Author Topic: [SOLVED] A Little Advice Required. :)  (Read 12642 times)

0 Members and 1 Guest are viewing this topic.

Jon_T

  • Guest
Re: A Little Advice Required. :)
« Reply #15 on: July 16, 2010, 06:05:58 PM »
That can be very annoying that HIPS. I dont like at all this kind of features.
Too each his own -- bottom line the paid version of OA is much more than just a software firewall, and has more protection features than the AIS firewall: http://www.online-armor.com/products-online-armor-premium.php

With the current zero-day vulnerabilities now day, I prefer the additional protection of a firewall with HIPS, and OA's Run Safer feature--as I noted it has not been an issue with my computer usage.  There are Fx users who like and dislike the NoScript extension for the same reason.

Quote
... you can config it your self for how u want him to work.
Ditto for OA.  ::)

Just because you don't like HIPS does not make it an undesirable feature for others.  ;)

Mr.Agent

  • Guest
Re: A Little Advice Required. :)
« Reply #16 on: July 16, 2010, 07:23:15 PM »
Ya still you said he paid for the suite for nothing ? And now you admit that he need to paid more for a feature that he already got in the suite ?

Kinda bad advertise for OA ? ;)

I never liked it and will never try it. Its look very bad for novice. Dreamy look to dont know alot on pc and i would recommand him avast! Firewall than your OA.

More simple to configure and more user friendly interface.

Offline Dreamy

  • Jr. Member
  • **
  • Posts: 35
Re: A Little Advice Required. :)
« Reply #17 on: July 16, 2010, 07:30:10 PM »
Mr.Agent  :) & Jon_T  :)

Thank you so much for your help.  :) "Both of you"  :)

Good Night from me.  :)

Dreamy  :)
« Last Edit: July 16, 2010, 07:31:47 PM by Dreamy »
I7-6700K, 32GB RAM, Win 7 64Bit Pro, Avast Premier Paid, MalwareBytes (Premium) Paid, HitManPro 64bit Paid.

Jon_T

  • Guest
Re: A Little Advice Required. :)
« Reply #18 on: July 16, 2010, 07:49:21 PM »
Ya still you said he paid for the suite for nothing ? And now you admit that he need to paid more for a feature that he already got in the suite ?
Kinda bad advertise for OA ? ;)
Huh?  ???
Quote
I never liked it and will never try it. Its look very bad for novice. Dreamy look to dont know alot on pc and i would recommand him avast! Firewall than your OA.
More simple to configure and more user friendly interface.
If you never tried/used OA, your posts are nothing more than uninformed opinions.  :P

GloobyGoob

  • Guest
Re: A Little Advice Required. :)
« Reply #19 on: July 16, 2010, 09:25:43 PM »
I agree with Mr. Agent. The avast! Firewall is very easy to use and very effective. It stealths all ports, makes its own program control decisions so you don't have to (denies access to known bad programs and uses a whitelist to pre-configure access for known good programs. For unknowns, it defaults to allowing access, but keeps watch for suspicious activity), blocks and identifies exploits, and has strong self-protection. It's a matter of personal preference, you want it silent, or with a HIPS (although OA is lighter on popups than most other HIPS).

Mr.Agent

  • Guest
Re: A Little Advice Required. :)
« Reply #20 on: July 17, 2010, 12:48:37 AM »
Glooby you did understand what i mean. ;)

Jon_T

  • Guest
Re: A Little Advice Required. :)
« Reply #21 on: July 17, 2010, 09:08:33 PM »
Glooby you did understand what i mean. ;)
Except for your post at the top of this page, where you mis-analyzed what I had posted, I understood what you posted which basically reiterated two personal opinions:
1. avast! firewall better than OA because it's easier to use.
2. avast! firewall better than OA because you do not like HIPS.

If you take the time and carefully re-read my posts (unlike yourself) I made no negative remarks, nor disagreed with any of the features you noted about the avast! firewall.  The only items I took exception to was your "opinions" on OA, which by your own words "I never liked it and will never try it." invalidates your opinions on OA.

I agree 100% with GloobyGoob's post which is factual and without personal opinions; and as he noted comes down to one's personal preference as to which firewall to use.  Using a firewall with some form of HIPS requires a little more user input, which I for myself is worth the additional protection.

Besides the fact that you do not like HIPS, the real fact is that firewall with some form of HIPS will provide better protection to some forms exploits, and as time goes on more of the top rated firewalls have been including some form of HIPS/Program Control:
http://www.matousec.com/projects/proactive-security-challenge/results.php

Personally I've been using various software and hardware firewalls for over ten years.
« Last Edit: July 17, 2010, 11:02:03 PM by Jon_T »

GloobyGoob

  • Guest
Re: A Little Advice Required. :)
« Reply #22 on: July 18, 2010, 08:09:35 AM »
the real fact is that firewall with some form of HIPS will provide better protection to some forms exploits

That is, if the user chooses the correct choice. If they choose wrong,they could let in a threat, which is worse.

and as time goes on more of the top rated firewalls have been including some form of HIPS/Program Control:
http://www.matousec.com/projects/proactive-security-challenge/results.php


I wouldn't trust Matousec's tests, as they are flawed. ;) You can find a few threads in this forum (and external sources) discussing this. He considers HIPS a part of firewalls, but he disables avast's other protection modules and tests the firewall alone. The avast! Firewall is closely integrated with other components of the suite and is not meant to be a stand-alone. Furthermore, Matousec's tests are more like HIPS tests than firewall tests. Since the tester knows that every sample will be a threat, they will know to answer "No/Deny" to every popup and score 100%. However, in the real world this is not the case. Fortunately OA tends to be lighter on popups than other similar products.

