PCTools Firewall ESV?

Discussion in 'other anti-malware software' started by chinook9, Apr 25, 2010.

Thread Status:
Not open for further replies.
  1. chinook9

    chinook9 Registered Member

    Joined:
    Jan 27, 2008
    Posts:
    439
    I have posted this in the anti-malware section because the anti-malware aspect of this Firewall is what interests me.

    Can someone explain, in basic terms, what ESV does and how that differs from a classical HIPS?
     
  2. pegr

    pegr Registered Member

    Joined:
    Apr 8, 2008
    Posts:
    2,279
    Location:
    UK
    ESV is a classical HIPS in the sense that it monitors and alerts on individual behaviours but AFAIK doesn't provide the broad spectrum coverage of a standalone HIPS product. The main purpose of ESV appears to be to harden the firewall to enable it to pass leak tests.
     
  3. bellgamin

    bellgamin Very Frequent Poster

    Joined:
    Aug 1, 2002
    Posts:
    5,648
    Location:
    Hawaii
    Not the "main purpose". Passing Matousec's silly tests are pretty much ALL there is to PTL's ESV.

    ESV is to a classic HIPS as a toy poodle is to a Rottweiler.

    If you want a Rottweiler HIPS + Firewall, go with something like Online Armor or Outpost.
     
  4. pegr

    pegr Registered Member

    Joined:
    Apr 8, 2008
    Posts:
    2,279
    Location:
    UK
    I was trying to be diplomatic and avoid being contentious. :D
     
  5. pabrate

    pabrate Registered Member

    Joined:
    Jan 21, 2010
    Posts:
    685
    And what's wrong with Comodo's Defense+ ?
     
  6. bellgamin

    bellgamin Very Frequent Poster

    Joined:
    Aug 1, 2002
    Posts:
    5,648
    Location:
    Hawaii
    Not a thing wrong with D+. I said "something like Online Armor or Outpost."

    As to D+, I find it a bit more confusing to configure than is the case for OA & OP. But that's just me-- your mileage may be different.

    As to OA, I am totally enamored with its Run Safer option.
     
  7. raven211

    raven211 Registered Member

    Joined:
    May 4, 2005
    Posts:
    2,567
    How is the ease-of-use when it comes to Run Safer? Is it just turn on and go? What if I wanna update/install something, etc.?
     
  8. bellgamin

    bellgamin Very Frequent Poster

    Joined:
    Aug 1, 2002
    Posts:
    5,648
    Location:
    Hawaii
    Turning Runs Safer (RS) on or off is easy.

    One way- Right clicking the program you want to Run Safer (e.g. Firefox)
    Another way- access OA configurations>Programs & right clicking the program there.

    On = Run Safe
    Off = Open Normal

    OA also offers an "Install" mode option during an install.

    Bottom Line: Run Safer is VERY easy to use.
     
  9. Victek

    Victek Registered Member

    Joined:
    Nov 30, 2007
    Posts:
    5,121
    Location:
    USA
    .
    The "Run Safer" option is very easy to toggle On/Off for individual applications - very useful for internet facing apps if you use an admin account in XP, or have UAC turned off in Vista/Win7. If UAC is enabled in the latter though, I don't know that "Run Safer" adds additional protection.
     
  10. EscapeVelocity

    EscapeVelocity Registered Member

    Joined:
    Apr 1, 2010
    Posts:
    368
    Thanks for the tip on PCTools firewall HIPS, bellgamin.

    I purchased a 1 year license for OA for $5 and plan on giving it a spin. I would also like to try Outpost. Perhaps Look n Stop, too. I tried PrivateFireWall for a short time and liked it.
     
  11. bellgamin

    bellgamin Very Frequent Poster

    Joined:
    Aug 1, 2002
    Posts:
    5,648
    Location:
    Hawaii
    Glad to have helped.

    Be aware that both OA & OP are Firewall (FW) + HIPS whereas LnS is FW only.

    Witn OA you can turn off the FW & run only the HIPS, OR you can turn off the HIPS & run only the FW, OR you can run both Hips & FW, which is what I do.

    If you want to run LnS & still have a HIPS, LnS + Threatfire is an option, but I have never tried that particular combo.
     
  12. jmonge

    jmonge Registered Member

    Joined:
    Mar 20, 2008
    Posts:
    12,883
    Location:
    Canada
    i am very tempted to try Online Armor again;)
     
  13. chinook9

    chinook9 Registered Member

    Joined:
    Jan 27, 2008
    Posts:
    439
    Thanks for all the information. I had thought that the PCTools Firewall HIPS was more complete when I chose to install it.

