HIPS Question

Discussion in 'other anti-malware software' started by markcc, Oct 4, 2008.

Thread Status:
Not open for further replies.
  1. markcc

    markcc Registered Member

    Joined:
    Apr 8, 2008
    Posts:
    185
    Location:
    Michigan, usa
    I'm re-thinking my security set-up & need some advise. How important is a HIPS type program? If I were to use Look N Stop firewall & NAV 2009 or Avira, would that be an safe system? Alot of firewalls & some AV's have a HIPS built in. Would Online Armor with it's built in HIPS cause problems with NAV 2009 which I think has some kind of HIPS built in?

    Sorry to be jumping around, I'm just trying to understand the different ideas about security.
     
  2. jmonge

    jmonge Registered Member

    Joined:
    Mar 20, 2008
    Posts:
    12,883
    Location:
    Canada
    if you are an experience user you could do good with only a firewall and a well configure hips that can be able to protect your files,registry and apps in real time:thumb:
     
  3. bellgamin

    bellgamin Very Frequent Poster

    Joined:
    Aug 1, 2002
    Posts:
    5,648
    Location:
    Hawaii
    Norton's HIPS-type program is Antibot, a re-branded version of Primary Response SafeConnect, an excellent behavior blocker.

    AFAIK Antibot is NOT included with NAV 2009. Therefore, there shouldn't be any problem with running Online Armor (OA) and NAV together in real-time. The same holds true for running OA and Avira together.

    As to your question concerning the importance of a HIPS in your security set-up, be aware that an antivirus program *primarily* is signature/blacklist-based & thus does not afford good protection against malware that is so new that there are not yet any signatures to spot it. A HIPS can often spot new malware based on suspicious activities. Therefore, it can often alert you to new (no signature) malware.

    Be aware, however, that a HIPS merely alerts you to suspicious (malware-type) behavior on the part of a given process. YOU must make the decision as to whether that process should should be stopped, or allowed to continue.

    So using a HIPS is a wise move. Of equal or greater importance, however, is that your security also include: (1) an SPI-capable router plus (2) disk imaging software.
     
  4. vijayind

    vijayind Registered Member

    Joined:
    Aug 9, 2008
    Posts:
    1,413
    HIPS is for proactive and 0-day malware protection. So analyze your threat perspective and the amount of resource you are ready to shed.

    If you don't venture too much into the dark, a good AV/AS product should still suffice. Most AV suites like KIS 2009, NIS 2009, F-Secure 2009, Panda 2009, etc. and firewalls like OA, Comodo, Look'n'Stop, ZA, etc. already have atleast some basic behavioral blockers/HIPS, which should be sufficient for Average Joe.

    But if you are pro user, who is in the line of sight of malware. IMO,using some professional HIPS software would be best.
     
Loading...
Thread Status:
Not open for further replies.