Standalone freeware HIPS?

Discussion in 'other anti-malware software' started by ingem64, Feb 16, 2009.

Thread Status:
Not open for further replies.
  1. ingem64

    ingem64 Registered Member

    Joined:
    Oct 15, 2006
    Posts:
    36
    My security software in PC with XP SP3 is:

    1. Avast antivirus Home
    2. Windows Defender
    3. Windows firewall

    Do I need something else?
    I think, some HIPS?

    Do you recommend some standalone freeware HIPS application?
    Thank you.
     
  2. Fuzzfas

    Fuzzfas Registered Member

    Joined:
    Jun 24, 2007
    Posts:
    2,753
    There aren't many standalone HIPS left, let alone free ones...

    - EQ Secure 3.41 is probably the only fully featured free HIPS out there.
    - Process Guard Free is free, but provides simple execution and modification/termination process protection.
    - System Safety Monitor was given as farewell gift for free when it shut down, i am not sure if you can still get a free license from Vitaly.

    - EQ Secure 4 if you speak chinese.

    At the end it all depends on your personal taste and on whether you are high risk user or not.

    - You may be fine with what you have now.
    - If you understand and like EQSecure, then it's the safest solution.
    - If you want a simpler HIPS, PG Free may be a good solution, but not as secure.
    - You could use something like Threatfire.
    - You could add Sandboxie.
    - A combination of the above.
     
  3. aigle

    aigle Registered Member

    Joined:
    Dec 14, 2005
    Posts:
    11,047
    Location:
    Saudi Arabia/ Pakistan
    I will suggest to remove Windows Defender.

    After that you can add one of these:

    ThreatFire( if u don,t like pop ups)
    OA free
    CFP - both of these if u like pop ups

    You can add a sandbox also.
     
  4. Smiggy

    Smiggy Registered Member

    Joined:
    May 2, 2007
    Posts:
    209
    Location:
    The Angel Isle
    You can turn Windows Defender into a HIPS package by simply changing your membership of spynet.

    ------------------

    Make sure you join Spynet with an "Advanced" Membership.
    This opts you into some options not avaible from the standard user interface.

    You will literally get "full-blown" HIPS Protection, Simply check the options:

    Enable real-time protection &

    Choose if Windows Defender should notify you about:

    * Software that has not yet been classified for risks
    * Changes made to your computer by software that is permitted to run

    Job done!

    No need to install anything else on your PC.

    ------------------

    EQS is fantastic but if you're not up to speed with granular HIPS it will probably drive you round the bend initially with it's popups.

    Alcyon's has some rulesets that makes it fully bulletproof.
    Search for his name on this forum and his website, plus links for the prog and his rulesets, are in his signature strip.

    :thumb:
     
  5. vijayind

    vijayind Registered Member

    Joined:
    Aug 9, 2008
    Posts:
    1,413
    For novice users: Threatfire, for medium level users: Comodo Firewall with Defense+ HIPS , for advanced users: EQSecure
     
  6. Pedro

    Pedro Registered Member

    Joined:
    Nov 2, 2006
    Posts:
    3,502
  7. Saraceno

    Saraceno Registered Member

    Joined:
    Mar 24, 2008
    Posts:
    2,404
    The only problem I had with Windows Defender in advanced mode, is when testing a few programs, WD would alert on say a system change, but if I selected to deny that change, on most occasions the change could not be denied.

    Maybe its improved. It's good with the alerts, but see if you can 'rollback'/deny a system change.

    ThreatFire shouldn't give novice users, who are just browsing the net, any alerts. Would be my pick.
     
  8. bellgamin

    bellgamin Very Frequent Poster

    Joined:
    Aug 1, 2002
    Posts:
    5,648
    Location:
    Hawaii
  9. Someone

    Someone Registered Member

    Joined:
    Jan 18, 2008
    Posts:
    1,106
    As others have stated, Threatfire is a good choice if you don't want pop ups.

    You should also add a sandbox, you could use Sandboxie, GesWall or DefenseWall.
     
