Which Host Intrusion Protection System (HIPS) are you using?

Discussion in 'polls' started by richrf, Aug 3, 2005.

?

Which Host Intrusion Protection System (HIPS) are you using?

  1. Abtrusion Protector

    0 vote(s)
    0.0%
  2. AntiHook

    9 vote(s)
    5.4%
  3. Online Armor

    22 vote(s)
    13.1%
  4. Prevx (any version)

    24 vote(s)
    14.3%
  5. ProcessGuard

    58 vote(s)
    34.5%
  6. RegDefend

    31 vote(s)
    18.5%
  7. Safe N' Secure

    12 vote(s)
    7.1%
  8. System Safety Monitor

    16 vote(s)
    9.5%
  9. Other

    19 vote(s)
    11.3%
  10. Installed but then uninstalled (please comment why)

    6 vote(s)
    3.6%
  11. Interested but waiting

    14 vote(s)
    8.3%
  12. Not at all interested

    10 vote(s)
    6.0%
  13. I have no idea what HIPS is

    11 vote(s)
    6.5%
Multiple votes are allowed.
Thread Status:
Not open for further replies.
  1. thewolf

    thewolf Guest

    Another vote for AntiHook. For one because it's free, and it's nearly as good as Process Guard. Actually it covers some areas PG doesn't. I have little doubt the next version will be even better.

    I also use Prevx home free version. Together AntiHook and Prevx free provide quite a good defense against malware, as good as many payware programs, even more protection in some cases.

    I used to use SSM but it just causes too many problems on my pc, freezes and lockups etc.... Now that SSM has new owners maybe we'll see an improvement in the next version due out sometime around December 05, I think.
     
  2. richrf

    richrf Registered Member

    Joined:
    Dec 11, 2003
    Posts:
    1,907
    Hmmmm ... votes for AntiHook are not registering. There have been three comments so far for AntiHook but only one vote. Don't know why.

    Rich
     
  3. muf

    muf Registered Member

    Joined:
    Dec 30, 2003
    Posts:
    926
    Location:
    Manchester, England
    Rich,
    You make that sound like something new. Regrun has that facility as well, and did so long before Regdefend came along. Why are you so set on converting people that use Registry pollers to Regdefend? People are entitled to use what they like and not have to undergo your conversion techniques. Poor c3nt had to virtually tell you to leave it be.
    You're obsessed mate. Regdefend & Processguard. Let people express their choices. You make it out like everyone who doesn't use them are naked and vulnerable. And nothing could be further from the truth.

    Regrun is a totally different animal to Regdefend or Prevx. Advising someone to remove an application that has utilities that aren't covered by other application's is very poor advice. It's quite obvious you have never used Regrun.

    muf
     
  4. chew

    chew Registered Member

    Joined:
    Jun 29, 2004
    Posts:
    515
    Location:
    GeordieLand.
    Installed Prevx but later un-installed it due to the fact that I could not get update behind Uni firewall ... no solution was found so I un-installed it. Later on I read postings that Prevx was using too much resources and ever since then I had been waiting for some free version ... oh ya ... it will be expensive to have Prevx ...

    :(
     
  5. richrf

    richrf Registered Member

    Joined:
    Dec 11, 2003
    Posts:
    1,907
    I personally do not like pollers because:

    1) The delay between the time the registry is updates vs. the time it is actually undone. Lots can happen.

    2) The possibility of conflicts occurring when two or more "redos" are performed simultaneously. It actually happended to me, and it totally hosed my registry. There is a way to do this correctly. That is to: a) Check to see that no other program is updating the registry items and then b) locking the registry items so that no other program that is trying to concurrently update the registry, it able to. I am not sure whether Windows XP (or any other version of Windows) allows the registry to be controlled in this manner. If there are locks registry level locks, that will also do.

    In general, I perfer the "pro-active" approach, because a) the "door is closed shut" and nothing gets in unless you allow it, and b) there are no issues that are associated with "undoing" an entry.

    I realize that there are lots of reasons that other users do not prefer this approach, and that is fine with me. I never encourage anyone to change unless there is a good solid rationale for change.

    For me, there are more than sufficient reasons to move to this "pro-active" approach to security. It is just more secure and cleaner. You don't want to let the termites in the house and then try to get them out. Best to keep them out to begin with. In other words, all of those "tools" that are needed to clean up a mess are no longer needed if you never allow the mess to be created in the first place. Of course, I keep an image copy handy, just in case I spill the paint. :)

    Rich
     
    Last edited: Aug 4, 2005
  6. ^Ale

    ^Ale Registered Member

    Joined:
    Jul 6, 2004
    Posts:
    187
    Location:
    Italy
    Process Guard 3.150 (reg. version)
     
  7. myluvnttl

    myluvnttl Registered Member

    Joined:
    Aug 23, 2004
    Posts:
    150
    I used ProcessGuard v3.150.
     
  8. richrf

    richrf Registered Member

    Joined:
    Dec 11, 2003
    Posts:
    1,907
    It occurred to me that I should have included ZoneAlarm's 6.0 OSFirewall in this poll. If anyone has any experience with it, I would be interested in comments. E.g., does it alert when new drivers/services are being installed? Does it alert when changes are made to the program?, Does it alert when a program is trying to acquire a global hook? etc. In other words, how competitive is it with PG and AntiHook and how reliable/stable is it? Thanks.

    Rich
     
  9. ---

    --- Guest

    Or Tiny firewall which incorporated tiny trojan trap.

    They were the first and far ahread of ZA by many years.

    A few people use it, but it's darn complicated ...
     
