Discussion in 'polls' started by DriveSentry User, Apr 18, 2009.
HIPS= host-based intrusion prevention system.
EQSecure 4. beta3 + ProcessGuard 3.5 if you want to call it a HIPS! Which it does exhibit enough HIPS like qualities maybe to fall into the category at some level.
EQS is my bread & butter! Alcyon's Rules raised the effectiveness of it 90 % IMO
I personally use DriveSentry for HIPS. I think is it the best HIPS out there. It does a great job at stopping anything malicious from getting on your computer. I also love the fact that it is portable, which you can safely insert it into another PC,via you stick drive. And the best part: ((it is absolutely free))!! For information and reviews check out this site. I really recommend it!
Right now that wich is in my sig but DS support needs to come on here more often
I'm staying with SSM, both versions. SSM was debugged long ago. As long as it's used on the operating systems it was designed for, it'll provide more than adequate protection. IMO, it's still one of the best.
Why such a poor list of HIPS?
Well, I listed those 3 because they are standalone HIPS w/no antivirus and all three are great HIPS.
That is a very incomplete list with a lot of good options missing.
Alright, delete this poll and someone will make a different one w/ more HIPS. That is fine by me.
Just one question if you don't mind, i am one that won't hesitate an iota to run dual HIPS and in fact if PG & EQS can be considered somewhat similar in that respect, my question falls like this.
I would have NO PROBLEM running Drive Sentry, but is it fairly consistent with being compatible with most other HIPS too?
I haven't tested it,but according to this it is. (2nd post)
DriveSentry is marketed as "next generation AntiVirus protection". It appears to be both a HIPS and an antivirus, using a combination of whitelisting, blacklisting, and community feedback.
I may be wrong about this but I assume the reason DriveSentry doesn't conflict with other antivirus programs is that the HIPS gets applied first and that checking using the signature database only comes into play when a process tries to write to an area of the file system or registry protected by DriveSentry.
Defensewall all the way for me here.
This can help you.
And yes DriveSentry(HIPS)-(Non-signatured based) is the next generation anti virus. And what I mean when I say "standalone" is with no actual anti virus...the kind used currently these days. For example: Comodo w/HIPS or KIS w/HIPS. etc
All that DriveSentry does is it monitors drive traffic and prevents anything untrusted to do anything to your computer. (Without signatures) It's like a Hard Drive Firewall!!
That's a good question.
I'm running DriveSentry alongside PC Tools Firewall Plus (with ESV turned on), ThreatFire, Prevx 3.0 (paid), and Returnil Premium without any problems or conflicts, so it doesn't appear to have any inherent difficulties in getting along with other programs. I also had AntiVir Personal running as well but I've now removed AntiVir for the moment because I didn't really want two antivirus programs running together, even though they didn't appear to be conflicting.
I don't recall reading negative postings regarding DriveSentry compatibility with other programs, so it's likely that DriveSentry does work alongside most HIPS quite happily. The only way to find out for sure of course is to try it for yourself and see if it works for you.
Thank you for your reply; this is getting to be an interesting discussion.
My understanding of the term "next generation antivirus" is that DriveSentry includes whitelisting in addition to blacklisting. I am aware that DriveSentry can be viewed as a hard drive firewall. The question is whether or not it does anything more than that in real-time, and there are suggestions that it does.
For example, post #52 by Katie in the following thread: https://www.wilderssecurity.com/showthread.php?t=209764&page=3&highlight=drivesentry
And post #117 in the same thread: [https://www.wilderssecurity.com/showthread.php?t=209764&page=5&highlight=drivesentry
If DriveSentry does not work the way Katie describes, it is difficult to see why it would be of any value to have a trickle feed of signature updates; or what use the Tri-Security protection of: whitelisting, blacklisting, and community advice would be, if it is not adding to the real-time protection.
Also, the recommended advice when installing DriveSentry is to uninstall any other antivirus programs to eliminate any possibility of a conflict. Again this should not be necessary if DriveSentry is solely a HIPS program.
The final thing that suggests to me that DriveSentry is positioned as an antivirus, as well as a HIPS, is that DriveSentry have gone to the trouble of obtaining WestCoast Labs Checkmark certification.
I must confess to not fully understanding how DriveSentry works, but I have assumed that it is more than just a HIPS and does incorporate some kind of signature-based checking in real-time, triggered on behaviour. If you are correct that DriveSentry performs no functions in real-time other than monitoring of disk writes then I will be reinstalling AntiVir for additional protection.
It is real time..even if the malware is already installed, DriveSentry will detect it when it attempts to write to your system and cause damage. I have tested DS myself by going to..
What I use is DriveSentry as a HIPS and my firewall router,which does more than enough to protect me. I don't need an anti virus because I am really careful on the internet and watch what I download.
Also in their next DriveSentry version there is going to be a network firewall!
Thanks for your reply.
Yes, I know that DriveSentry works to detect malware in real-time but when you say: -
I'm not sure whether you agree that DriveSentry should be classified as an antivirus program or not.
If DriveSentry combines HIPS with real-time signature-based scanning using whitelisting and blacklisting, as stated by Katie, the official DriveSentry representative here at Wilders, then it is best described as a hybrid HIPS/antivirus, not a pure HIPS. Calling DriveSentry "next generation AntiVirus" summarises it perfectly for me.
Looking forwards to the network firewall in the next version.
I have PG, SSM, EQS, Malware Defender and Netchina floating around on different snap-shots, also OA and Outpost licenses.
As pointed out above, this poll is not really a good one since it is so limited in product choices. Also, we already have a number of discussion threads for DriveSentry in other forum sections. Those are a better place for posts discussing the capabilities, effectiveness and future of the DriveSentry product.
Separate names with a comma.