Prevx Home Edition - free

Discussion in 'other anti-trojan software' started by JohnK, Jun 20, 2004.

Thread Status:
Not open for further replies.
  1. JohnK

    JohnK Registered Member

    Joined:
    Jan 29, 2003
    Posts:
    20
    Anyone any opinions on Prevx ?

    They've just launched a free home edition of their "host intrusion prevention" software (it's in beta). They seem to have been around in the corporate arena for a while, and it sounds like the kind of product we'd all like on our machines (if it works, that is). And being free helps.

    JohnK
     
    Last edited: Jun 20, 2004
  2. Slovak

    Slovak Registered Member

    Joined:
    Mar 4, 2004
    Posts:
    515
    Location:
    Medina, Ohio
    What could it hurt to download and try? I just did, going to reboot and try it out, I will post my thoughts later this afternoon when I get back home.
     
  3. Tassie_Devils

    Tassie_Devils Global Moderator

    Joined:
    May 8, 2002
    Posts:
    2,514
    Location:
    State Queensland, Australia
    Hmmm.... very good endorsements via the UK Constabulary of Avon

    https://www.prevx.com/prevxenterprise/casestudies/casestudies_avonsomerset.htm

    and Somerset.

    Looks good, but could not get any real feel on "what" it does for protection, until I 'registered' and got following email.

    =============================================
    1) USING PREVX HOME WHILST PERFORMING WINDOWS UPDATE

    Because Windows Update needs to access key areas of the system registry and needs to be able to write files to areas of the file system that are normally protected by Prevx Home, we recommend that you turn OFF all Security Settings other than the Buffer Overflow policies whilst performing Windows Update. On completion of Windows Update, please turn back ON the Security Settings that you have turned off!

    The buffer overflow policies will protect you against internet worms such as Sasser and Blaster whilst performing Windows Update.

    Whilst these policies are switched off it is recommended that you do not browse other web-sites, in order to minimize the risk of spyware infections.

    2) USING PREVX HOME WHILST INSTALLING NEW APPLICATIONS OR DRIVERS

    Installing new applications or drivers may generate Prevx Home Alerts as new system registry entries and new executables are written to your system. When queried, you may choose the Allow option. Alternatively, you may wish to temporarily turn off the File System and Registry Security Settings. Remember to turn these back ON when you have finished!

    3) FILE SYSTEM POLICIES AND SYSTEM REGISTRY POLICIES – Available Settings

    During the early part of the Beta program, we have disabled the “Prevent” Option for certain Security Settings. The options available are “Query” and “Off”. This will enable you to see all Alerts and determine if they are the result of legitimate system behavior (e.g. running Windows Update or installing new programs or drivers) or cannot be accounted for by these actions. You can choose to Allow or Deny, as appropriate. The “Don’t Tell Me This Again” and “Don’t Ask Me This Again” functions can be used for any regular Alerts or Queries where you want to determine future behavior.

    4) “SEND TO PREVX” OPTION ON ALERTS

    To help us build a picture of the most frequent Alerts, please use the “Send to Prevx” option when examining Alert Details.

    5) PREVX UPDATE FUNCTION

    During the beta period we will be releasing updated and refined versions of the system and the security settings from time to time. We recommend that you use the Update function regularly to ensure you are using the most up to date release of the product.

    ========================================

    Have not actually dl'd yet and will wait until Slovak gives some feedback. I currently run ProcessGuard and it looks like a similar app as described above, as in 'Allow' or 'Deny' a process/exe/registry change, etc.

    Could not ascertain a price, says FREE download, and according to email I've got a link to get download, then install, and to *Activate it I have to put in my email addy.

    You are allowed to download up to 5 times for diff machines.

    HTH, TAS
     
  4. Slovak

    Slovak Registered Member

    Joined:
    Mar 4, 2004
    Posts:
    515
    Location:
    Medina, Ohio
    So far as I can tell it works as it is supposed to, no side affects on my win2k machine, it blocks everything they say it should.
     
  5. nadirah

    nadirah Registered Member

    Joined:
    Oct 14, 2003
    Posts:
    3,647
    Not bad, a good software which can help your anti-virus and firewall products to be even more effective. I'm sure a lot of people will like Prevx.
     
  6. Slovak

    Slovak Registered Member

    Joined:
    Mar 4, 2004
    Posts:
    515
    Location:
    Medina, Ohio
    Maybe so, but they must download it and try it first.
     
