Need a HIPS program

Discussion in 'other anti-malware software' started by Lasse88, Jun 25, 2007.

Thread Status:
Not open for further replies.
  1. Lasse88

    Lasse88 Registered Member

    Joined:
    Jun 25, 2007
    Posts:
    14
    Who knows a good HIPS program (a free one)




    (i hope its the rigth forum i posted in)
     
  2. WSFuser

    WSFuser Registered Member

    Joined:
    Oct 7, 2004
    Posts:
    10,632
    ProSecurity and SSM have free versions.
     
  3. walking paradox

    walking paradox Registered Member

    Joined:
    Feb 9, 2007
    Posts:
    234
    This probably belongs in the anti-malware section. As for your question, you might want to take a look here. It provides a fairly extensive comparison of most HIPS programs out there and lists whether there is a free version in the 'License' row.
     
  4. acr1965

    acr1965 Registered Member

    Joined:
    Oct 12, 2006
    Posts:
    4,954
  5. innerpeace

    innerpeace Registered Member

    Joined:
    Jan 15, 2007
    Posts:
    2,095
    Location:
    Mountaineer Country
    If your looking for a basic, beginner type HIPS then Winpatrol is nice. The paid version has real-time protection, but the free version 'polls' the system every so often for changes. You can change how often the areas are 'polled'. This was my first HIPS :)
    http://www.winpatrol.com/
    http://www.winpatrol.com/features.html
     
  6. aigle

    aigle Registered Member

    Joined:
    Dec 14, 2005
    Posts:
    11,047
    Location:
    Saudi Arabia/ Pakistan
    EQSecure, though it,s beta!
     
  7. EASTER.2010

    EASTER.2010 Guest

    I give a BIG thumbs up to both SSM & EQSecure 3.3

    Really good HIPS but both require study but not so difficult once you review ALL the settings/rules.

    You can use safe leaktests as a starter to observe the capture of anything attempting to run without approval, make your decision, rule is then set.

    Very educational AND automatic then.

    If you're in a hurry an desire an automatic HIPS word has it Prevx is formidable in that department with little or no interaction from user.
     
  8. xuesisi

    xuesisi Registered Member

    Joined:
    Mar 2, 2007
    Posts:
    71
    ProSecurity and EQSecure

    But i like TINY
     
  9. Mele20

    Mele20 Former Poster

    Joined:
    Apr 29, 2002
    Posts:
    2,495
    Location:
    Hilo, Hawaii
    Someone have a link to EQSecure? All I get is Japanese or Chinese (not sure which) websites when I google it.
     
  10. stapp

    stapp Global Moderator

    Joined:
    Jan 12, 2006
    Posts:
    7,267
    Location:
    England
  11. Arup

    Arup Guest

    Pro Security is very good and does well in tests, even the free one.
     
  12. LUSHER

    LUSHER Registered Member

    Joined:
    Feb 28, 2007
    Posts:
    440
    I disagree. The free version of PS sucks. Get the full version.
     
  13. gerardwil

    gerardwil Registered Member

    Joined:
    Jan 17, 2004
    Posts:
    4,748
    Location:
    The Netherlands
  14. Kerodo

    Kerodo Registered Member

    Joined:
    Oct 5, 2004
    Posts:
    7,779
    Did you say the free version of PS sucks?? :eek:

    I disagree with your disagreement, the free PS is fine.
     
  15. bellgamin

    bellgamin Very Frequent Poster

    Joined:
    Aug 1, 2002
    Posts:
    5,648
    Location:
    Hawaii
    Can anyone list the major differences between PS non-free and PS free?
     
  16. aigle

    aigle Registered Member

    Joined:
    Dec 14, 2005
    Posts:
    11,047
    Location:
    Saudi Arabia/ Pakistan
  17. Kerodo

    Kerodo Registered Member

    Joined:
    Oct 5, 2004
    Posts:
    7,779
    Here's the feature comparison from their site:

    http://www.proactive-hips.com/diffedition.php

    The non-free does quite a bit more, however, the free is fine for my needs here... others may have different ideas naturally... :)
     
  18. acr1965

    acr1965 Registered Member

    Joined:
    Oct 12, 2006
    Posts:
    4,954
    Would someone post some of the advantages/disadvantages of using EQsecure over DSA? I also am running NOD32 and Comodo fw (for the moment).
     
