Privatefirewall 7.0 - VERSION 7.0.20.39

Discussion in 'other firewalls' started by burebista, May 7, 2010.

Thread Status:
Not open for further replies.
  1. burebista

    burebista Registered Member

    Joined:
    Mar 4, 2010
    Posts:
    208
    Location:
    Romania
    Here.
    *Process Monitor component now supported in Vista and Windows 7 x64 bit environments!
    Looks interesting, full HIPS support in x64. :cool:
     
  2. wutsup

    wutsup Registered Member

    Joined:
    Sep 20, 2009
    Posts:
    630
    Location:
    United States
    hmm i might have to try this out on my main gaming vista 64 bit pc. i tried out outpost firewall 64 bit but it was unstable.

    is the HIPS like a full blown HIPS like the hips of online armor and comodo(never used any comodo software because they give out their certificates to malware makers)?
     
  3. Night_Raven

    Night_Raven Registered Member

    Joined:
    Apr 2, 2006
    Posts:
    388
    Basically, yes. Maybe not as granular as Comodo but it definitely close enough.
     
  4. burebista

    burebista Registered Member

    Joined:
    Mar 4, 2010
    Posts:
    208
    Location:
    Romania
    I've tried it on Seven x64. I must admit maybe I wasn't too patient to learn it or leave it more in training mode but my finger is still hurting me after countless of clicks on HIPS alerts. :D
    Back to CIS for me we are old friends.
     
  5. Espresso

    Espresso Registered Member

    Joined:
    Aug 1, 2006
    Posts:
    975
    If anyone has it installed, try the Comodo Leak test and post your score.
     
  6. bellgamin

    bellgamin Very Frequent Poster

    Joined:
    Aug 1, 2002
    Posts:
    5,648
    Location:
    Hawaii
    No! PFW's HIPS component (known as Dynamic Security Agent, or DSA) is NOT a full blown HIPS.

    DSA basically records "normal patterns" for processes during a training period. It then allows the user to set a tolerance percentage for reporting deviations from the norm.

    For example, if DSA found that a given process normally used 7% of cpu time, & the user set a deviation tolerance of 50%, then that process could use cpu as high as 10.5% and be within the user's permissible deviation. If that particular process suddenly used 12% cpu, then DSA would halt the process & pop an alert to the user.

    Along similar lines as those just explained, DSA also sets norms for email so as to monitor for such things as floods.

    Classic HIPS such as Outpost, OnlineArmor, & Malware Defender hook the kernel so as to monitor for and report any & all actions by a process that could possibly expose the computer to infection. Examples of attempted-actions-by-a-process that will trigger alerts by a classic HIPS include but are by NO means limited to the following...
    1- set global hooks
    2- access physical memory
    3-shutdown the system

    Bottom Line -- DSA does NOT monitor with anywhere near the degree of granularity as is true for classic HIPS. On the plus side, DSA does provide adequate protection for all but the most adventurous surfers. HOWEVER...

    + If you are an IT whose job security depends on protecting your company's network, then a classic HIPS would be a better choice.

    +Also, if you are operating a kiosk, or providing security for classroom computers, or frequently surfing porns & cracks etc, then you should use a classic HIPS (and pray a lot).
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

    By the way --- DSA plays nicely with most classic HIPS and DOES cover a couple of security areas that classics do not cover. Thus PFW should work okay with Malware Defender (a pure HIPS). However, if you want to run PFW with the likes of Online Armor (which is a FW + HIPS), you should exercise OA's option to Uninstall the firewall.
     
  7. EscapeVelocity

    EscapeVelocity Registered Member

    Joined:
    Apr 1, 2010
    Posts:
    368
    I wish DSA was available by itself still.

    Maybe PrivateFireWall with DefenseWall HIPS would be a good combo, since DefenceWall's Personal Firewall version is brand new and not that great at the firewall part.

