Need a Lite HIPS

Discussion in 'other anti-malware software' started by Escalader, Jun 23, 2008.

Thread Status:
Not open for further replies.
  1. Escalader

    Escalader Registered Member

    Joined:
    Dec 12, 2005
    Posts:
    3,710
    Location:
    Land of the Mooses
    Hello

    I need a free HIPS to replace TF which doesn't like my set up.
    (Some days I don't like it either)

    I have SAS,NOd32 and Kerio 2.1.15, PG 2 at the moment.

    Please make considered suggestions links would be usefull.
     
  2. HURST

    HURST Registered Member

    Joined:
    Jul 20, 2007
    Posts:
    1,419
    Try EQS. Is a superlight HIPS.
    It can be configured in ways you could never dream of. (which is also considered bad by some members here, since you would need great knowledge to get tight protection)
    There are many threads here in wilders about it.
    The other problem, is that version 4.0 has been in beta for a long time. Last stable version, 3.41 is several months old.
     
  3. HURST

    HURST Registered Member

    Joined:
    Jul 20, 2007
    Posts:
    1,419
    Wow...lots of off-topic comments :D
    I also believe, you can't judge software by its origin country.
    Software is innocent until proven guilty:D
     
  4. EASTER

    EASTER Registered Member

    Joined:
    Jul 28, 2007
    Posts:
    5,632
    Location:
    U.S.A. (South)
    I,ve only thoroughly experienced long-term 2 HIPS, those being System Safety Monitor (which i also beta tested LoL) and EQSecure now at 4.0 Beta or 3.41

    I'm somewhat biased as time & conditions dictate to lean on EQS exclusively, it's about as "Lite" as they get IMO, but SSM is a very formidable competitor and actually if i had my way i would meld the two into a single Super-HIPS!

    You have to try the waters, and determine which one is suitable enough for your machine's/system needs as well as your attention, because they both demand user interactions at some point, but i found with EQS using Alcyon's RuleSets, the human factor can be dramatically reduced in comparison. Just my opinion from experience with them both, and i do run them both on different machines.

    EASTER
     
  5. Kees1958

    Kees1958 Registered Member

    Joined:
    Jul 8, 2006
    Posts:
    5,857
    You can have a light HIPS setup with strong protection

    A) DROP PG and SAS (on demand only), keep NOD
    B) Not free, but worth it trial GeSWall Pro or DefenseWall, see which one you like best


    Nice goodies AVZ (rootkit scan) Anvir taskmanager free (run it from time to time to check any changed startup items)
     
  6. Someone

    Someone Registered Member

    Joined:
    Jan 18, 2008
    Posts:
    1,106
    Hi

    Since you are using Process Guard (right?) then you can also add DriveSentry, which provides disk and registry and some buffer overflow protection.
     
  7. LowWaterMark

    LowWaterMark Administrator

    Joined:
    Aug 10, 2002
    Posts:
    17,874
    Location:
    New England
    All 12 of those politically oriented posts have been removed.

    The topic here is "Need a Lite HIPS" not a country or their government's ideology.
     
  8. Antarctica

    Antarctica Registered Member

    Joined:
    Feb 25, 2003
    Posts:
    1,617
    Location:
    Canada
    I know it's off topic but I could not hold myself.:oops:

    I like your new Avatar LowWaterMark.:thumb: :)
     
  9. Escalader

    Escalader Registered Member

    Joined:
    Dec 12, 2005
    Posts:
    3,710
    Location:
    Land of the Mooses
    Hello Easter and other technical posters:

    TY, I never saw all the political posts by the time I logged back in the moderator had done his work! Good. Not intested in political opinion just technical facts.

    I will try SSM first and see what trouble that gives me.

    FWIW, I will not drop SAS, Nod 32 or PeerGuadian 2 ip blocker not process guard,
     
  10. bellgamin

    bellgamin Very Frequent Poster

    Joined:
    Aug 1, 2002
    Posts:
    5,648
    Location:
    Hawaii
    Good choice. Be sure to check out THIS on-going Wilder's thread -- to learn more about configuring SSM.
     
  11. Juha L

    Juha L Registered Member

    Joined:
    Dec 25, 2007
    Posts:
    48
    It was not strictly political. It was about giving low level system access to software whose developer is pretty much unknown and unreachable.
    Apparently this is not considered a security issue here at Wilderssecurity..
     
  12. jrmhng

    jrmhng Registered Member

    Joined:
    Nov 4, 2007
    Posts:
    1,268
    Location:
    Australia
  13. dw2108

    dw2108 Registered Member

    Joined:
    Jan 24, 2006
    Posts:
    480
    Try WinCleaner AntiSpyware. If you feel comfortable with your registry, then delete some or all of the registry shields and create your own. You end up with a lite app as good as or better than SSM. You can also create custom shields to act in a learning mode.

    Dave
     
  14. bellgamin

    bellgamin Very Frequent Poster

    Joined:
    Aug 1, 2002
    Posts:
    5,648
    Location:
    Hawaii
    The topic pertains to HIPS. WinCleaner is NOT a HIPS.

    HIPS is defined HERE, & current HIPS are listed HERE and HERE.

    So... please stay on topic.
     
  15. Kees1958

    Kees1958 Registered Member

    Joined:
    Jul 8, 2006
    Posts:
    5,857
    Bill,

    Your a bit harsh in your judgement. It also has a configurable registry and file monitor. A member of wilders (i think Topak or something) was very positive about it, while on another download board someone nearly killed his machine trying to remove it.

    When it monitors registry and file system, it is a light IDS, so your right. But when arrovax shield is called a behavior blocker in your third link, than Wincleaner qualifies also. ;)

    Regards Kees
     
  16. dw2108

    dw2108 Registered Member

    Joined:
    Jan 24, 2006
    Posts:
    480
    Now I reserve the right to remain confused! WinCleaner is a ... ? Or not?

    Dave
     
  17. bellgamin

    bellgamin Very Frequent Poster

    Joined:
    Aug 1, 2002
    Posts:
    5,648
    Location:
    Hawaii
    Light like Ivory Soap (so light that it floats).

    As to Arovax Shield -- I had forgotten about that one. Arovax is a WinPatrol wanna-be -- a tad limited but better than nada...

    By the way, Kees old bean (speaking of various & sundry HIPS)...

    +++Whatever happened to your love affair with Sensive Guard (another *light* one)?

    +++Have you tried DriveSentry (the new kid on the block)? If so, do you recommend it?

    +++Lastly, what about Antihook? For some reason, AH gets very little press here at Wilders. I wonder why?
     
  18. Diver

    Diver Registered Member

    Joined:
    Feb 6, 2005
    Posts:
    1,444
    Location:
    Deep Underwater
    No hips is lite.

    Try running Gmer on a before and after basis to see what it is doing to your system.
     
  19. Kees1958

    Kees1958 Registered Member

    Joined:
    Jul 8, 2006
    Posts:
    5,857
    Initially I setup a layered defense covering everything and likes the combo fo file and network control. But malware got smarter and did not limit its playground to the obvious directories. When EQS and TF arrived there were many alternatives for file protection.

    Next free version of DriveSentry makes a nice complementary combo with next free version of Online Armor. DriveSentry could be a little more quiet.

    It was one of the best occording to Kareldjag's blogs/tests, It is so granular on parent-child/process control it takes quiet a while to setup, problably that is the reason for little attention (you have to know a lot to answer the pop-ups correctly)

    Is not Avast's rootkit scan on startup created with GMER resources knowledge?

    I will :)
     
Loading...
Thread Status:
Not open for further replies.