HIPS Programs.

ProSecurity is a bit slow on showing by the GUI componments, but its scrolling operation is not so slowly to find out an app. as you said(15 minutes), maybe your mean is it's hard to scroll to find out an application, but
1. You can use keyboard to find out an app. rule as we find out a file in a file list of explorer.
2. Another feature of PS is you can sort rules by its name/folder and so on[Screenshot].
May these two ways speed up you to find out a rule?
Or if you have other problems while finding a rule, please let me know.
Thanks!


The unstable problems of GUI I found are 3 totally:
1. When you click on a rule and then move the mouse very quickly, the list may select mutil-items.
2. A few drop-down list boxes may be not skined while the gui is opened.
3. When you maximum/resize the window of ruleeditor.exe, it may crash on a few computers.

Or if you have other GUI problems, please let me know.
Thanks!

 

I appreciate developer's response. However, I repeat my offer to prospective users -- try to set wgatray.exe to block & then decide for yourself how slow and unstable the GUI truly is...

*First you have to alphabetize the GUI's application list. To do that you must deal with the GUI's momentary white screens & jerky movements.

*Then, even using developer's suggestion to use the keyboard, hitting "W" will only get you to start of the W's. Then notice how slooow & jerky the GUI moves as you scroll through the W's to reach the wgatray.exe entry.

*Now -- in order to block wgatray.exe, you must set it to "custom" & then uncheck "allow to execute" (a non-intuitive way to do a simple block).

*After you do that, notice on the main GUI that the 3 status columns for wgatray.exe immediately are blanked out. The main screen no longer shows ANY information in the 3 status columns. In other words, the main GUI gives NO indication whatsoever that you have blocked wgatray.exe.

*The only way to find that information for any & all blocked processes is to scroll slowly to each one of them, click on each one of them individually, & then see the information in the bottom panel. The main GUI simply does not reveal that vital information.

Compare the above efforts with the effort needed to do precisely the SAME action on any other HIPS you choose (Neoava, EQsec, SSM, DSA, AbuseShield, OnlineArmor, etc). As you do so, notice how the GUI on those apps zips along, allows easy right-click status changes, & fully reveals the settings & status of all listed processes -- right there in the main GUI where it belongs.

Prosecurity offers superb protection, but configuring it beyond what its install wizard does is too difficult. It's like having the engine of a BMW inside the body of a Yugo.

 

Bellgamin, I don't find the alphabetizing of the application list too bad at all. There is, at least in my case, a bit of herky-jerkyness but not nearly enough to slow the responsiveness appreciably. Jie's suggestion to use the keyboard works well. I run a P4 1.7 GHz, so it's not a powerhouse machine. My other apps are Outpost security suite, NOD32 and Ad Muncher.

The three processes of PS are running at around 20 MB with private byes @ <20 MB and 0 CPU%.

I mostly like what I see, so far. Clearly this is a powerful HIPS, allowing one to tweak to their heart's content.

 

I think people who trial/use ProSecurity should give a fair evaluation about the current GUI.

 

Thanks for your feedback!

 

For your last post, you are welcome

On this note, I would suggest cleaning up some of the grammar in the program's interface. One example is in my screenshot.

Please do not take offense to my comments. It is my "fair" evaluation of the current GUI. Some potential customers could shy away from the product, citing grammar and spelling errors as the reason. I realize that english is not yor first language, but some people are not so forgiving.

In that screenshot, "suggested" could even be changed to "advised".

 

No problems at all with the gui for prosecurity v1.30 no jerkiness at all. Only problem I had was with 140pb1 version got the BSOD right after installation didnt even get to reboot. You don't have to use the wizard you can just let the program add rules as needed as you use your system. The settings I use in the wizard is the one that says my system is infected, even though its not. Takes only 5 min to fully set my system up then no prompts at all. I set learning mode only for 1st reboot then after startup take it off, then I go into the gui to the applications section to make sure nothing was added that shouldnt of been added and a couple of minor tweaks and I'm all set. Program will prompt a bit for my programs that I use, once thats done its all set. Currently using XPproS2 fully patched SuperAntiSpyware on demand, Comodo BOclean, and Returnil.