I've used Online Armor and think it's great, but avast Firewall is good too. After all,it got a 4.5/5 rating on PcMag, and Neil J. Rubenking knows what he's doing. ;) I think that avast! Firewall is underrated by many.

Mr.Agent

  • Guest
Re: A Little Advice Required. :)
« Reply #23 on: July 18, 2010, 04:45:41 PM »
You cant compare a simple firewall without hips and a firewall that got hips.

That what matousec did not understand he should have make a new section where its only for stealth port. So now we can see more what the firewall did stealth and did not in %.

Also Glooby is true in this case. If you choice to hips to allow something that you dont know and its a virus well too bad for you. Im find HIPS very annoying its like "Do you want to allow this????....." alots times...

Jon_T

  • Guest
Re: A Little Advice Required. :)
« Reply #24 on: July 20, 2010, 12:19:30 AM »
That is, if the user chooses the correct choice.
Applies for a pop-ups for most security apps.;) (i.e.: pop-up due to FPs; awhile back when avast! defs update that deleted system files--I've reset avast!'s default settings to always prompt, not to delete). Both OA Help and pop-ups recommends that if in doubt, block.  After you verify it's OK you can Allow the blocked item later.

Quote
If they choose wrong,they could let in a threat, which is worse.
Why would it be worse?  If not using HIPS, there would not have been a pop-up and the threat would be "let in".  In either case one would hope that their AV/AS app(s) would detect and stop/block the threat if it had any malicious behavior.  If you have use OA, you should know that a program that is "Allowed" does not have the full rights as "Trusted". I have the "Automatically allow Trusted programs to access the internet" disabled.

Quote
I wouldn't trust Matousec's tests, as they are flawed. ;) You can find a few threads in this forum (and external sources) discussing this. He considers HIPS a part of firewalls, ...
First, yes I'm aware of Matousec's tests -- and would assume anyone who's been active with this forum or any other security forums would be also.  Second, if you read what I posted before link I was using the Matousec's tests as an example how many firewalls are at the top now, i.e., using some form of HIPS/Program Control.  Was not too long it was mainly Comodo and OA that were at the top.  Third, no one should make a decision about how good/bad a app is solely on a single test.  Should read several tests, and need to read how the tests were conducted.

Quote
I've used Online Armor and think it's great, but avast Firewall is good too. After all,it got a 4.5/5 rating on PcMag, and Neil J. Rubenking knows what he's doing. ;)
I've read/printed that review. Neil also wrote:
"... I tested the firewall's ability to detect suspicious activity using a collection of leak-test utilities. These programs demonstrate techniques that actual malware uses to sneak past simple program control-techniques like injecting code into trusted programs, or remotely controlling them. The anti-malware component did block a few of these samples, but all of the rest managed to perform their sneaky tricks without a peep out of the avast! firewall.

My ALWIL contacts explained that since there's no malicious payload in the leak test programs there's no reason for avast! to block their behavior. That makes sense. Norton Internet Security 2010 and Panda Internet Security 2010 work in just the same way. ..."


For myself, the attitude of "since there's no malicious payload in the leak test programs there's no reason to block their behavior" is not entirely a wise one. What if someone did use a method similar to leak tests to plant a zero-day malicious payload that one's AV/AS defs and behavior shield did not detect?  Thus the premise for retrospective/proactive tests, which in the latest AV-Comparatives Retrospective/Proactive Test May 2010 avast!'s "Total" was 29% -- i.e., missed 71%--in this test.

Bottom line is no one/type of security can provide 100% protection.  Hence the best one can do is be informed of the risks (e.g., visiting security forums) and use a layered protection.  HIPS is just another layer that one can use.  If person does not like HIPS fine, don't use it!

Jon_T

  • Guest
Re: A Little Advice Required. :)
« Reply #25 on: July 20, 2010, 12:29:35 AM »
... If you choice to hips to allow something that you dont know and its a virus well too bad for you.
Are you just regurgitating what GloobyGoob posted or do you know this for a fact? If so please explain how, and why would not avast! and/or any other AV/AS would not detect the "virus"? ???