    Right now I'm headed out of the country and I don't want to get into changing anything as long as it is running well but I would like layered protection.

    I think I'm still well protected. In addition to the PCTools Firewall, I am running Avast 5, Prevx (SafeOnline), and I Sandbox my browsers.

    I have one of the Online Armor licenses, but this is a netbook and I really don't want a heavy app. but I might try it anyway. I too really like Run Safer.
     
  14. EscapeVelocity

    EscapeVelocity Registered Member

    Joined:
    Apr 1, 2010
    Posts:
    368
    Thanks for the further tips, bellgamin.
     
  15. raven211

    raven211 Registered Member

    Joined:
    May 4, 2005
    Posts:
    2,567
    Thanks for the answers on Run Safer - it seems to be a great feature. :)


    1. Now would it add anything in protection when already running DW?

    2. Is there any difference in this area of OA's protection comparing its free and paid version?

    3. Would you say there are any important differences between the free and paid version of OA overall?
     
  16. progress

    progress Guest

    ... may cause BSOD :(
     
  17. bellgamin

    bellgamin Very Frequent Poster

    Joined:
    Aug 1, 2002
    Posts:
    5,648
    Location:
    Hawaii
    DW main emphasis is on running threatgates as untrusted, thereby isolating them & their outputs from your computer's groin area. ("Threatgates = browsers, email clients, etc.)

    OA can achieve similar protection of threatgates IF the user runs them as Run Safer. With OA, that is optional, whereas with DW "untrusted status" is more automatic. Therefore, DW is perhaps a better choice for careless or inept users.

    Both DW & OA can also protect ANY app (not just threatgates) . . .
    + DW will run ANY application as untrusted if the user adds it to the untrusted list.
    +By the same token, with OA the user can easily run ANY application as Run Safer.

    Bottom Line (my opinions)- - -

    OA in addition to DW? NOT a good idea. The combo might cause some instability. Also, it is unnecessary duplication of protection.

    OA INSTEAD of DW? - - -
    +For protecting a careless or inept user against his own mistakes (where 10=perfectly idiot-proof), DW is a 9.8, OA is 9.5.
    +As to degree of protection, both DW & OA are top tier. The choice comes down to trying each of them so as to determine which one of these 2 *feels better* to you & your computer. (I suggest you ALWAYS make an image of your system disk before trialing ANY complex security app such as DW & OA.)

    Goto HERE, scroll down to display of OA versions, click on "Show Features" and you shall have your answer. (Be sure you have allowed Java Script for this site or the "Show Features" won't work.)

    See answer to #2 above & judge for yourself.

    IMO, I prefer the paid version *primarily* because I am a tweak freak & actually use the paid version's "Advanced" features. (I also like Tabasco on my french fries.)
     
    Last edited: Apr 27, 2010
  18. raven211

    raven211 Registered Member

    Joined:
    May 4, 2005
    Posts:
    2,567
    Thank you, I love thorough but precise answers. :) This answered my questions to give me enough insight.
     
  19. sunoracle

    sunoracle Registered Member

    Joined:
    Mar 25, 2010
    Posts:
    51
    How about the PC Tools FW and Threatfire?

    The PC Tools FW seems to be quite light on resources, and the UI is decent. It's also free.

    Threatfire would then seem to add in the features that might be missing from the PC Tools FW. It's also free. In addition, they're both PC Tools products, so maybe they've done testing to ensure they're compatible?

    Both products also claim to work with 64-bit Windows.
     
  20. bellgamin

    bellgamin Very Frequent Poster

    Joined:
    Aug 1, 2002
    Posts:
    5,648
    Location:
    Hawaii
    It's a good combo IMO. TF isn't a full-scope classic HIPS. It is a behavior blocker. However, it allows the user to set advanced rules; therefore it can cover almost as much as a classic HIPS in the hands of a proficient user.

    If you decide to try TF, I suggest you read suggested rules by Kees at following threads...
    https://www.wilderssecurity.com/showthread.php?t=183020
    https://www.wilderssecurity.com/showthread.php?t=253507
    https://www.wilderssecurity.com/showthread.php?t=191802
    https://www.wilderssecurity.com/showthread.php?t=234443
    https://www.wilderssecurity.com/showpost.php?p=1059723

    I haven't sorted through the above threads in a long while. Not all of them pertain directly to TF, but all of them contain excellent suggestions as to registry hives & files that might ought to be protected via TF's advanced rules.
     
Loading...
Thread Status:
Not open for further replies.