which is the best/trusty HIPS

Discussion in 'other anti-malware software' started by mantra, Mar 14, 2008.

Thread Status:
Not open for further replies.
  1. mantra

    mantra Registered Member

    Joined:
    Jan 25, 2005
    Posts:
    5,150
    Hi
    i have a question about program behavior blocker
    right now i 'm running with threatfire , and i'm happy

    well i would like to share with you , your personal experience


    about your personal experience which behavior blocker does work better ( i mean which software adorn, decorate , shield your backside? )

    thanks

    ps is there a free version of defensewall?
     
  2. Blackcat

    Blackcat Registered Member

    Joined:
    Nov 22, 2002
    Posts:
    4,010
    Location:
    Christchurch, UK
    No. But it is well worth the small fee; support is superb.
     
  3. rolarocka

    rolarocka Guest

    Right now i am using mamutu and i really like it. It is very light on my system. It offers a totally sufficient level of protection for me. Sure classical hips may give you more protection but i test new programs in sandboxie first or in virtualbox. ThreatFire is also very nice but uses a bit more CPU imo.
     
  4. Perman

    Perman Registered Member

    Joined:
    Nov 23, 2005
    Posts:
    2,160
    Hi, Mantra:

    First, I thought you asked HIPS in general, then you pinpointed to Behaviour Blocker. Free one and trusty ?

    I think you are holding one right now, TF has passed a handful of tough tests, I would hold onto it.

    As far as DW is concerned, it is not a behaviour blocker , rather a sandboxed HIPS, a keeper you like to spend $$. Meanwhile--

    You may be able to attain the same level of protection as Defense Wall, if adding Sandboxie to current TF. Both are free.

    Good luck.
     
  5. mantra

    mantra Registered Member

    Joined:
    Jan 25, 2005
    Posts:
    5,150
    sorry but a is HIPS a behaviour blockero or?
     
  6. lucas1985

    lucas1985 Retired Moderator

    Joined:
    Nov 9, 2006
    Posts:
    4,047
    Location:
    France, May 1968
    HIPS may refer to classical HIPS (SSM, ProSecurity, EQSecure) or any security software which doesn't use signatures as the core of the protection. The latter definition includes behav. blockers, sandboxes, whitelisting apps, etc.
     
  7. bellgamin

    bellgamin Very Frequent Poster

    Joined:
    Aug 1, 2002
    Posts:
    5,648
    Location:
    Hawaii
    2-way tie for "best paid HIPS" -- Prosecurity and 1 other.

    2-way tie for "best free HIPS" -- Threatfire & 1 other.
     
  8. Miyagi

    Miyagi Registered Member

    Joined:
    Mar 12, 2005
    Posts:
    420
    Location:
    Honolulu, Hawaii
    Very agree as I have found Ilya to take extra step in support issues. This guy works his business and software seriously. :thumb:
     
  9. LoneWolf

    LoneWolf Registered Member

    Joined:
    Jan 2, 2006
    Posts:
    3,408

    No, but there is a free version of GeSWall which is also a policy based hips.
     
  10. WSFuser

    WSFuser Registered Member

    Joined:
    Oct 7, 2004
    Posts:
    10,632
    Ive tried both Threatfire and Mamutu. Without using the intelligent alert reduction in Mamutu, I think Threatfire is quieter.

    And performance wise, I didnt notice a difference between the two.
     
  11. Banshee

    Banshee Registered Member

    Joined:
    Nov 10, 2004
    Posts:
    543
    SSM paid.:thumb:
     
  12. dmenace

    dmenace Registered Member

    Joined:
    Nov 29, 2006
    Posts:
    275
    DefenseWall :thumb: :thumb: :thumb:

    SSM Paid is superb too :thumb: :thumb: :thumb:
     
  13. trjam

    trjam Registered Member

    Joined:
    Aug 18, 2006
    Posts:
    9,057
    Location:
    North Carolina
    DeepGuard;)
     
  14. C.S.J

    C.S.J Massive Poster

    Joined:
    Oct 16, 2006
    Posts:
    5,029
    Location:
    this forum is biased!
    +1 :thumb:
     
  15. Threedog

    Threedog Registered Member

    Joined:
    Mar 20, 2005
    Posts:
    1,125
    Location:
    Nova Scotia, Canada
    Defensewall all the way!!!!:thumb:
     
