What on earth has happened to viable HIPS software availability?

Discussion in 'other anti-malware software' started by Smiggy, Mar 10, 2017.

  1. clubhouse1

    clubhouse1 Registered Member

    Joined:
    Sep 26, 2013
    Posts:
    1,124
    Location:
    UK
    Exactly, the rule of thumb tells us not to use two firewall or two AV's due to the possibility of conflicts...The same rule I'm sure must apply to other system security products that are trying to achieve the same security aspects will clash at some point or level too..I think to many security softwares are likely to expose systems rather than protect.
     
  2. aigle

    aigle Registered Member

    Joined:
    Dec 14, 2005
    Posts:
    11,161
    Location:
    UK / Pakistan
    They will stick with the basics and then you will complain why they are being bypassed by the malware.
     
  3. itman

    itman Registered Member

    Joined:
    Jun 22, 2010
    Posts:
    8,428
    Location:
    U.S.A.
    And false positives on AV Labs tests; constant inquiries from users about alerts or complaints the feature not working correctly; etc. etc.. This is exactly why AV vendors do "tone down" their HIPS's at default settings.
     
  4. Peter2150

    Peter2150 Global Moderator

    Joined:
    Sep 20, 2003
    Posts:
    20,590
    Why, it works perfectly here on 5 Win 7 setups.
     
  5. guest

    guest Guest

    It does, i do.
     
  6. paulderdash

    paulderdash Registered Member

    Joined:
    Dec 27, 2013
    Posts:
    4,462
    Location:
    Under a bushel ...
    No issues here either. Win 10.
     
  7. boredog

    boredog Registered Member

    Joined:
    Feb 1, 2015
    Posts:
    2,499
    Thanks guys. I think I will reinstall HMPA again then. I sure can use overkills lol
     
  8. paulderdash

    paulderdash Registered Member

    Joined:
    Dec 27, 2013
    Posts:
    4,462
    Location:
    Under a bushel ...
    Lol I recal your sig showed you had lots going on - but I see you've removed it ;).
     
  9. StillBorn

    StillBorn Registered Member

    Joined:
    Nov 19, 2014
    Posts:
    244
    Concise, logical, and intellectually eviscerating as usual. Shine on you crazy diamond.
     
  10. B-boy/StyLe/

    B-boy/StyLe/ Registered Member

    Joined:
    Sep 19, 2012
    Posts:
    320
    Location:
    Bulgaria
    I agree. Btw OSSS was a great alternative of Comodo a few years ago:

    http://www.online-solutions.ru/en/products/osss-security-suite.html
     
  11. Rasheed187

    Rasheed187 Registered Member

    Joined:
    Jul 10, 2004
    Posts:
    15,193
    Location:
    The Netherlands
  12. EASTER

    EASTER Registered Member

    Joined:
    Jul 28, 2007
    Posts:
    9,868
    Location:
    U.S.A. (South)
    Would somebody please rewrite EQSecure for 64 bit and i'll take it the rest of the way from there :p
     
  13. Peter2150

    Peter2150 Global Moderator

    Joined:
    Sep 20, 2003
    Posts:
    20,590
    Would that include paying the bill, because it is unlikely it will pay for itself.
     
  14. boredog

    boredog Registered Member

    Joined:
    Feb 1, 2015
    Posts:
    2,499

    Still seems a lot of people here do not think Voodooshield or Appguard is up to the job? That is a shame.
     
  15. EASTER

    EASTER Registered Member

    Joined:
    Jul 28, 2007
    Posts:
    9,868
    Location:
    U.S.A. (South)
    As far as I know, and that's not much anyway, the source code is probably by now rotting on a saved image in a server no longer in use anymore just like the program.

    Shame too, because it did have so many useful user-configurations from which to establish rock solid rules of engagement.
     
  16. Peter2150

    Peter2150 Global Moderator

    Joined:
    Sep 20, 2003
    Posts:
    20,590
    Yeah, but the source code isn't of much value as it was 32bit, and it's not a simple conversion
     
  17. EASTER

    EASTER Registered Member

    Joined:
    Jul 28, 2007
    Posts:
    9,868
    Location:
    U.S.A. (South)
    Yeah I was going to say that. The 32 bit HIPS revolution for all the excellent security that it was, soon enough got pinched out by 64 bit systems most are on now.

    Give me a 64 bit EQSecure with similar-like granular rules and the rest would be a picnic.

    I don't knock spyshelter and the like at all but virtualization for my machines does everything needed to prevent sneak intrusions that might have a way of slipping through otherwise.
     
  18. guest

    guest Guest

    To me HIPS are obsolete when you have modern anti-exes (ERP, SoB) or strict SRPs (Appguard). the only advantage i find on HIPS is the detailed process logging, the rest is just hassle and waste of time, who cares if "Com x is trying to access x". Ridiculous...
    NVT are releasing an app doing process logging so...
     
  19. B-boy/StyLe/

    B-boy/StyLe/ Registered Member

    Joined:
    Sep 19, 2012
    Posts:
    320
    Location:
    Bulgaria
    It was really awesome. It had very detailed and helpful information.

    https://www.kaldata.com/forums/topi...плахи-част-11/?do=findComment&comment=1826826

    It is your point of view. I know that HIPS can be annoying at the beginning but once trained it is really easy and powerful to use. I prefer it over the anti-exe anytime since it give me more control over the system and less discomfort when install/update my software. I have some SRP policies rules applied along with the HIPS but if I decide to stop using it I will replace it the auto-sandbox feature of CIS instead.
     
  20. EASTER

    EASTER Registered Member

    Joined:
    Jul 28, 2007
    Posts:
    9,868
    Location:
    U.S.A. (South)
    The "ridiculous" of process logging and active live tracking would never be of any interest for some true but everyone has their own expectations in what is best for communication between machine and the operator of the same.

    HIPS of the classical variety fully configured MANUALLY at first can afterward be set to full AUTOMATION and protect just as well as the best of anti-exe's.
     
  21. guest

    guest Guest

    The thing is some people like monitoring, i can understand that, i did too in the past, but now i don't bother anymore, i only allow what i want and block all the rest. Less hassle, less wasted time checking what is this event's purpose, should i allow this process or not? etc...

    Now i enjoy my system knowing that only things i want are running.
     
  22. B-boy/StyLe/

    B-boy/StyLe/ Registered Member

    Joined:
    Sep 19, 2012
    Posts:
    320
    Location:
    Bulgaria
    Me too but I achieved it with the HIPS and with minimal efforts. I still can run everything (even unknown software) and be safe.
     
  23. Peter2150

    Peter2150 Global Moderator

    Joined:
    Sep 20, 2003
    Posts:
    20,590
    All the arguments are sort of true, except they don't sell, because the average user sees them as a hassle, and the respond incorrectly to pop ups. So no one is going to expend the funds to do what it would take to make it happen. IT IS DEAD
     
  24. guest

    guest Guest

    Exactly; it is why HIPS, anti-exe, SRP, etc...are only appreciated by people like us. Average Joe want a solution that will do everything flawlessly for him without his involvement.
     
  25. Peter2150

    Peter2150 Global Moderator

    Joined:
    Sep 20, 2003
    Posts:
    20,590
    Back when Prevx2 was an excellent full fledged HIPS, they found that users clicked the wrong response over 50% of the time. That's when they dropped the full fledged response. Remember Process Guard. Was ahead of its time, but also remember Diamond CS went out of business because it didn't sell. They all fail the business model because there aren't enough sales.
     
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.