Next best alternative to ThreatFire (Symantec to Acquire PC Tools)

The topic is alternatives to TF. PLEASE be courteous to those who come to this thread to read what the topic line says it will cover. Please start your own thread to cover other matters.

 

OK, you want an alternative to TF, then if you even bothered with CyberHawk back in the day, dig up some of those versions if you have any. Google still floats a few freewares that are every bit as formidable as a user could ask for so long as they team it together with a good HIPS.

 

Dont agree with the whole presumption made here- that TF will suddenly become poisonous, just because PC Tools have been taken over by Symantec,even though its been stated that PC Tools will be a seperate division.

However an alternative would be Dynamic Security Agent,which detects, blocks and quarantines activity characteristic of known malware, hacking, phishing and other malware threat types.

Available
here.

Free ,recommended.

As Easter has proved,by its technical nature,Cyberhawk-Threatfire doesnt need constant updating,so the current versions should prove quite adequate no matter what

Edit-Would hardly consider Mamatu an alternative in view of its intrusiveness.

The lack of intrusion of TF was one of its important features,for those who dont enjoy fiddling.

Also its not freeware but has yearly licensing-not popular.

 

Didn't DSA have a memory leak issue on Vista? If so, does that issue still exist?

 

I do remember one poster querying this,but using XP and running it for 6 months ,never had a problem.
The latest version presumably would have fixed any such issues,assuming it wasnt just a one off.
In any case, well worth trying

 

I always liked DSA. Why I asked was that I remember trying the Webroot firewall which had DSA incorporated while I was on Vista. Big memory leak there which was confirmed by some other Vista users. I believe Privacyware denied such issue though. Maybe I'll give DSA another shot- currently using Mamutu, which seems ok. Just had a real bad experience with Threatfire.

 

acr1965
Looks like there still is an issue with Vista.

"Vista is not compatible with a core Privacyware driver. Installing Vista on a computer with Privatefirewall, Dynamic Security Agent, Endpoint Security Console, Privatefirewall with Anti-Spyware or PC Security Suite installed will cause a critical system error and crash."

Lucky you raised this.

edit-notice that Webroot Firewall is Vista compatible,so maybe its DSA is OK

 

Just saw your post-well put

 

The scary thing is:
What if Symantec decides to buy Sandboxie or SAS?

I mean, you never know.
A few million bucks can change anyone's decision.

 

I haven't used Norton for about 4 years now, so being your a user, can you tell me if their support has gotten any easier to access? I found it very difficult.

 

Hope it doesn't buy Defensewall HIPS.

 

As to replacing TF, I have been trying my GAOTD version of Mamutu and have been very happy with it.

I have it on Paranoid Mode right now and get very few pop-ups. It hasn't burdened my 1GB of RAM and has presented no problems running with SP3.

I'm not entirely sure I won't go back to TF, as it just depends on what happens with Symantec (if the past is any indicator, it won't bode well for them), but I may very well just pay to renew Mamutu. I've also been considering DirveSentry but have yet to get around to trying it out.

 

Not to go meandering off topic too much, but Defensewall would be an even BETTER buy than Threatfire. With the exception of maybe a couple of extra tweaks to add some more "oomph", Defensewall is even more "newbie" friendly than TF is.

 

and wait when Ilya adds the outbound protection it is going to be better

 

TF & Mamutu are behavior blockers. DriveSentry is a full-on "classical HIPS" -- not the same category as TF and Mamutu.

Other behavior blockers include Prevx & Primary Response SafeConnect.
~~~~~~~~~~~~~~~~~~~~~~~~

As to DSA (mentioned by a few others) I like it, too. It badly needs a learning mode, however. Even when DSA is in training, it pops up a lot. Further, DSA is a full-on SPI firewall (unbeknownst to many) but untweakable, as such -- see THIS post by the proponent of DSA. Further, DSA won't work well if there is another firewall on your computer -- it might even disable the other firewall.

 

That's interesting, Easter. My local computer guy also highly recommends Trend Micro and runs it on his machines in the shop and those in his home. He's got a couple of teenage kids and says he's installed a lot of others on their computers and let the kids loose. Trend Micro came out best. It's one of the few I've never tried, so can't comment from personal experience.

As for Threatfire, I'm staying with it until something happens. It's working fine for me on my desktop, in conjunction with Sandboxie.

 

Not a chance.

 

How is Mamutu intrusive? (At this point in time, it appears to be my top candidate to replace TF.)

 

All this news and reviews i hope inspires other developers to come up with their own Behavioral Blocker, i bet COMODO is on that list.

Nothing against MAMUTU (good app) but just like AV's/AS's/HIPS's and others, Behavioral Blockers are lowest on the totem pole right now and this field needs a resurgence of interest from top to mid-range developers to step up and climb into the ring.

 

Don't kid yourself, these one-man show programs are prime targets for buyouts. I'm sure Tzuk wouldn't mind a huge wad of cash appearing in the bank, and nobody could find fault with accepting it if they had a lick of sense. You have to understand, the majority of these single application developers don't see a lot of profits sometimes, and, like the rest of us, they'd like a nice roof over their head, food, their bills paid, and all the other nice and necessary things money allows.

 

If they decide to buy Sandboxie I already have a name they can use for it...Litterboxie. That's about all I would trust it to hold after they have it.

 

Wondering the same thing

 

I never have understood the blatant and (these days at least) unnecessary hatred of Symantec. People mouth off left and right about it being this and that, yet very few bother to answer the question of why with something other than "It's Symantec". It scores good, it's widely used, it's about as straightforward to use as it can get, why does the mere mention of them start off the hate remarks? Come on guys, it's 2008, the old insanely bloated Norton is gone. If you're basing the hate on it not running fast on a system with less than a gig of ram and/or the system is old itself, you've no business blaming that on the company. Just my thoughts, and, before thoughts of "fanboy" come into this, I'm an Avast user.

 

Before this thread gets too derailed, how about some suggestions/alternatives to TF. Personally i tried it and it dogged my system too badly, plus i am not a proponant of online access to some distant server serving as community protection. Never went for that, never will.

If i can't download updates locally, it doesn't even enter the picture no matter how high the reviews, because what might be accepted as badware for the community might just be a program like i use that mimics Vista named Visual Task Tips that shows a picture of all the focused windows open and even the tool AVZ rates it as a HIGH keylog threat where in reality it MUST have access to certain window codes whenever a key is pressed to display the minature taskbar picture, and on simple rollover.

I no little to zilch about MAMUTU everyone is crowing about but it seems to have enough pluses from what i read. I doubt many suggestions old or new can even add up to half a dozen and is why i call on developers everywhere to climb into this field also, especially now just in case Symantec stuffs TF with plenty of cotton.

In my case i reached into the past and now use CYBERHAWK as an alternative behavioral blocker and thank goodness it's not full of issues but does whats expected from it.

Good Day

EASTER

 

I completely agree with you regarding being cautious about relying on the "community-based" method of determining good from bad. There's far too much risk of mis-identifying or just plain laziness of people to "check the box" so to speak next to Ok or Not Ok. It's an easily abused system. I personally think that Defensewall would cut it as a suitable replacement. It stops the bad stuff and doesn't throw any weird messages in your face and ask you to allow/deny. It does its job with no hassle.