Old HIPS vs New Up to Date HIPS?

Discussion in 'other anti-malware software' started by EscapeVelocity, Apr 7, 2010.

Thread Status:
Not open for further replies.
  1. bman412

    bman412 Registered Member

    Joined:
    Mar 4, 2008
    Posts:
    261
    What is the last stable release of Process Guard? Currently in need of an anti-executable.
     
  2. Meriadoc

    Meriadoc Registered Member

    Joined:
    Mar 28, 2006
    Posts:
    2,642
    Location:
    Cymru
    Download the latest free PG from DiamondCS it has an excellent anti-exe.
     
  3. jmonge

    jmonge Registered Member

    Joined:
    Mar 20, 2008
    Posts:
    13,744
    Location:
    Canada
    PG still works fine:thumb: also SSM:thumb:
     
  4. blacknight

    blacknight Registered Member

    Joined:
    Sep 25, 2007
    Posts:
    3,110
    Location:
    Europe, UE citizen

    I believe it, the problem with them is: how much autoprotection they have ? And how much they can protect from new rootikt kinds released after they was discontinued and not more developed ?
     
  5. ruinebabine

    ruinebabine Registered Member

    Joined:
    Aug 6, 2007
    Posts:
    1,096
    Location:
    QC
    As for ssm, I will only say that even DefenseWall III cannot stop its work or kill its GUI!
     
  6. jmonge

    jmonge Registered Member

    Joined:
    Mar 20, 2008
    Posts:
    13,744
    Location:
    Canada
  7. Meriadoc

    Meriadoc Registered Member

    Joined:
    Mar 28, 2006
    Posts:
    2,642
    Location:
    Cymru
    edit :

    rather another download location, looks like DiamondCS is finished - we'll have to see if the site resurrects itself in the future but atm suspended (again.)
     
  8. jmonge

    jmonge Registered Member

    Joined:
    Mar 20, 2008
    Posts:
    13,744
    Location:
    Canada
    i noticed their account has been suspended:D
     
  9. dave88

    dave88 Registered Member

    Joined:
    Feb 2, 2007
    Posts:
    177
    The last, best version is 3.15

    There were a few versions after that, but some people had problems with them.
    Also I think they were aimed at stopping a few threats that targeted ProcessGuard specifically.

    Get ProcessGuard 3.15 here:

    http://download.cnet.com/ProcessGuard/3000-2239_4-10333974.html
     
  10. bman412

    bman412 Registered Member

    Joined:
    Mar 4, 2008
    Posts:
    261
    Thanks
     
  11. brainrb1

    brainrb1 Registered Member

    Joined:
    Mar 15, 2010
    Posts:
    491
    Guy's if you have have a good firewall with HIPs and an anti virus like Avast home and sandboxie why do you want HIpso_O:eek:
     
  12. Matthijs5nl

    Matthijs5nl Guest

    Most people here just like testing, or just like having a layered setup. They just like it to have certain programs, not because without it they will have viruses all the times. But just because they want it.

    Including me: With Windows 7 Home Premium 64-bit, firewall: on, defender: on, uac: highest, dep: all programs and services and aslr enabled. In combination with a updated system and IE as browsers. (In other words: just using what the operating system offers.) I will never be infected. But next to that I also have ESET which I actually don't need, don't think it ever discovered something (except from a couple of bad websites). And Hitman Pro I certainly don't need, it never found something. But I just like the program so I use it. That's why we are all here on this forum. Because we like it :D.
     
  13. noone_particular

    noone_particular Registered Member

    Joined:
    Aug 8, 2008
    Posts:
    3,798
    Having more than one "HIPS" is pointless regardless of whether one is part of a firewall. If you want to test freestanding HIPS software like PG or SSM, you should use a firewall that doesn't have one. The older HIPS like PG and SSM work very well. With SSM for example, a lot work went into making it able to defend itself.
    Rootkits are installed by a running process. Any HIPS will catch that process trying to start. Apps like SSM will catch attempts to install drivers, add services, and many other low level activities. It may be possible for a malicious process to use a method that they weren't designed to catch, but the only way that can happen is if the user allowed that process in the first place. In such a scenario, the HIPS is being asked to function as more of an intrusion containment system than a prevention, which is not what they were designed to do. That would fall more under the role of a sandbox or virtual system. HIPS were designed to keep something like that from ever running in the first place. If that protection isn't bypassed by the user, they prevent rootkits very well.
     
