processguard outdated for HIPS?

Discussion in 'other anti-malware software' started by YODA, Mar 16, 2009.

Thread Status:
Not open for further replies.
  1. YODA

    YODA Registered Member

    Joined:
    Jul 15, 2002
    Posts:
    100
    Do you guys think processguard 3 is out of date to keep using? Or should i switch to comodo's defense +? Would comodo defense + or online armor's program guard offer more HIPS protection than processguard? What do these new HIPS offer more compare to processguard?
     
  2. noone_particular

    noone_particular Registered Member

    Joined:
    Aug 8, 2008
    Posts:
    3,798
    Process Guard doesn't have all the features that the newer HIPS have. It probably won't work on Vista or Windows 7. That said, Process Guard is just as effective now as it was when it was released. HIPS software doesn't lose its effectiveness with age. It may also be less resistant against termination, but that's only a problem when the unwanted code was allowed to run in the first place. The same applies to the additional protections in newer HIPS, (registry, services, etc). If the code that would modify them isn't allowed to run in the first place, those features aren't that important. If you like PG, use it. If you're using it to enforce a default-deny security policy, it's still very good.
     
  3. jmonge

    jmonge Registered Member

    Joined:
    Mar 20, 2008
    Posts:
    12,883
    Location:
    Canada
    agree with the post above to enforce a default-deny ProcessGuard is a winner;)
     
  4. Rmus

    Rmus Exploit Analyst

    Joined:
    Mar 16, 2005
    Posts:
    3,943
    Location:
    California
    I don't consider PG strictly Default-Deny because the user is confronted with a decision to make:

    [​IMG]

    On the other hand, SRP permits no option, therefore is true Default-Deny:

    [​IMG]

    While experienced people on the forum might not have difficulty analyzing the prompt, I would hesitate to use PG on a family computer where less experienced people might be confronted with a decision to make. In addition, PG would not prohibit children from downloading software without parent's permission, which I consider a necessary part of Default-Deny in those situations.

    This has nothing to do with the OP's question about HIPS features, but does pertain to Default-Deny.

    ----
    rich
     
  5. jmonge

    jmonge Registered Member

    Joined:
    Mar 20, 2008
    Posts:
    12,883
    Location:
    Canada
    are you using the free version?cause with the paid version that's another story:)block new and change applications(paid version feature)plus you can pasword protect the configuration menu so no alterations for kids trying to download from the net:)
     
    Last edited: Mar 17, 2009
  6. Rmus

    Rmus Exploit Analyst

    Joined:
    Mar 16, 2005
    Posts:
    3,943
    Location:
    California
    OK, thanks. I didn't know that. I don't use PG - that screen shot was taken by fcukdat last year in a test he did for me.

    Can you show a screenshot to illustrate that there is no prompt?

    Is the paid version still being offered?

    ----
    rich
     
  7. jmonge

    jmonge Registered Member

    Joined:
    Mar 20, 2008
    Posts:
    12,883
    Location:
    Canada
    i wish they update/upgrade this beautifull tool:)
     
  8. Diprivan

    Diprivan Registered Member

    Joined:
    Mar 25, 2006
    Posts:
    66
    I emailed technical support asking if they were still actively developing ProcessGuard. I just got a reply. It said that the lead developer was suffering from ill health of late. I was sent a complementary registration code for PG 3.5.
    This is a great shame. I have tried all the available HIPS. PG seems to be the simplest for an average PC user like myself.
     
  9. jmonge

    jmonge Registered Member

    Joined:
    Mar 20, 2008
    Posts:
    12,883
    Location:
    Canada
    i love this one too but i want to see it grow;) the development is slow:)
     
  10. EASTER

    EASTER Registered Member

    Joined:
    Jul 28, 2007
    Posts:
    5,633
    Location:
    U.S.A. (South)
    PG 5 is Da Bomb!

    That version is very useful and stable as ever so much so that i run it with Avira & Mamutu now with all protections enabled as well as EQS.

    I been taking it on the chin lately from crack/keygen sites in my hunting expositions by letting down one of my guards and don't you know it, they slither thru another opening and once their in they juice up the droppers and begin mass distributions of file slinging like theres no tomorrow.

    My percentages are still pretty good though, only 2 image restores needed to recover from two attacks in the past 3 years. This time even though all my rootkit detectors killed the sources, the damage was done in seconds to system files needed to boot.

    I'll have all forces engaged next trip to their snake pits.
     
  11. jmonge

    jmonge Registered Member

    Joined:
    Mar 20, 2008
    Posts:
    12,883
    Location:
    Canada
Loading...
Thread Status:
Not open for further replies.