HIPS question

Discussion in 'other anti-malware software' started by Hugger, Jan 16, 2008.

Thread Status:
Not open for further replies.
  1. Hugger

    Hugger Registered Member

    Joined:
    Oct 27, 2007
    Posts:
    1,003
    Location:
    Hackensack, USA
    I've been reading the HIPS thread as well as a few others, and have a question about the different types of HIPS programs.
    It seems that there are the HIPS that require a lot of user knowledge, such as SSM, AE etc..
    Then there are the HIPS with firewalls. Or are they the firewalls with HIPS.
    The really easy to use, Safety Button type such as Defensewall.
    Also I think Prevx and Threatfire fall in here somehow.
    Some of these are good performers with leaktests.
    Others aren't even tested that way.
    So how about some input so that the novices and still-to-be-educated can make good decisions.

    In the HIPS thread, AE and EQ and some others are described as being virtually foolproof.
    But what about all the other HIPS out there.
    I've looked at the old comparison table at Castle Cops. It's good but not quite what I was hoping to find.
    Thanks for any input.
    Hugger
     
  2. aigle

    aigle Registered Member

    Joined:
    Dec 14, 2005
    Posts:
    11,047
    Location:
    Saudi Arabia/ Pakistan
    None of them is fool proof BTW. Castlecops classification is rather confusing. IMO:

    1- Classical HIPS( Anti-executable plus possible Registry defence & File defence): ProSecurity, SSM, EQS, NG, AD & RD, CFP Defence+ etc
    2- Behav Blockers: TF, PRSC, Mamutu, Prevx etc
    3- Sandboxes: GesWall, DefenceWall, Sandboxie, BufferZone, SafeSpace etc
     
  3. ProSecurity

    ProSecurity Registered Member

    Joined:
    Dec 13, 2007
    Posts:
    123
    Hello aigle!

    To your knowledge, which HIPS covers the most threat vectors?
     
  4. Hugger

    Hugger Registered Member

    Joined:
    Oct 27, 2007
    Posts:
    1,003
    Location:
    Hackensack, USA
    That's a good question.
    Also, Aigle-thanks.
     
  5. aigle

    aigle Registered Member

    Joined:
    Dec 14, 2005
    Posts:
    11,047
    Location:
    Saudi Arabia/ Pakistan
    Hello, I am not an expert at all, just an ordinary user. IMO total coverage needs anti-executable, registry defence and especially file dfence, all in all. But such defence is painful to set.

    Best option will be a sandbox, no popups and strong protection!
     
  6. ProSecurity

    ProSecurity Registered Member

    Joined:
    Dec 13, 2007
    Posts:
    123
    Hello again, aigle!
    I have been waiting for your reply.
    I have no need of an "expert" opinion.
    Yours will do quite nicely, as my question was structured to be as objective as possible, to dodge the censors on the right and the fanatics on the left.
    So, once again, to your knowledge, which of these HIPS covers the most threat vectors?
    I am somewhat partial to SSM Pro, however having been disappointed in the past, I am loathe to buy another security software without more information.

    Thanks very much,
    Alex.
     
  7. aigle

    aigle Registered Member

    Joined:
    Dec 14, 2005
    Posts:
    11,047
    Location:
    Saudi Arabia/ Pakistan
    If u go for classical HIPS, ProSecurity has proved itself to be the winner without any doubts( I haven,t used it though).

    For sandboxes there are many good choices: Sandboxie, DefenceWall, GesWall.
     
  8. ProSecurity

    ProSecurity Registered Member

    Joined:
    Dec 13, 2007
    Posts:
    123
    aigle, when I created my account here I spent many minutes trying to find a suitable ID because IMO all the good ones were taken.
    Now you are going to tell me some BS about ProSecurity being "the winner without any doubts".
    I wasn't born yesterday, aigle, and without a supporting post from someone else I am afraid I must discount your position.

    Nevertheless, thanks for your input.

    Much appreciated. :)
     
  9. aigle

    aigle Registered Member

    Joined:
    Dec 14, 2005
    Posts:
    11,047
    Location:
    Saudi Arabia/ Pakistan
  10. ErikAlbert

    ErikAlbert Registered Member

    Joined:
    Jun 16, 2005
    Posts:
    9,455
    Aigle is right, no security is foolproof. I'm not an expert, but I'm not stupid either.
    I don't trust any of my security softwares to keep my computer clean. Layered security is just another way to say the same thing, when one security software fails, another security software might do the job.
    I just use them to save the period between 2 reboots as good as possible.
     
  11. Hermescomputers

    Hermescomputers Registered Member

    Joined:
    Jan 9, 2006
    Posts:
    1,069
    Location:
    Toronto, Ontario, Canada, eh?
    Yep, just another easy buttons seeker!
    Layers, work! :) But requires user intelligence (which is often what doesn't work)
     
  12. Hugger

    Hugger Registered Member

    Joined:
    Oct 27, 2007
    Posts:
    1,003
    Location:
    Hackensack, USA
    Thanks to those of you who helped with positive info.
    Hugger
     
Loading...
Thread Status:
Not open for further replies.