which is the best/trusty HIPS

I had the same problem. But it's all about DW's way of making files untrusted. Anything 'untrusted' can't do anything to the critical area's of your system.

If you run your web browser untrusted. Then any files downloaded through the web browser are also untrusted and therefore have limited rights. This means they can't do any damage to critical area's of your system. For example, lets say a trojan had come in through your browser. It would be untrusted, therefore if it was able to run then it couldn't do jack because untrusted files don't get access to the critical area's of your pc.

It also has the option of letting you use files you have intentionally downloaded. All you do is right click the file and select 'run as trusted'. This way it runs as normal and has full privileges like a normal file does.

DW has a handy rollback function. Bit like system restore. You select when you want to go back to and DW removes everything that has been done after that event.

muf

 

My favourites are OA and DW. It's hard to choose which one (OA or DW) is best so I running them both now.

 

it rollbacks everything like for example new settings and the new bookmarks file of the browser? Whats the best way to backup the profile of firefox or opera if you are using DW? thx

 

No, it doesn't rollback everything. Mostly, this function is directed to malware files manual removing, nothing more. It is for professional users only who understand what are they doing.

If you need to back up those profiles- there are a lot of the tools for it. DVD-written backup is absolutely necessary thing any case- unfortunately, modern hard-drives are really like to die very fast!

 

Which is the best/trusty HIPS?

ThreatFire >HIPS-Behavior Blocker.
&
Sandboxie >HIPS-Sanbox based on Virtualization.

is a Combination that offers effective protection.
Moreover, there is no
-Impact on Internet surfing.
-Heavy resource consumption.

 

?What is "Nr1"?

 

Microsoft is sending me Vista Ultimate (32 and 64bit) free within the next few weeks. I was thinking about installing the 64bit version but I had sort of forgotten, until I read your post, that ProcessGuard, SSM, etc. will not work on 64bit. I guess that means I won't install it as I have to have a classic HIPS to control everything! I don't understand why folks want the "soft" HIPS programs. HIPS is so you have full control. In fact, how can anything other than PG, SSM and the like even be classified as HIPS? If you don't get popups asking what to do when something wants to run then you don't have HIPS seems to me. You may want to let a program run one time and not the next. You have to deal with popups if you want control of everything.

 

Nr = number, I think. So Nr1 = number 1.

HIPS is a broad category; its doesnt just include the "classical" kind that give you popups.

 

Same here! I think there a multiple reasons.
- many are familiarized with the behavior of AVs for years, which means the program decides what's good or bad, not the user.
- as a result the delusion, that there must be something wrong with an app, if it asks too many questions.
- in general the vital error, that an expert based program is much more trustworthy than a policy based program, which means in my view nothing else than they don't trust themself.

Now which is the best/trusty HIPS?
I don't know which is best, but I am very impressed with EQSecure.
Very customizable, robust, light and an excellent self-protection.
EQSecure offers more for free than many paid programs can offer.

Cheers

 

I never would have thought that any app could ever effectively replace my dependency on an AV, but that's exactly what HIPS introduced for my unit's suppliment then full defense.
The very idea that a security app could effectively mimic an AV but without blacklists signature support opened up a totally new strategy for me, and this was before i stepped into virtual/sandbox protections.

HIPS programs were infinitely more lighter on my system plus used extremely minimal energy to power them, yet they effectively jumped into action and suspended potential file interactions with amazing reliability in much the same way as AV's had done for me before but with less then half the neccessary supporting libraries/running processes, which gave my PC units room to finally breathe as well as eliminating the need to update a blacklist or suffer system sluggishness.

 

Nr1 = Number one, Numbero uno, Nummer één, So N2 = Number two

Sorry used the Dutch abbreviation

 

That is ok...I just was not familiar with the Dutch abbreviation. You need not apologize.

I probably would have typed "No.1" or "#1" which might be confusing to those for whom English is a second language.

 

System Safety Monitor (paid version )

 

Defensewall

Online-Armor

Threatfire

 

no issues with duplication here? I take it both apps live happily together?

 

OA is a good choice, but you might want to run a "helper" application to protect registry.

 

- Threatfire, with a few custom rules.
- SSM (I'd like to try EQS, though).

 

is there a portable version to have in a usb key ? could be useful at work or university where we can not install programs..

 

Portable HIPS ? Hmm... DriveSentry GOAnywhere, perhaps. It's specifically designed to protect removable drives/usb keys.

 

It's more like an antivirus, or "drive firewall" than a classic HIPS though.

 

i mean a HIPS software that doesn't need to install
so i can put in a usb key and use it at work
run on a pc without an installtion

 

Ouch... well (scratch head), for a convoluted solution on the top of my head I'd suggest that you experiment with : Mojopack + HIDS (emphasis mine). Perhaps RkU, GMER, IceSword... they might work from a mojopacked USB key.

 

I just asked around me, and my coworkers are as skeptical as I am about a portable HIPS, but who knows ?

 

Thanks for that, i will keep that in mind.

 

It just occurred to me : Sandboxie Portable (never tested myself, just hearsay). Though it's not a HIPS per se, you might want to google it, or wait for other Wilders' members to comment about it.