  10. PROROOTECT

    PROROOTECT Registered Member

    Joined:
    May 5, 2008
    Posts:
    1,102
    Location:
    HERE ...Fort Lee, NJ
  11. bellgamin

    bellgamin Very Frequent Poster

    Joined:
    Aug 1, 2002
    Posts:
    5,648
    Location:
    Hawaii
    In that HIPS thread, PRO recommended Startup Monoitor & Tiny Watcher, neither of which is a HIPS. Hmmmm :cautious:
    ~~~~~~~~~~~~~~~~~~~~~~
    I complied with several PM requests for a link to Real-time Defender (RTD). I hope you folks like it.

    RTD used to be called ProSecurity (PS). Comodo hired Jei, the proponent of PS. Jei sold the code for PS to someone. The new owner then changed the name of the latest version of PS to RTD & put it on the web as a free download - - which is the target of the link I have given to those who PM a request.

    I hope that whoever is RTD's proponent will eventually begin updating RTD. However, PS was so far ahead of its time that RTD is still a superb addition to anyone's security wall. By the way: in addition to the full array of classical HIPS capabilities, RTD also provides network protection both in & out. A grrreat freebie!
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

    Here are 2 more classical HIPS that I just remembered....

    6- Antihook 2.6 (AH). I have never tried AH myself, but a search will give you several Wilders threads that discuss it.

    7-ProcessGuard. Another I haven't tried. A "cult favorite".
     
    Last edited: Feb 17, 2009
  12. Kees1958

    Kees1958 Registered Member

    Joined:
    Jul 8, 2006
    Posts:
    5,857
    Like Aigle said: remove windows defender and install latest ThreatFire. Easiest thing to do, make sure to create a restore point before TF quantaines something (somewhere in the settings).

    Cheers
     
  13. Kees1958

    Kees1958 Registered Member

    Joined:
    Jul 8, 2006
    Posts:
    5,857
    I would go for DefenseWall paid or GeSWall free
     
  14. PROROOTECT

    PROROOTECT Registered Member

    Joined:
    May 5, 2008
    Posts:
    1,102
    Location:
    HERE ...Fort Lee, NJ
    Yes Bellgamin: StartupMonitor, Tiny Watcher and System Shield - they are now sufficient for me. That's what I meant.
     
  15. andyman35

    andyman35 Registered Member

    Joined:
    Nov 2, 2007
    Posts:
    2,336
  16. bellgamin

    bellgamin Very Frequent Poster

    Joined:
    Aug 1, 2002
    Posts:
    5,648
    Location:
    Hawaii
    Tiny Watcher is a good "file integrity checker" - - I recommend that you always use TW's deep scan. It is much more effective than TW's default scan. Your other 2 apps are largely a waste of time. In any event NONE of these are HIPS so you & I are both OT & should be shot. :argh:
     
  17. Sully

    Sully Registered Member

    Joined:
    Dec 23, 2005
    Posts:
    3,719
    Agree both are off-topic for HIPS, but hardly what I would call a waste of time. One could argue the other way where a HIPS with all of it's configuring required (usually) would be a waste of time.

    I guess it depends which time zone you live in or if you like pie vs cake. :D

    Sul.
     
  18. PROROOTECT

    PROROOTECT Registered Member

    Joined:
    May 5, 2008
    Posts:
    1,102
    Location:
    HERE ...Fort Lee, NJ
    Bellgamin, not be afraid, I am with you, Sully understands us and it is a victory!:-*

    Thank you Sully; righty - I prefer the cake, You've noticed.

    Kingdom for 2608 Kb!*puppy*
     
  19. Page42

    Page42 Registered Member

    Joined:
    Jun 18, 2007
    Posts:
    5,828
    Location:
    Last Breath Farm
    Thanks for that bit of info, Smiggy. I wasn't aware of it and I have since opted for advanced SpyNet membership and the two notifications options. Previously I had been wary of sending info to MS, but I'm willing to try it for awhile in order to see how WD performs. :thumb:
     
Loading...
Thread Status:
Not open for further replies.