 

I've got the beta version 1.40 running on two boxes and they're running mean & lean. The only issue I've had is that when PS did not recognize an app, it just prevented it from starting. Windows popped up a msg saying I have no rights to use this program. Wonder why I wasn't warned by PS?

In any case, it's happened enough (when I used free version) that I recognize the alert and open learning mode. Aside from that small glitch, all's well. If that's all I can find wrong w/ an app, I'm delighted

Good Job PS Developer

...screamer

 

Hello Lusher,

Beg to disagree, DefenseWall is a one-man-show and the developer, Ilya Rabinovich, provides very friendly and swift support on his forum.

Regards,
Paulo Mario

 

Thanks for pointing out mistakes! I have changed the "suggested" to "advised" in the PS beta 2 which is released today. Another word "do" maybe not right too, but I need to use this sentence for many kinds of warning, so it can't been changed to "start" simple.

 

I do agree that the jerkyness is a minor problem, but much of what Bellagamin is complaining is also about user preference really. He's obviously more used to SSM style configuration, which I personally find pretty messy, I find ProSecurity's screens more logically and consistently laid out. But that's just me.

I got to agree. If one likes this sort of HIPS (and there are very few who do, barring a few paranoids here), I prefer ProSecurity over SSM.

Plus I've always felt in my bones that PS was probably more secure than SSM (because it had the benefit of being newly written from the scratch, while SSM has layers of evolution which might mean things getting lost in the code) and NicM's tests pretty much confirmed my gut feeling.

I'm not ready to call myself a PS fan but yes I prefer PS to SSM.

 

Hm....

I would prefer an even shorter one :

"If you are expecting this, please allow it, or you are advised to deny it"

 

Yes, that works very well

For me it’s hard to decide. Like Bellgamin, I’m used to SSM so I like it, but I could easily get used to PS’ GUI if I were to use it. As long as the SysSafe ship doesn’t sink, as was the concern for a while, and as long as they can keep close to the competition such as PS and Online Armor (yes, I know that is a tall order), I will happily keep renewing my SSM license indefinitely.

I’m glad to see these HIPS developers pushing the envelope on their product’s effectives, forcing their competition to do the same. It bodes well for the customer.

 

I often see Prevx recommended. Yet a test by AV Comparatives indicated that it missed 5 samples while KIS missed none. I realize the missed samples were added and so all is supposed to be well, but why should one add stuff to the computer when KIS does better?

I would conclude that if I have KIS I do not need Prevx. There were other applications that also caught all of the samples, but so did KIS. Why then use another application?

If we are not careful we just clutter up our systems until some conflict causes problems that would not have happened otherwise, while not providing any more real security.

Regards,
Jerry

 

Indeed, if KIS does it all, then why bother with anything else? I suppose the only real question is whether in fact KIS does it all.

 

I'm impressed with ProSecurity. Seems that developer is bent on fashioning the highest possible security possible and is worth keeping an eye on.

 

"to do" could be changed to the word behavior or the word action, which is more general.

 

I looked at Pro Security and it was too complicated for me.
But I wouldn't hesitate to add it to my collection if somebody would do a tutorial like Blackspear's for NOD32.
I don't pretend to be knowledgeable like the rest of you but I would still like to be able to use the whatever programs I want.
This goes for all of the better security software.
Regards.
Doc

 

Actually, Doc, I think you and I represent 95% of the visitors to Wilders.

About 5% really know their stuff and the rest of us turn up to learn from the wise ones.

I, also, would like to see easy tutorials on the better progs - a good suggestion.

Ian

 

I completely understand that assessment. I was intimidated/confused with System Safety Monitor's settings too when it first came out, ProSec is no different.
Being a full-blown HIPS, they ALL require some serious study just to find ALL the needed settings although they seem to have simplified matters a lot plus Learning Mode gives you a lift in the right direction.

EQSecure 3.4 right now has my confidence but the others are quite adequate and suffice it to say ProSecurity has made huge strides in it's protection/interception feature. Like anything, they do require some learning about their working and not just an overnight crash course in it's operation.

 

I am using NOD32 and running DSA alongside it and they seem to work nicely together. Of the HIPS I have tried, DSA seems the easiest to learn. And it does fairly well against most types of malware.

http://www.privacyware.com/dynamic_security_agent.html

http://membres.lycos.fr/nicmtests/Dynamic-Security-agent-tests/DSA_index.htm