  7. Visions

    Visions Guest

    But as usual it only works with 2K/XP and not 9X/ME.
     
  8. notageek

    notageek Registered Member

    Joined:
    Jun 3, 2002
    Posts:
    1,601
    Location:
    Ohio
    Dare I try it. :) Yes I dare. I'll post some feedback on it when I get time to fool with it. :)
     
  9. notageek

    notageek Registered Member

    Joined:
    Jun 3, 2002
    Posts:
    1,601
    Location:
    Ohio
    OK I'm trying it out now. Looks like it's almost like a firewall (note I said almost). So far it only tells me about certain things that want to go through the internet. I tried running Yahoo messenger and it never asked me about if I want to run it. It has an auto update feature that you can't turn off. It has a passowrd protection. You can still shutdown programs through the windows task manager without it asking if I want to shut andthing down. Unlike winsonar when you close down Prevx it don't ask you if you want to shut the program down. In other words PG is better but this is still in beta and it's not that bad of a program.

    Here's what my windows Task Manager says it's using. This is in KB
    SAGUI.exe: Mem Usage= 2,152kb
    Peak Mem Usage= 10,580kb
    VM Size= 5,564kb
    PXAgent.exe: Mem Usage= 5,776kb
    Peak Mem Usage= 6,220kb
    VM Size= 4,836kb
    Installing it was easy. No problems with running it. No crashes while I was running. Un-installing it was easy also. In conclusion I think it's a so so app. I would rather use SSM or PG over Prevx becuase PG can guard process and SSM tells you when a program starts and also when it's put a start up command in the registry. But like I said before this is still a beta. I hope this helps.
     
  10. Tassie_Devils

    Tassie_Devils Global Moderator

    Joined:
    May 8, 2002
    Posts:
    2,514
    Location:
    State Queensland, Australia
    Slovak/Notageek.... thanks for the being the "Crash Test Dummies" :p on this one.

    Sounds like the home edition is maybe not up to scratch as opposed to the PRO? the cops in UK are using.

    Also, as notageek agrees with what I *thought* it's PG-like in actions, I'll let my other security apps take care of things for now along with PG of course.

    Thanks again guys. :)
     
  11. Slovak

    Slovak Registered Member

    Joined:
    Mar 4, 2004
    Posts:
    515
    Location:
    Medina, Ohio
    Well it is just as both of you guys said, it is still in beta stages. I think I am going to stick with it and see just how it turns out in the long run. Heck, what would have happened if we would have given up on Spywareblaster, or spybot, etc when they were just in beta stages? It is "crash test dummies" like us that make beta products better by giving our feedback and inputs. Besides, it so far is not "screwing" anything up so far so I will hang on to it for now.
     
  12. notageek

    notageek Registered Member

    Joined:
    Jun 3, 2002
    Posts:
    1,601
    Location:
    Ohio
    I haven't given up on it. I just uninstalled it and I'll mess with some more when new beta comes out. I mean it really didn't do much for me. It sat in the tray and let what ever program I open run. It didn't ask me if I want it to run ut when I opened up an ISP it warned me. It's not a bad little program and I'm going to wait around and see.
     
  13. meneer

    meneer Registered Member

    Joined:
    Nov 27, 2002
    Posts:
    1,132
    Location:
    The Netherlands
    PrevX offers a host intrusion detection solution. It would compare to Cisco Secure Agent and MacAfee's security suite for that matter. It's not a personal firewall or anti virus.
    It's meant to prevent day zero exploits like Blaster and Sasser. I suppose it will do just that. And it could well be of great value.
     
  14. nadirah

    nadirah Registered Member

    Joined:
    Oct 14, 2003
    Posts:
    3,647
    PrevX comes in two editions:
    Prevx Home edition
    PrevX PRO ( PRO version coming soon. )

    I think once PrevX home and pro get to their final release, the software could be an indispensable security tool, judging from its looks.
     
  15. Notok

    Notok Registered Member

    Joined:
    May 28, 2004
    Posts:
    2,969
    Location:
    Portland, OR (USA)
    I've been using this for a couple days now, and I'm pretty happy with it. I haven't seen anything that protects against buffer overflows before. It seems to fit perfectly between Qwik-Fix and ProcessGuard. I just can't wait to see the final product. Currently it takes around 12-15mb of RAM, seems to slow things down a little (not too bad, though), is kind of light on technical details on the protection (I emailed the tech support with a few questions, and they just directed me to the online help regarding one of them, and didn't address others at all. Apparently there are no whitepapers or anything giving more details on exactly how it works unless, I assume, you are an enterprise customer), and the wording for some things would be pretty intimidating for some more novice users. For example, when you allow something and check "don't ask me again" it gives you the option to remember answer for "this secured object and process" and "all secured objects protected by this security setting and process", which is a little confusing at first. Overall, however, it's pretty cool. I imagine the final version will be a little leaner and "hardened" If it all works out, I would consider this a pretty important layer of security.