  19. LUSHER

    LUSHER Registered Member

    Joined:
    Feb 28, 2007
    Posts:
    440
    Yeah the lack of physical memory protection is a dealbreaker for me. YMMV.
     
  20. bellgamin

    bellgamin Very Frequent Poster

    Joined:
    Aug 1, 2002
    Posts:
    5,648
    Location:
    Hawaii
    EQSecure is a broad-scope HIPS. DSA is a hybrid firewall/HIPS, with only limited HIPS capabilities.
     
  21. Kees1958

    Kees1958 Registered Member

    Joined:
    Jul 8, 2006
    Posts:
    5,857
    DSA
    You determine which programs are allowed to execute and which are allowed to initiate internet traffic. All other critical area's mentioned in this link http://wiki.castlecops.com/Host_Intrusion_Protection_System_-_Comparison
    the makers of DSA have figured out what is of potential risk or not. Whwn violated it throws a pop-up.

    Benefits: easy to use and you profit of the knowledge of the makers of DSA.

    EQSecure
    Complete protection on three major aspects: applications, registry and file protection. Each aspects has clickable items on which you can choose to be protected (e.g. protection against keylogger) from. Rules can be defined on three levels (system wide, allow exceptions and blocklist). Although it has learning mode and some comes with a rule set, the user is left to his/hers own knowledge to set up protection.

    Benefits: for power users the granular configurable control and the strength of protection (on average it really protects against what it promises, what is quite astonishing in security software :doubt: )

    When you are behind a hardware firewall and have average security knowledge you could replace Comodo Firewall with DSA and still have stronger overal protection with no added complexity.

    When you are a power user EQS would be the ideal companion of your current set up.
     
  22. aigle

    aigle Registered Member

    Joined:
    Dec 14, 2005
    Posts:
    11,047
    Location:
    Saudi Arabia/ Pakistan
    BTW I feel that file protection module makes my ystem slow as obviously many read/ write operations are filtered through EQS.
    I think I might not use this feature most of time. Execution protection and start up registry protections is sufficient mostly.
     
  23. Kees1958

    Kees1958 Registered Member

    Joined:
    Jul 8, 2006
    Posts:
    5,857
    Aigle,

    I only limited this to the Windows and OS directories for executable like files for update (not create and deletes, since malware has more benifits of changing sources than deleting programs). This did not seem to slow down our PC. What really slows down EQS is MD5 checking.

    Have you thrown your advanced HIPS test set on A2 with IDS with intelligent false positive reduction OFF allready or were you so disappointed by the few test you did wth worms that you do not bother any more. All I can see that I did some sampling testing (BO, data and DLL injection, some trojan tests, driver installation, unwanted outbound traffic initiation, etc) on A2 and it passed them all.

    regards Kees
     
  24. EASTER

    EASTER Registered Member

    Joined:
    Jul 28, 2007
    Posts:
    5,632
    Location:
    U.S.A. (South)
    EQS 3.4 is proving out so far to be quite the repellant against attacks, of that my confidence is been bumped up several notches, but i also favor SSM. There was once a time i ran BOTH when EQS was in 3.3 beta and they ran stable even at the expense of duplicate protections some frown at.

    Now i use EQS 3.4 "OR" SSM (Full) and am wholeheartily and completely satisfied with their results.

    DSA is also a really nice compliment but i would like to see them improve and update it further.
     
  25. lucas1985

    lucas1985 Retired Moderator

    Joined:
    Nov 9, 2006
    Posts:
    4,047
    Location:
    France, May 1968
    IMO, a rule-based firewall with a tight ruleset, a integrity checker with scheduled scans and a sandbox is all the security you will ever need if you:
    - Use up-to-date software (OS, browser, Java, media players, doc viewers, etc)
    - Harden the OS and lockdown IE.
    - Use Firefox w/NoScript (or Opera) and a non-OE mail client with preview and HTML disabled.
    - Have a decent mail provider which removes spam, viruses and executable attachments.
    - Don't use P2P to download pirated/cracked software.
    - Practice safe computing (browsing habits, attachments handling, common sense, research prior to installing software, etc)
    This, together with a NAT router and a solid backup/imaging policy will make you invincible.
     
Loading...
Thread Status:
Not open for further replies.