looking for a simple HIPS

Are there any HIPS comparable to ProcessGuard free? I dont need it to alert on everything, execution of applications would be enough.

 

Most HIPS allow to disable features that you don't use.

 

Prosecurity free is pretty quite here. Only seams to alert me when something wants an internet connection that has not tried to do so yet.
But looking at their tables of free vs paid free also offers "Load Applications"

 

Hey WSFuser,
We know basically the same programs i guess, so i'll just share a few thoughts.
I use SSM free when in XP. No modules or anything. Disconnect ui has few rivals, or none at all imo.

I tried Abtrusion Protector recently, and it seems to have what AE is missing - easy to install programs. I had a problem last time i used it, but i think it wasn't AP fault.
You don't have to turn it off, just right click the exe and choose Abtrusion... then select allow to execute and to install, or instead of the latter, enter install mode, choose a name for the package (all installed dlls, exes and so on fall in this group) and install. Only the program you selected is allowed to execute and install (besides your existing whitelist of course).
You have a block list you can use.
The problem is it has a few annoying bugs, and it's only locked when in limited account. SuRun didn't solve the problem, although i didn't try the latest.
Overall i wouldn't use it daily, but i found its approach and flexibility great. It would just need maintenance - read updates.

Now trying latest GSS , seems stable but not finished. You know how it works mostly.

 

Hi,

I will advice you to use Online Armor in Standard mode, you can uninstall the firewall part during intall process.

Regards,

MaB

 

I'm also looking for a simple HIPS, but unfortunately this doesn't seem to exist. OA is anything but simple, even with the firewall disabled, and there is no HIPS with a reduced number of facilities.
Unfortunately even if I disable the features of a HIPS, the hooking part still remains there, and I don't like that...

 

Im currently trialing SSM free since its seems simple enough compared to the full paid version. I also turned off the modules.

I turned on learning mode briefly, and ran every app I normally run, then turned it off. Lets see how it goes.

 

The easiest i can think of is prevx.

 

For something paid I agree that Prevx is a very simple HIPS and a nice one. I like ThreatFire too, but there can be a few pop ups when installing new software. Still it's usually a very quiet Behavioral HIPS that ran quite well for me. I now use Mamutu that I got from Giveawayoftheday, and for 19.99 it's pretty nice. Mamutu has a 30 day trial, and I have no problem understanding or using it.

 

I would use Prevx but I want to at least trial it first which isnt possible.

 

At install time, ProSecurity will learn your system's set-up & peculiarities so thoroughly that there are very few pop-ups thereafter. Naturally this isn't a good thing to allow UNLESS you are certain that your system is clean.

Also, PS enables you to easily put it into install mode. You can readily go into install mode, even AFTER installing has started. Naturally this is a dangerous thing to do UNLESS you are certain that the program you are installing is clean.

Threatfire is another good choice.

 

Did they dump the idea where you could use Prevx2 until it found malware and then a 30-day timer started? I did not see it mentioned on their site and it is difficult to get to the home version of Prevx2 .

 

@innerpeace, yes they dumped that idea many months ago.

 

WSFUser,

Try ThreatFire or DefenseWall fo rreally easy HIPS. You can also use the HIPS of SpywareTerminator (basic AE which scans yor harddisk fo rexisting aps).

 

Its obvious that Threatfire would be one of the very simplest and most effective,but the more complicated,time wasting solutions are generally recommended.

Why-I suppose because people like to tweak and deep down doubt that something with so few pop ups can be so effective.

 

Does TF now come with execution control?
Last time i tried it, you know, it didn't.
Why monitor behavior if i block anything from running.

 

Hi WSFuser! Seems u want to avoid too many pop ups.

OA is best for this purpose- like PG but much better than that.
Other option is PS free but limited as compared to OA.
BTW u can configure EQS to pop up only on execution and watever else u like, very configurable. Has a silent mode too.

I wont choose SSM free, OA n EQS much better than that. If u really want to avoid pop ups TF is too good.

 

Maybe Ill reconsider OA once it has something similar to SSM's "Disconnect UI".

But I do prefer SSM's GUI more anyways. Plus I can selectively disable any feature.

 

Yep, I miss Disconnect UI in OA.

 

Defensewall. It simply restricts the privileges of anything running on your pc by making the files untrusted. While untrusted they are not permitted to access or write to critical area's of your pc. Only if you run the file as trusted will the file be able to behave normally. I didn't 'get it' to start with, but now I understand the concept, it's utterly brilliant! And very few popup's. That's very nice.

Take for example running your web browser untrusted. Anything downloaded through the web browser is also untrusted and can't do any damage. If I had purposely downloaded a file, all I do is an on-demand virus scan(or on-line) of the file and confident it's clean I right click the file and run as trusted. DW also has a rollback feature which allows you to remove any files, folders and registry entries created after a selected point(you select the point you want to roll back to).

Sorry if you knew this already but just trying to explain briefly how it works.

muf

 

I'd choose a free classical HIPS and disable everything but the execution control. There's no better choice.
We will miss the simple execution control of PG free.