    PS - I wish there was a Thanks button on this forum, to express gratitude for the more knowledgable sharing their accumulated knowledge with others. Teaching is often a thankless action.
     
  8. Espresso

    Espresso Registered Member

    Joined:
    Aug 1, 2006
    Posts:
    975
    That's only the behaviour blocker element to the software, and something that I've turned off since I first used it. DSA has a lot of typical HIPS protection features besides that, like system file and registry protection, raw disk access protection, dns/network protection, hook and thread injection protection. In PrivateFirewall its primary role is leak protection and does fairly well according to the Matousec tests. :D
     
  9. tobacco

    tobacco Frequent Poster

    Joined:
    Nov 7, 2005
    Posts:
    1,497
    Location:
    British Columbia
    If anyone is using this new release along with Prevx SafeOline, could you see if private firewall is allowing prevx to authenticate files and the small window above the system tray pops up showing prevx actually authenticating them?

    Thanks
     
  10. Konata Izumi

    Konata Izumi Registered Member

    Joined:
    Nov 23, 2008
    Posts:
    1,544
    Yes. Prevx works fine with this latest version of PrivateFirewall.
    I'm using Prevx latest beta version.
     
  11. tobacco

    tobacco Frequent Poster

    Joined:
    Nov 7, 2005
    Posts:
    1,497
    Location:
    British Columbia
    Thanks - i dumped the private previously because of said action :eek:
     
  12. Night_Raven

    Night_Raven Registered Member

    Joined:
    Apr 2, 2006
    Posts:
    388
    That just proves that you are deliberately bashing the product, haven't actually tried it or don't really understand how it works and what it does.
    I know you pride on being a long time HIPS user so that's why I'm surprised by your response, as it is far away from the truth.
    As Espresso already mentioned what you described was just the System Anomaly Detection component of the program. It has a lot more to offer than that. The three example you have given as to what HIPS programs monitor are actually completely valid for Privatefirewall. Since you call the HIPS component DSA it could mean you've actually never tried the new version of the program. As you know or may not know, DSA was discontinued long time ago. Even when it was still available for download, and Privatefirwall was a paid program, the latter still had a little better and more advanced version of DSA integrated in it. It has come a long way since then. Its protection is pretty good. Like I said it's not as granular as let's say Comodo's or Malware Defender's as it doesn't monitor that many attack vectors and doesn't offer that much customization but it's still a very good program which I would most definitely call a full blown HIPS.
    If you like Matousec's tests, you can check how it performs. And with the latest version the score should be even higher, as they have added a bit more registry keys for the program to monitor and protect.

    Actually how about actually trying it in a virtual machine before you write such nonsense? Throw some malware at it and see how it handles it. I've tried it and it does a pretty good job.
     
  13. cp4eva

    cp4eva Registered Member

    Joined:
    May 26, 2007
    Posts:
    127
    Location:
    TX
    Would using the 'HIPS' component of PFW conflict with Avast 5 Free's BB? anyone tried it?
     
  14. Santos_L_Halper

    Santos_L_Halper Registered Member

    Joined:
    Sep 22, 2009
    Posts:
    13
    I've been using PrivateFirewall with Avast! 5 free for quite some time. I've never seen any conflicts with the Behavior Shield component of Avast.
     
  15. Konata Izumi

    Konata Izumi Registered Member

    Joined:
    Nov 23, 2008
    Posts:
    1,544
    It won't probably. the bb part of avast is more of an antirootkit. :thumb:
     
  16. cp4eva

    cp4eva Registered Member

    Joined:
    May 26, 2007
    Posts:
    127
    Location:
    TX
    Thanks, guys. I'm going to give a go for a few days.
     
  17. Konata Izumi

    Konata Izumi Registered Member

    Joined:
    Nov 23, 2008
    Posts:
    1,544
    HIPS component works alot better now.
     
  18. henryg

    henryg Registered Member

    Joined:
    Dec 13, 2005
    Posts:
    293
    Re: Private firewall 7.0 - VERSION 7.0.20.39

    Night_Raven, you are absolutely right.... PF's HIPS are very effective in this new version.