  14. bellgamin

    bellgamin Registered Member

    Joined:
    Aug 1, 2002
    Posts:
    7,633
    Location:
    Hawaii
    PCTools Firewall does not have a full-scope HIPS by any means, so that FW + HIPS should engender no conflict. Private Firewall has Dynamic Security Agent, an "anomaly detector" but not a true HIPS.

    Ergo, either of those 2 firewalls -- both of them contemporary -- should run just fine with a stand-alone HIPS such as Malware Defender or Comodo's D+.
     
  15. dave88

    dave88 Registered Member

    Joined:
    Feb 2, 2007
    Posts:
    177
    Who says we have, or want those things? (respect to sandboxie though)

    I only use an on demand AV. I have tried most of the newer firewalls. But have had issues of one sort or another, bugs, clunky interfaces, slowdown, decisions made for me, etc.

    Anyway, to each their own, there are any number of good ways to protect your system.
     
  16. Yakuman

    Yakuman Registered Member

    Joined:
    Aug 5, 2008
    Posts:
    75
    I keep seeing people refer PG as an anti-executable, but I tried it not too long ago and never seen such capability. There's no default deny option or way to make it silent by denying everything outside of the current files on the computer unless explicity allowed. Can anyone explain o_O
     
  17. jmonge

    jmonge Registered Member

    Joined:
    Mar 20, 2008
    Posts:
    13,744
    Location:
    Canada
    Duh not for the free version:D you have to have a licence to fully lock up this baby:D
     
  18. wrongway67

    wrongway67 Registered Member

    Joined:
    Apr 5, 2008
    Posts:
    45
    There is:

    "Auto block new and changed applications"
     

    Attached Files:

  19. blacknight

    blacknight Registered Member

    Joined:
    Sep 25, 2007
    Posts:
    3,110
    Location:
    Europe, UE citizen
    Ya, I know it and I agree. But we know that an HIPS can fail an intrusion attempt ( what are they the leaks tests ? ), so may be that some recent rootkit can disable some HIPS. Otherwise HIPS would mean complete invulnerability ( they are not too far...;) ).
     
  20. noone_particular

    noone_particular Registered Member

    Joined:
    Aug 8, 2008
    Posts:
    3,798
    Both the leaktest and the rootkit installer are processes that have to be initially allowed to be successful. If that initial execution isn't allowed by the user, both fail.
     
  21. egghead

    egghead Registered Member

    Joined:
    Aug 27, 2005
    Posts:
    443
    Location:
    The Netherlands
    Yes ! This is what I call a user friendly HIPS. :thumb:

    Running here with XP Pro SP 3 without problems (antihook v 3.0.0.23)
     
  22. act8192

    act8192 Registered Member

    Joined:
    Nov 9, 2006
    Posts:
    1,778
    Aha, that might explain. I used the last free Antihook version 2 on xp-sp3.
     
  23. Greg S

    Greg S Registered Member

    Joined:
    Mar 1, 2009
    Posts:
    1,039
    Location:
    A l a b a m a
    yea, I loved that one too but the people at antihook wouldn't sell me a license for it. Reason being, they were fixing to release an update to it. That was over one and a half year ago, no update as of today.
     
  24. acuariano

    acuariano Registered Member

    Joined:
    Nov 4, 2005
    Posts:
    786
    hey guys are PG and SSM programs that ask you decide "if yoiu have to allow or not"?
    -also what's the difference between those 2 with online armor free,and outpost pro
     
  25. jmonge

    jmonge Registered Member

    Joined:
    Mar 20, 2008
    Posts:
    13,744
    Location:
    Canada
    PG doesnt protect you registry like SSM and OA do;)
     
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.