - MalwareDefender

Policy based HIPS - DefenseWall

Both currently under active development and offer excellent protection with top notch support.