    BTW, does anyone know how the Splash Screen can be disabled?
     
  19. william1955

    william1955 Registered Member

    Joined:
    Mar 25, 2010
    Posts:
    12
    You should insert using Registry Editor:

    [HKEY_CURRENT_USER\Software\PWI, Inc.\Privatefirewall 6.0\General Settings]
    "SplashScreen"=dword:00000000

    Initially, this key was used in the case of PF 6, but it works also with PF 7.
    (I checked this myself)

    William
     
  20. henryg

    henryg Registered Member

    Joined:
    Dec 13, 2005
    Posts:
    293
    William, many thanks!
     
  21. lws

    lws Registered Member

    Joined:
    Aug 28, 2009
    Posts:
    196
    Night_Raven
    Thanks for info re private firewall. Iv'e installed the latest version of Private Firewall and after reading the "help" info on it and picking up info in this forum as well, I'm really liking this firewall. I can't believe how light it is compared to some of the "Bloat Ware" you have to download in other programs just to use a basic competent firewall.

    William
    Thanks for the info on the "splash screen", working great here.
     
  22. Night_Raven

    Night_Raven Registered Member

    Joined:
    Apr 2, 2006
    Posts:
    388
    Well, it depends to which programs you compare it to. ;) If you compare it to the older HIPS programs (like ProSecurity, System Safety Monitor, ProcessGuard, etc.), then it's not as light, but compared to the more recent and widespread products today (Comodo Internet Security, Outpost Firewall, Online Armor, PC Tools Firewall Plus) it is indeed lighter than all of them, while retaining very nice level of efficiency.

    My main criticism is that it lacks rule priority. I'm used to creating firewall rules manually by adding the 'allow' rules at the beginning and then the 'block all' rules at the end so that I can have very precise control what gets allowed and what gets blocked. Privatefirwall can't do that, which I feel is its biggest shortcoming. But for a not so pedantic users it's a great program indeed.

    Edit: or the problem was that there was priority (from top to bottom) but one couldn't move the rules manually. I don't recall exactly which one it was.
     
    Last edited: May 8, 2010
  23. bellgamin

    bellgamin Very Frequent Poster

    Joined:
    Aug 1, 2002
    Posts:
    5,648
    Location:
    Hawaii
    I used DSA stand-alone as my main HIPS on a laptop a few years back. I trialed PFW in March this year, shortly before I wrote a post requesting info about FW+HIPS apps.

    After I wrote that post, I was advised that my comments about Online Armor were outdated. Fortunately the person who gave me that helpful (and accurate) information didn't feel it necessary to bash me at the same time.

    Your comments seem to come from a different sort of heart. Even so, I shall give PFW another trial.
     
  24. Night_Raven

    Night_Raven Registered Member

    Joined:
    Apr 2, 2006
    Posts:
    388
    I don't think I actually bashed you.
    The thing is that you consider yourself a well educated user when it comes to HIPS products. You've stated that you like HIPS very much and that you've used many such products. So it was kind of strange that such a knowledgeable person can make such a statement. I mean, it's just so obvious that Privatefirewall has a full scale HIPS that I was astonished that anyone could say it doesn't have one. Saying the same thing about PC Tools Firewall Plus would be very accurate but not about Privatefirewall. True, it's not as granular as say Comodo's but it's pretty good nonetheless.
     
  25. AviraHelp

    AviraHelp Registered Member

    Joined:
    May 3, 2010
    Posts:
    9
    Made the switch from comodo firewall to private firewall since online armor free is not out for windows 7 x64 yet, and I am liking it a lot.

    my only concern is the no auto update.

    how would you guys go about updating private firewall to new versions?
    Installing on top of the older version or uninstalling it completely and then installing the latest version? If the later does all the rules/settings disappear and need to be set again?
     
Loading...
Thread Status:
Not open for further replies.