HIPS for Vista

Hi there,

I am new here (have been a lurker for ages though). For a long time I have used SSM under XP and am quite happy. I now use vista full time, and SSM is working quite well from what I can tell.

What I want to know though, is I have read that for a lot of security software, it is hard to them to write software properly to interact and hook (I think that is the term) into the Kernel properly.

What HIPS software is out there that gives really good protection to a Vista OS, and is SSM still a good option for me? What I am concerned about, is SSM has not been getting much love in terms of updates, and I worry that since it is a program that was primarily based around XP, does it really still stand up well in Vista?

Thanks

 

Threatfire (free) is a pretty good option. Defensewall (non-free) also works in Vista and is highly regarded.

I use a driverless Dynamic Security Agent installation in Server 2008 RC and it works very well. The firewall component isn't functional but it blocks leaktests, driver installations and system file access.

 

Prevx2 works on Vista.

SSM and Prosecurity have a beta for Vista.

 

Per Vitali, SSM is due for an update this month (Nov). In any event, unlike blacklist-based security apps, a HIPS app does not need frequent updates.

As to classical HIPS that run on Vista, one is (as you know) SSM. Another is ProSecurity 1.4, beta 3.

There have been no recent objective tests of HIPS that I know of. I have used SSM for many moons & have never been infested. (By the same token, I have used Mennen aftershave for years, & have never been attacked by crocodiles.)

 

IMO, if you have User Account Control (UAC) turned on you don't need any other HIPS applications (UAC is very HIPS-like). I've had most of those mentioned by others on my Vista install and they never made a peep. Why waste the resources when UAC does such a great job of controlling driver/program installs?

Later.