HIPS/Behavior blocker for me

Discussion in 'other anti-malware software' started by risl, Oct 11, 2008.

Thread Status:
Not open for further replies.
  1. risl

    risl Registered Member

    Joined:
    Dec 8, 2006
    Posts:
    581
    Hello,

    I've been looking for a HIPS or behavior blocker of some sort to complement Dr.Web and KPF. I've tried many but they all seem to be asking too much, I don't want to be that specific about program restrictions and rules that I need to click if some basic exe is allowed to run or not(and similar alerts that I have to click trust_it 20 times per day). I liked threatfire but dumped it when the AV-functionality was integrated to it.

    Is there anything like Cyberhawk(I could use but can't find it nowadays)was or some less intrusive HIPS program available? Or a HIPS that I can configure to be not _that_ accurate without it complaining that my system is not properly protected. I liked EQSecure but didn't like the fact that I couldn't disable checking if some other program is placing new files to disk .. annoys the hell out of me when installing new programs, updating AV, etc. All these need to specifically allowed.

    And of course.. it should be freeware :)

    Thanks :D
     
    Last edited: Oct 11, 2008
  2. BrendanK.

    BrendanK. Registered Member

    Joined:
    Jun 23, 2008
    Posts:
    520
    Location:
    Australia
    You could try Real-time Defender. Just use the search function on this forum and you will find LOTS of stuff on HIPS and Behaviour Blockers.
     
  3. Meriadoc

    Meriadoc Registered Member

    Joined:
    Mar 28, 2006
    Posts:
    2,642
    Location:
    Cymru
    Little free program here : Dynamic Security Agent (DSA) from Privacyware,..compliments av/firewall.
     
  4. blacknight

    blacknight Registered Member

    Joined:
    Sep 25, 2007
    Posts:
    2,433
    Location:
    Europe
    The best sw for your request would be Mamutu, not a complete HIPS, an IDS really, but it's not freeware.
     
  5. BrendanK.

    BrendanK. Registered Member

    Joined:
    Jun 23, 2008
    Posts:
    520
    Location:
    Australia
    I was gonna suggest that. But he said freeware :ouch:
     
  6. chris1341

    chris1341 Guest

    I agree RTD might be good if your sure the systems clean and can live with running it in learning mode for a while. I ain't no expert so need something that asks some fairly straightforward questions. RTD fits that description but like all HIPS needs a little effort at the start.

    If it needs to be free you could always consider shifting firewall to CFP or OA, again learning/clean PC modes cut down on pop-ups but I would guess these are among some of the others you will have tried.

    For quiet and secure Mamutu is great but it costs too much for me when there are free alternatives like Threatfire or Drive Sentry.

    Cheers
     
  7. Firebytes

    Firebytes Registered Member

    Joined:
    May 29, 2007
    Posts:
    903
    See this thread to download an older version of Threatfire (before AV was integrated): Seeking old Threatfire version
     
  8. PROROOTECT

    PROROOTECT Registered Member

    Joined:
    May 5, 2008
    Posts:
    1,102
    Location:
    HERE ...Fort Lee, NJ
    Hi,

    Freeware, On Demand (it use heuristic to detect ): RemoveAny v2.3.6.

    http://heavenward.ru/removeany.php

    Attention: to think BEFORE your removal ...
    Look also on thread: " Your NEW BEST Free Softwares Anti-Malware and Windows cleaners..." (- Software and Services ).

    Your PROROOTECT
     
    Last edited: Oct 11, 2008
  9. risl

    risl Registered Member

    Joined:
    Dec 8, 2006
    Posts:
    581
    I'll try the old Threatfire, thanks to everyone :)
     
  10. demoneye

    demoneye Registered Member

    Joined:
    Dec 30, 2007
    Posts:
    1,356
    Location:
    ISRHell
    risl if i was you , i was going for RTD , which is free and got top score even in firewall challenge >> http://www.matousec.com/projects/firewall-challenge/

    its the best bulet proof of all hips according to tests made in here.
    try but not have to buy :cool:

    cheers
     
  11. emperordarius

    emperordarius Registered Member

    Joined:
    Apr 27, 2008
    Posts:
    1,218
    Location:
    Who cares
  12. risl

    risl Registered Member

    Joined:
    Dec 8, 2006
    Posts:
    581
    Yes but the problem is that their website is down and I can't find a download link for it :mad:
     
  13. bellgamin

    bellgamin Very Frequent Poster

    Joined:
    Aug 1, 2002
    Posts:
    5,648
    Location:
    Hawaii
    OT -- it's NOT a behavior blocker. Interesting little app, however.
     
  14. virtumonde

    virtumonde Registered Member

    Joined:
    Jan 18, 2008
    Posts:
    501
  15. noone_particular

    noone_particular Registered Member

    Joined:
    Aug 8, 2008
    Posts:
    3,798
    Have you tried the free version of SSM? It works great with Kerio 2.1.5. The free version is much less complicated than the paid version. Unlike the free versions of some other paid software, it is not a weakened down or feature disabled copy of the paid version. With SSM, the free version is the original and is completely different than the paid version. In my opinoin, it's also set up better and is easier to navigate. I've had good results using it with Kerio 2 on several versions of Windows, from 98FE thru XP-Pro.

    The free version doesn't have to be configured in detail. It's when the "block everything (paranoiac setting)" is used that you're asked about everything. When the program behavior is set to "block process creation", you don't have to specify the parent-child settings and other advanced options unless you want to. You can disable any or all of the modules if you choose. It's completely up to you how detailed or simple the configuration is. When used with Kerio, it's one of the lightest security packages around, and a very effective combination.
     
  16. EASTER

    EASTER Registered Member

    Joined:
    Jul 28, 2007
    Posts:
    5,633
    Location:
    U.S.A. (South)
    Just weighing in here.

    Early version TF might be suitable as well as Cyberhawk early releases. So far as HIPS go, you have a few of them quite up to the task of rock solid prevention: EQS, SSM, RTD, that i know are pure classical HIPS and 100% free the last time i checked.

    Your topic only confirms for me again like so many times before that there exists a real need for developers, freelance or commercial, to advance their own design of making Behavioral Blockers.

    EASTER
     
Loading...
Thread Status:
Not open for further replies.