HIPS/Behavior blocker for me

Hello,

I've been looking for a HIPS or behavior blocker of some sort to complement Dr.Web and KPF. I've tried many but they all seem to be asking too much, I don't want to be that specific about program restrictions and rules that I need to click if some basic exe is allowed to run or not(and similar alerts that I have to click trust_it 20 times per day). I liked threatfire but dumped it when the AV-functionality was integrated to it.

Is there anything like Cyberhawk(I could use but can't find it nowadays)was or some less intrusive HIPS program available? Or a HIPS that I can configure to be not _that_ accurate without it complaining that my system is not properly protected. I liked EQSecure but didn't like the fact that I couldn't disable checking if some other program is placing new files to disk .. annoys the hell out of me when installing new programs, updating AV, etc. All these need to specifically allowed.

And of course.. it should be freeware

Thanks

 

You could try Real-time Defender. Just use the search function on this forum and you will find LOTS of stuff on HIPS and Behaviour Blockers.

 

Little free program here : Dynamic Security Agent (DSA) from Privacyware,..compliments av/firewall.

 

The best sw for your request would be Mamutu, not a complete HIPS, an IDS really, but it's not freeware.

 

I was gonna suggest that. But he said freeware

 

I agree RTD might be good if your sure the systems clean and can live with running it in learning mode for a while. I ain't no expert so need something that asks some fairly straightforward questions. RTD fits that description but like all HIPS needs a little effort at the start.

If it needs to be free you could always consider shifting firewall to CFP or OA, again learning/clean PC modes cut down on pop-ups but I would guess these are among some of the others you will have tried.

For quiet and secure Mamutu is great but it costs too much for me when there are free alternatives like Threatfire or Drive Sentry.

Cheers

 

See this thread to download an older version of Threatfire (before AV was integrated): Seeking old Threatfire version

 

Hi,

Freeware, On Demand (it use heuristic to detect ): RemoveAny v2.3.6.

http://heavenward.ru/removeany.php

Attention: to think BEFORE your removal ...
Look also on thread: " Your NEW BEST Free Softwares Anti-Malware and Windows cleaners..." (- Software and Services ).

Your PROROOTECT

 

I'll try the old Threatfire, thanks to everyone

 

risl if i was you , i was going for RTD , which is free and got top score even in firewall challenge >> http://www.matousec.com/projects/firewall-challenge/

its the best bulet proof of all hips according to tests made in here.
try but not have to buy

cheers

 

Cyberhawk http://www.freedownloadscenter.com/Utilities/Anti-Virus_Utilities/Cyberhawk_Download.html

 

Yes but the problem is that their website is down and I can't find a download link for it

 

OT -- it's NOT a behavior blocker. Interesting little app, however.

 

Found the link on comodo forum: https://forums.comodo.com/empty-t26253.0.html;msg190739

 

Have you tried the free version of SSM? It works great with Kerio 2.1.5. The free version is much less complicated than the paid version. Unlike the free versions of some other paid software, it is not a weakened down or feature disabled copy of the paid version. With SSM, the free version is the original and is completely different than the paid version. In my opinoin, it's also set up better and is easier to navigate. I've had good results using it with Kerio 2 on several versions of Windows, from 98FE thru XP-Pro.

The free version doesn't have to be configured in detail. It's when the "block everything (paranoiac setting)" is used that you're asked about everything. When the program behavior is set to "block process creation", you don't have to specify the parent-child settings and other advanced options unless you want to. You can disable any or all of the modules if you choose. It's completely up to you how detailed or simple the configuration is. When used with Kerio, it's one of the lightest security packages around, and a very effective combination.

 

Just weighing in here.

Early version TF might be suitable as well as Cyberhawk early releases. So far as HIPS go, you have a few of them quite up to the task of rock solid prevention: EQS, SSM, RTD, that i know are pure classical HIPS and 100% free the last time i checked.

Your topic only confirms for me again like so many times before that there exists a real need for developers, freelance or commercial, to advance their own design of making Behavioral Blockers.

EASTER