What is behavior blocker ?

Discussion in 'other anti-malware software' started by alex_s, Nov 30, 2008.

Thread Status:
Not open for further replies.
Page 2 of 2
  1. bellgamin

    bellgamin Registered Member

    Joined:
    Aug 1, 2002
    Posts:
    8,102
    Location:
    Hawaii
    You are correct (not the other fellow). That is -- Behavior Blockers are a subset of HIPS.

    A- HIPS = Host-based Intrusion Prevention System. Thus, a HIPS is an application delineated primarily by 2 factors as follows...

    1- WHAT it is designed to do -- a HIPS is designed to be an Intrusion Prevention System. That is, it is designed to protect information systems from unauthorized access, damage or disruption. It does this by monitoring system activities for malicious or suspicious or unwanted behavior, and by reacting, in real-time, to block or prevent those activities. In essence, a HIPS acts as a firewall between (a) applications and (b) the operating system kernel.

    2- WHERE it is designed to function -- a HIPS is designed to function "Host-based." That is, a host-based IPS is designed to be operated on one specific IP address, usually on a single computer.

    Conversely, a network based IPS is a NIPS. HIPS & NIPS -- when it comes to security, they really are pips. (cha-cha-cha)

    B- Thus, an application which is designed to be "host-based", & which is designed to function as an "intrusion prevention system" is a HIPS.

    C- For example, Threatfire (TF) is a Behavior Blocker (BB) whereas MalwareDefender (MD) is a "Classical" (C-HIPS). Although TF & MD have somewhat different structures/concepts, they are BOTH host-based, and they are BOTH intrustion prevention systems, so they are BOTH HIPS.

    D- The ability or inability to set custom rules is NOT a discriminator between HIPS & non-HIPS. Threatfire (our BB example) has quite a powerful *advanced* option to set custom rules.
     
    Last edited: Dec 2, 2008
    bellgamin, Dec 2, 2008
    #26
  2. EASTER

    EASTER Registered Member

    Joined:
    Jul 28, 2007
    Posts:
    11,126
    Location:
    U.S.A. (South)
    Really? Was good enough for this ole researcher to do a Copy/Paste to my category notes :) So thanks for pointing out those certain distinctions and others and i really like the term you used "Artifical Intelligence", since i dabbled a long time with those AI speaking/moving bots for a time and still get a rise from any form of PC AI when they really start to gel and make sense if only for awhile.

    EASTER
     
    EASTER, Dec 2, 2008
    #27
  3. jmonge

    jmonge Registered Member

    Joined:
    Mar 20, 2008
    Posts:
    13,744
    Location:
    Canada
    i knew i was correct:D
    thanks for the long explanation it is very clear
     
    jmonge, Dec 3, 2008
    #28
  4. alex_s

    alex_s Registered Member

    Joined:
    Aug 13, 2007
    Posts:
    1,251
    Indeed, the words are pretty nice. When you say "beautiful girl", for example, the words are also very nice, but everybody has his own picture in his mind :)

    Let me explain what I mean. "Intelligence" is a term from tha same line as "beauty". Easy to imagine, hard to explain. But in the tech we need only to use the words that can be clearly stated.
     
    alex_s, Dec 3, 2008
    #29
Page 2 of 2
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Accept Learn More...