What on earth has happened to viable HIPS software availability?

guest also said he does not use it anymore . He uses Appguard, Shadowdefender and rehips. Not sure if he uses Voodooshield or not.

 

He might not use it anymore but in the guides, definitely has about every inch of that program's settings memorized

And it's chalked full of them. If I ran that camp we would have to take to trimming that puppy back considerably, and I don't mean settings, but all the add-ons. Geez

I suppose my next shop will stop at SpyShelter and see how that one floats.

Nothing and I do mean nothing has surfaced yet to come even close to comparison with my ole trusty EQSecure. Light as a feather, quick, and couldn't even be overwhelmed by massive repeating beating on the thing.

Seen some HIPS before get overpowered with certain malware causing a freeze up the whole system if not preprogrammed against it.

 

Voodooshield with rehips is overall

 

How do you like Voodoo shield?

 

@EASTER yep , it CIS didn't have a annoying recurrent bug , i would surely using it right now...and about my CIS settings, i didn't started to tweak the FW part

@boredog main machine is Appguard + ReHIPS ; description of my setup in my signature)

I added temporarily Sandboxie because i need one of its feature , which will be implemented in ReHIPS in a later version.

 

I more like HIPS from SS with Sandboxie than stand alone ReHIPS casue lack of some important features.
I just waiting for test lates coming NVT ERP ... its gonna be also nice product <3

 

Which ones you need?

 

Acess / partial SRP ..auto delete etc
Annoying copule dekstpps per apps. In sandboxie i can pop up all sandboxed apps on main window no need jump per windows like a monkey...
frendly UI for current files in sandbox.

ReHIPS just work globaly something like a SD about invidual settings you can forgot...

 

It's never going to happen in a million years, at least not Comodo, BUT I can almost envision my dream HIPS.

It goes like this. It has all the HIPS + Auto-Containment features/settings just like CFW, and also the firewall or not, but with a drastic cutback from all the other unnecessary radio buttons/checkboxes that gum up the whole works as is.

Lightened up beautifully with the 360Essentials GUI & Layout

 

i guess you didn't dig much in the options, it has a lot of options for access and rights...
Auto-delete is a convenience feature, in ReHIPS just do it manually and recreate a isolated environment. sure auto-delete is nice, it was requested and it will be implemented later.

And you can do the same in ReHIPS , but you have to untick an option because the whole point of ReHIPS is isolation via tighten user profiles using virtual desktop to ensure that.

yes could be made , but this is not essential to me.

Wrong again, each users can have a separate dedicated settings.

You should have used the latest build (RC4) longer and do more researches...

I have a LFT license for sandboxie, but i chose ReHIPS as my sandboxing apps, if ReHIPS was so limited compared too Sbie, i won't use it, but it is not, so i'm more than happy with it.

 

This is another problem with Comodo, they made it too confusing. That's why I also didn't like AG, even after reading the help file 5 times, I still didn't get the full picture. I believe VoodooShield is also a bit too complex, I like my tools simple. EXE Radar + Sandboxie + SpyShelter, it doesn't get any simpler than that, at least for me.

 

Admittedly Comodo FW even for an old hat like me seemed a little daunting (last week) with what seems like myriad settings etc. but there are plenty enough guides now i think and especially videos that go a long way in sweeping away that learning curve. And then there is back and forth correspondence and discussion in forums that make things clear too. I suppose it depends on how much effort/time an end user is willing to invest to LEARN the settings. The joy of it though are in the results when after you test something(s) you know to be extremely harmful to a system and then realize the purpose for each page/tab is to cover those bases efficiently.

I favor simple too in an ERP + Sandboxie + Shadow Defender etc for example with all their simplicity but solid performers.
AG is perhaps my toughie right now too but at least it's reachable/discoverable with some patience and time.

No one beefs any more over what appears like too much complexity in some security programs as hard as I do I think, but at the end of the day it's still there.

Still though in order to get the absolute maximum benefit out of what some of these are preprogrammed to accomplish, i guess we have to look at it as a necessary temporary inconvenience and just keep returning to the thing as many times as it might take until the stuff finally sinks in.

And it will if you really want it to.

Whenever you run into those frustrations try to be reminded of what it must be like for the developers/programmers who have to carry all that stuff around in their noggin.

 

Exact. Learning, testing, failing and re-testing are the keys to master a software.

 

SD as the base of my setup and SS +ERP as the system/processes monitoring...as I see similar setup is quite popular
BTW nobody have mentioned about e.g. AntiHook, Viguard and one of the most configurable BB/HIPS - ThreatFire.

 

Voodooshield complex? You don't even need to change the settings and in auto pilot it won't show almost any popup

 

Most people would rather spend all their time on security forums instead of learning their software. Some even keep looking at new software with open mind but in the end after all their posts, nothing has changed. You and a couple others turned me on to Appguard to the point I paid for it. Only thing I didn't like about it was it was a lifetime LIC that lasted a few months , then they went yearly like so many do. When it come to the point my version is not sufficient enough, I will dump it and stick with Voodooshield.

 

Indeed, it is too simple to me, i like load of granular options

 

I basically prefer apps that are easy to understand and easy to configure, even if they might have lots of options. For example, in SpyShelter it's very easy to disable certain settings that will reduce alerts and will give a good balance between security and usability.

Perhaps the VS thread gave me the wrong impression, but it looks like it's stacked with all kinds of options, and is also causing certain issues.

 

Rock solid and reliable without much if any fuss. Got that

Going on week (2) with Comodo FW 10 on Windows 10 [AutoContainment + Firewall Only ENABLE] and loving it.
Don't know if this qualifies much as HIPS or not since the HIPS part is roughly by on-demand only right now.
Just enough behind the scenes features in operation to keep things light and tight.

Like the fact that in any event since CFW snatches process executions first that NVT-ERP has a final say if they are actively launched or not.

I guess that's my HIPS for the time being.

Spyshelter & VooDoo Shield are excellent of course (Fantastic! even), but to take a slightly different approach with this combo can actually stand up to the stress of effective defense with minimum learning curve. Both easy to understand, CFW too when you narrow the field of settings you actually use.

 

For those using Comodo and wanting to know the interaction between Containment (aka auto-sandbox aka BB) and the HIPS, my marvelous old but still valid article there

https://malwaretips.com/threads/com...ntainment-hips-interaction-explanation.11819/

 

Indeed I never used Sandbox now Containment: I want to have a full HIPS that monitor all happens in my system. No matter if I have more alarms, I feel more safe so.

 

you can use both , containment would backup the HIPS in case of wrong click.

 

I think it's the other way around.
When I used CFW, first it was the sandbox (now containment) to jump in. Then, if I selected "don't sandbox again" and I run the file again, the HIPS jumped in

 

Proactive Mode with both HIPS and autosandbox enabled? because if HIPS isn't enabled, sandbox take priority, HIPS would kicks-in only if the autosandbox has no rules for it or as the way you did; as i demonstrated on the link above. it was v8 , but i don't think they changed comodo core mechanism so much on v10.

 

I have always used CFW in Proactive Security.
On v10 I used cruelsister's settings (so, HIPS disables and only sandbox enabled), but on v8 I had both HIPS and sandbox enabled.
By the way, the most common example was tu run an unknown file with no rules on sandbox and no rules on HIPS. Like that, sandbox kicked in first.