    It's just sad that this kind of protection isn't already inherant to Windows. :doubt:
     
  16. notageek

    notageek Registered Member

    Joined:
    Jun 3, 2002
    Posts:
    1,601
    Location:
    Ohio
    I alos tried it out again. I like it. The only thing I don't like is how much RAM it uses. Sure do hope they fix that.
     
  17. Slovak

    Slovak Registered Member

    Joined:
    Mar 4, 2004
    Posts:
    515
    Location:
    Medina, Ohio
    I like it too, but dislike the memory usage, maybe we should contact them and give some feedback since this is a beta version.
     
  18. notageek

    notageek Registered Member

    Joined:
    Jun 3, 2002
    Posts:
    1,601
    Location:
    Ohio
    Yes. I'm on my way over to let them know.
     
  19. nadirah

    nadirah Registered Member

    Joined:
    Oct 14, 2003
    Posts:
    3,647
    Remember, PrevX is still BETA. ;)
     
  20. Notok

    Notok Registered Member

    Joined:
    May 28, 2004
    Posts:
    2,969
    Location:
    Portland, OR (USA)
    All the more reason to request it! The more people that mention it, the more likely it is to be fixed. I just filed a request as well.
     
  21. Slovak

    Slovak Registered Member

    Joined:
    Mar 4, 2004
    Posts:
    515
    Location:
    Medina, Ohio
    I did let them know about the memory usage problem, and they responded already, here is a copy and paste of the email.......
    From: "Home Support" <Home-Support@prevx.com>
    To: <slovak1965@xxxx.net>
    Cc: <home-support@prevx.com>
    Subject: RE: TESTING: Prevx Web: User Suggestions on Mon Jun 04:05:00


    Hi John,


    We understand the issue and will be working on reducing the resources used
    by Prevx Home. We have had quite a challenge to bring the Corporate IPS
    product down to the desktop and so have a few issues such as memory
    utilization to address.


    We expect future releases to reduce this further.


    Thank you for the comments and please continue to provide us with your
    feedback it is appreciated.


    Regards,


    Prevx Home Support


    251,2,John,Dorko,slovak1965@sbcglobal.net,I like the program, but it uses
    way too much memory, maybe you should try to cut down the memory usage
    somehow.,2004-06-28 03:04:50


    ---
    Outgoing mail is certified Virus Free.
    Checked by AVG anti-virus system (http://www.grisoft.com).
    Version: 6.0.710 / Virus Database: 466 - Release Date: 23/06/2004




    __________ NOD32 1.796 (20040626) Information __________


    This message was checked by NOD32 Antivirus System.
    http://www.nod32.com
     
    Last edited by a moderator: Jun 28, 2004
  22. notageek

    notageek Registered Member

    Joined:
    Jun 3, 2002
    Posts:
    1,601
    Location:
    Ohio
    Slovak, I got the same email this morning.
     
  23. Guyz, I read the comments in this forum with much interest.
    I'd like to know what you think about the memory issue?
    If I maximize and then minimize the GUI - it takes arround 1.5 meg in memory.
    which is quite less for such a graphic based gui.
    The agent takes arround 5MB (depending on what happens on the system)

    What is a reasonable amount of memory usage in your opinion for such a product? (e.g. If I think at Norton product - ouch!)
     
  24. notageek

    notageek Registered Member

    Joined:
    Jun 3, 2002
    Posts:
    1,601
    Location:
    Ohio
    Read my post earlier about the memory it took up on my Machine. Sorry I didn't feel like turning the KB into MB.
     
  25. Infinity

    Infinity Registered Member

    Joined:
    May 31, 2004
    Posts:
    2,651
    Hi you all, I find Prevx doing a great job. it is not Processguard but it is a real supplement on processguard. Personnally it is doing a good job on my system. when something is altered I have processguard and if something is installing something with spawning processes it is Prevx warning me ;)

    for me I would purchase it immediately only for this feature...

    bye
     
Thread Status:
Not open for further replies.