  10. c0ltran3

    c0ltran3 Registered Member

    Joined:
    Nov 8, 2003
    Posts:
    172
    I use ProcessGuard (full version) with Prevx Home as real time protection. I also use RegRun Gold Suite on demand.
     
    Last edited: Aug 7, 2005
  11. Trooper

    Trooper Registered Member

    Joined:
    Jan 26, 2005
    Posts:
    5,507
    Currently I am just using RegDefend. I am contemplating trying out Safe'N'Sec or Online Armour however. ;)
     
  12. Robyn

    Robyn Registered Member

    Joined:
    Feb 1, 2004
    Posts:
    1,189
    RegDefend as I find this one a lot easier to get used and like the fact I can add to my protection form the .ght files the 'experts' have made available on the forum.

    Installed PorcessGuard trial when it was not very user friendly, uninstalled completely.
    I have the new version (full) but to date it is still packed in a folder as I really do need
    to feel a lot more confident about installing. Have followed and asked for a lot of advice which was given the only delay in install is me :oops:

    Tried Prevx in tha past but did not re-install again.
    RegRun Gold - installed as I fully intended to use this but after the install I could not get my computer shut down normally o_O

    I do like RegDefend and may add ProcessGuard in the future.
     
  13. Mrkvonic

    Mrkvonic Linux Systems Expert

    Joined:
    May 9, 2005
    Posts:
    10,213
    Hi,
    I don't use them, but for a different reason.
    I don't like the bother of clicking popups too often. So far, these programs are too rigid to suit my temper. I do not want to spend a week just configuring the machine to work. And I hate messages telling me generic host or svchost or some other process is trying to modify this or that . . .
    If and ever any of the computers under my lecherous grasp gets infected, which has not happened even once since 1999, the time I use Internet, I have the utlimate weapons against them: one full saturday + format.
    Don't get me wrong!
    HIPS have a GREAt potential. Ultimately, these programs could effectively replace all other sorts of securty programs, but so far they are limited to users with great scope of knowledge and patience and fetish for tweaking the tiniest little dlls. Until Windows guys figure out a simpler way of making the system work without the chaotic intermeshing web of processes trying to modify, access and kill another, I'm not in for it.
    I have been experimenting with pretty much everything mentioned in the list. I found PG and Antihook OK, Prevx too bloated, RegRun and SSM too colorful. I wanna try OA to see how's this new girl in the town behaving, for isn't it said:
    She came alone, all the way from Bilabong,
    Straw hat and dark red thong,
    In her bag a big black laptop,
    In her systray, Online Armor.
    Uh?
    Cheers all,
    Mrk
     
  14. MikeNash

    MikeNash Security Expert

    Joined:
    Jun 9, 2005
    Posts:
    1,658
    Location:
    Sydney, Australia
    Mrk - Send me a wav/mp3 of you singing that, and I'll send you a free licence key :D
     
  15. Mrkvonic

    Mrkvonic Linux Systems Expert

    Joined:
    May 9, 2005
    Posts:
    10,213
    Hi,
    You know any free proggie for recording mp3s?
    Mrk
     
  16. bellgamin

    bellgamin Registered Member

    Joined:
    Aug 1, 2002
    Posts:
    8,102
    Location:
    Hawaii
    After all these many months, SSM is still rather unstable for many folks. Also, resource hungry. But it was waaaay ahead of its time when it first appeared.

    I am now a very satisfied user of Online Amor. :cool:
     
    Last edited: Aug 15, 2005
  17. culla

    culla Guest

  18. octogen

    octogen Registered Member

    Joined:
    Feb 11, 2002
    Posts:
    213
    This is exactly my situation. I don't know if it counts as HIPS, but I have Winpatrol (free) running as well.

    Robyn:
    Please keep us posted when you decide to install PG as I will do the same when I muster up the courage and have the time to set it up. ;)
     
  19. Mucker

    Mucker Registered Member

    Joined:
    Apr 20, 2005
    Posts:
    42
    I use prevx1 and I will probably use Safe N Sec shortly. Have trialed Online Armor--way too heavy on resources, also tried Antihook--Caused problems with other security(wouldn't start up) Programs. I also use PG free-great program.
    I don't often post but , I read Widers daily and I would like to thank everyone for sharing such an extensive amount of knowledge so freely.

    Mucker
     
  20. controler

    controler Guest

    Be different Mike

    call Online Armor Host Intrusion PREVENTION System. ;)

    All software will be required to stop intrusions before they happen in stead of detecting.

    Bruce
     
  21. Arup

    Arup Guest

    Antihook is easy, free and very friendly on resources, and the future holds promise as the developer Ivo participates in this forum and is taking note of all the feedback.
     
  22. ProcessGuard (full version) + All-Seeing Eye (for HIDS)free
     
  23. Galex

    Galex Guest

  24. toploader

    toploader Registered Member

    Joined:
    Aug 19, 2005
    Posts:
    707
    hi - at the momenty i'm trialing sandboxie - not sure if it's classed as a HIPS but it does essentially that job by preventing malwear from installing itself.

    i would also class Winpatrol Plus (R.I.D) as a HIPS - is anyone here using it? - i would like to know more about just how good it is at Intrusion Detection - Winpatrol claims 100% success rate

    also Winsonar would like any views on that too.
     
  25. ErikAlbert

    ErikAlbert Registered Member

    Joined:
    Jun 16, 2005
    Posts:
    9,455
    Sandboxie is certainly not HIPS, but I like the idea behind Sandboxie.
    Besides that, Sandboxie is too userfriendly to be a HIPS software. LOL
     
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.