  16. ink

    ink Registered Member

    Joined:
    May 20, 2006
    Posts:
    185
    TF+comodo is ok, both free, you can change the comodo notify frequency as you want, this is suitable for most people.
    1)TF+comodo D+ Disabled
    2)TF+comodo D+ Training mode
    3)TF+comodo D+ Train with safe mode
    People choose TF it is for the less noisy and smart response, comodo is more control and flexiable
     
  17. EASTER

    EASTER Registered Member

    Joined:
    Jul 28, 2007
    Posts:
    5,633
    Location:
    U.S.A. (South)
    DefenseWall!! :thumb: :thumb:

    EQSecure!! :thumb: :thumb:

    SSM!!! :thumb: :thumb:
     
  18. Tony

    Tony Registered Member

    Joined:
    Feb 9, 2003
    Posts:
    722
    Location:
    Cumbria, England
    For ease of use with no pop ups, and superb customer support i`d say DefenseWall.
     
  19. MaB69

    MaB69 Registered Member

    Joined:
    Dec 9, 2005
    Posts:
    540
    Location:
    Paris
    Hi,

    I would say Online Armor and GeSwall or Online Armor and Defensewall

    Regards,

    MaB
     
  20. muf

    muf Registered Member

    Joined:
    Dec 30, 2003
    Posts:
    926
    Location:
    Manchester, England
    Yep, another vote for Defensewall here. Now I understand it, I wouldn't be without it. As to the support. Only had to contact Ilya once and he asked me for a log file associated with the error and then sent me a special build of the main exe file. Fixed the problem. Best of all, from reporting the problem it was fixed within 24 hours. :)

    muf
     
  21. C.S.J

    C.S.J Massive Poster

    Joined:
    Oct 16, 2006
    Posts:
    5,029
    Location:
    this forum is biased!
    thats why i didnt choose defensewall, i was never aware of what it was doing and how it was protecting.

    although, if it does all it says without zero pop ups, that is very impressive.
     
  22. Kees1958

    Kees1958 Registered Member

    Joined:
    Jul 8, 2006
    Posts:
    5,857
    Policy sandbox
    Nr 1 = DefenseWall (easiest), Nr 2 = GeSWall

    Behavior Blocker
    Nr1 = ThreatFire, Nr2 = Mamutu (=easiest)

    Classical HIPS
    Nr1 = EQSecurity, Nr2 = Comodo's Defence plus

    Integrated FW/HIPS
    Nr1 = Online Armor (easiest), Nr2 = Comodo FW/D+ (all windows platforms)

    Great combo's
    - policy sandbox with tuned down classical HIPS (in new EQS V4 the application protection is split in process, system and advanced, in combo with Policy Sandbox you onlu need to use system + advanced, for D+ use my settings)

    - policy sandbox with behavioral blocker (old systems I would choose GW-free with Mamutu paid, stronger systems I would choose DW paid with TF free)

    - OA solo paid (now with Toni Klein's startup protection) with run safer for internet facing aps, use a freeware AV (save yourbucks for OA)

    - Vista64 run UAC in quiet mode (TweakUAC), use HauteSecure beta (freeware), keep on using Defender with create restore point, use freeware VistaFireWall control to control Vista's internal FW for outbound control. Combined with (I would suggest the new AVG8 kernel optimised for multi threading which is better with multi core CPU's) a freeware AV, yu problably only have to pay for HauteSecure in future.
     
  23. Perman

    Perman Registered Member

    Joined:
    Nov 23, 2005
    Posts:
    2,160
    Hi,

    After reading NeroGuard developer's open letter on the other thread, he says to this effect "
    Windows' kernel patch protection on x64 system will effectively stop kernel hook based softwares(most HIPS at the present time) from working on x64 O/S version."

    Is there any HIPS currently supporting x64 O/S ?

    How is their (HIPS) future as a whole ? since 64-bit O/S will be getting more popular and eventually will force 32-bit O/S to retire.

    Would the same situation be applied to behaviour blockers ?

    Just wonder. So much talk about nicest HIPS here, but in the event, the rug is pulled out from under, what will be left from then ?

    Take care.
     
  24. mantra

    mantra Registered Member

    Joined:
    Jan 25, 2005
    Posts:
    5,150
    threatfire is not so popularo_O :mad:
     
  25. Ilya Rabinovich

    Ilya Rabinovich Developer

    Joined:
    Sep 13, 2005
    Posts:
    1,543
    I can say about 64-bit Vista- with SP1, there should be an API m that allow low-level hooking. The real reason for not having 64-bit HIPS is just low propogation level of such the OS and high level of the current code improvements/changes. Right now it is just not any reasonable from the point of view of the business.
     
Loading...
Thread Status:
Not open for further replies.