Quote
Im find HIPS very annoying its like "Do you want to allow this????....." alots times...
Yes, I think everyone knows by now you don't like HIPS.  Fine don't use it--just that simple. :P
« Last Edit: July 20, 2010, 12:32:11 AM by Jon_T »

Mr.Agent

  • Guest
Re: A Little Advice Required. :)
« Reply #26 on: July 20, 2010, 02:12:41 AM »
Now a day there alot threat on the wild. As we say no any anti virus could detect 100 % of the anti virus. But avast! indeed do a great performance over here.

But how come if a little thing did pass and hips come to prompt me that a file is trying to connect to my pc. What would you think that i will act ? Allow or block ? PS : Pretend that i dont know anything about that file and im very novice at computer. I will allow it for sure. As i wouldnt like that if i block that its could destroy my system. Maybe ill try to find the file and scan it with my anti virus. And how come if the anti virus say its clean. Now the virus will be happy and enjoy my password and system.
« Last Edit: July 20, 2010, 02:14:26 AM by Mr.Agent »

GloobyGoob

  • Guest
Re: A Little Advice Required. :)
« Reply #27 on: July 20, 2010, 02:55:12 AM »
Why would it be worse?  If not using HIPS, there would not have been a pop-up and the threat would be "let in".

The Avast Firewall will deny access if it goes against the application rules. If it isn't on the list, then it will closely monitor it and block suspicious behavior/actions. That's better than choosing the wrong action to take.

If you have use OA, you should know that a program that is "Allowed" does not have the full rights as "Trusted".

I wasn't referring to OA, I meant firewalls wih HIPS in general; I replied to this: the real fact is that firewall with some form of HIPS will provide better protection to some forms exploits

Second, if you read what I posted before link I was using the Matousec's tests as an example how many firewalls are at the top now, i.e., using some form of HIPS/Program Control.

Well, if you know the test is flawed, why do you use it as a valid example? ??? And, as I have said, the tests that determine the "top firewalls" aren't firewall tests. They test the HIPS/Program Control more than the firewalls themselves. I'd like to see a real firewall test, but it's not so simple testing one.  

Bottom line is no one/type of security can provide 100% protection.

True, I agree.

HIPS is just another layer that one can use.  If person does not like HIPS fine, don't use it!

I'm not saying that I don't like HIPS, actually I think it's a good layer of protection! :D I have used it for a couple of years, but now I just prefer having programs that decide for me like the avast Firewall. For people that don't like HIPS, then alternatives are behavior blockers, auto-deciding firewalls, etc.

« Last Edit: July 20, 2010, 03:06:01 AM by GloobyGoob »

Mr.Agent

  • Guest
Re: A Little Advice Required. :)
« Reply #28 on: July 20, 2010, 06:34:20 PM »
Anyway guy this has been solved for many time and i think its up to the user to choice the best as he want.

So good debate guys/girls.

Thank alot.

Mr.Agent

Jon_T

  • Guest
Re: A Little Advice Required. :)
« Reply #29 on: July 23, 2010, 07:39:15 AM »
Just wanted to make several closing replies/comments.

The Avast Firewall will deny access if it goes against the application rules. If it isn't on the list, then it will closely monitor it and block suspicious behavior/actions. That's better than choosing the wrong action to take.
If the firewall itself is using some form of Network type IPS Intrusion Prevention System, then yes the wrong choice "could let in a threat". But so far what I've read about the HIPS for personal PCs they appear to be some form of Program Control-HIPS that will alert you of a app/process that trying to run and not in it's Program Control-HIPS settings.

Have only used OA. As to OA (back to the OP's inquiry) the Program Control/HIPS has it's own pop-ups, and the OA firewall has it's own separate pop-ups. If one gets a Program Control pop-up and should click "Allow" to run, if the process tries to access the internet to download (let-in) a payload it will by blocked by the firewall with the firewall pop-up.

I have tighten up the OA's Program Control Settings and Firewall Settings, and the only times I get Program Control pop-ups is after I install a new app or update an existing app.

Second, if you read what I posted before link I was using the Matousec's tests as an example how many firewalls are at the top now, i.e., using some form of HIPS/Program Control.

Well, if you know the test is flawed, why do you use it as a valid example? ??? And, as I have said, the tests that determine the "top firewalls" aren't firewall tests. They test the HIPS/Program Control more than the firewalls themselves.

If you read all that I posted was it was only example of showing how many (i.e., the number of firewalls) that are now using some form of HIPS, whereas not too long there was mainly just Comodo and OA. Would assume these firewall vendors have added some form of HIPS because they see a valid reason to do so, and not just so they could do well in the Matousec's tests.  ;)

... but now I just prefer having programs that decide for me like the avast Firewall.
Guess I read too many reviews/tests, security articles :) -- but at this time I have not come across any one security app/suite I would trust enough to allow it to automatically make all the decisions. I'm in the firm belief that no one security app can catch everything, and using a layered approach overall the best security solution.  Hence I'm among those who never been fond of using a "security suite"--having all eggs in one basket.

If you know what a zero-day vulnerability is, then you'll know that there's a risk that any AV/AS may not be able to detect; e.g., AV-Comparatives and others Retrospective/Proactive type tests.


Cheers,
Jon