Author Topic: Host Intrusion Prevention System  (Read 64416 times)

0 Members and 1 Guest are viewing this topic.

Dieselman

  • Guest
Re: Host Intrusion Prevention System
« Reply #30 on: March 29, 2011, 03:23:26 PM »
Yes Asyn..................All for you.  ;D

Offline Asyn

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 76029
    • >>>  Avast Forum - Deutschsprachiger Bereich  <<<
Re: Host Intrusion Prevention System
« Reply #31 on: March 29, 2011, 03:28:05 PM »
Yes Asyn..................All for you.  ;D

If so, please see: Reply #23 :P
asyn
W8.1 [x64] - Avast Free AV 23.3.8047.BC [UI.757] - Firefox ESR 102.9 [NS/uBO/PB] - Thunderbird 102.9.1
Avast-Tools: Secure Browser 109.0 - Cleanup 23.1 - SecureLine 5.18 - DriverUpdater 23.1 - CCleaner 6.01
Avast Wissenswertes (Downloads, Anleitungen & Infos): https://forum.avast.com/index.php?topic=60523.0

Dieselman

  • Guest
Re: Host Intrusion Prevention System
« Reply #32 on: March 29, 2011, 03:28:38 PM »
Nothing wrong with running a hips with avasts behaviour blocker as you can see in my sig and i have no issues at all.
If your such the self confessed expert Dieselman with your huge 10 years of experience how come you have'nt learnt how to hide your email ? and you also dont supply any information about your own system setup in a signature for us all to admire and be wow'd.

My email...I could careless about it. As far as my set up...Goes like this:

Windows 7 64 bit
2Wire Gateway w/NAT
Avast 6.0.144 with High settings
Windows 7 Firewall W/Advanced Security
Emet 2.0 for hardening
OpenDNS
MBAM,HMP for on demand scanning
Firefox 4.0 w/ABP,Browser Protect,BP
A complete and up to date system image created by Paragon

BTW..................Thats not my real email. Its a disposable account.

« Last Edit: March 29, 2011, 03:32:27 PM by Dieselman »

Offline firzen771

  • Avast Evangelist
  • Poster
  • ***
  • Posts: 626
Re: Host Intrusion Prevention System
« Reply #33 on: March 29, 2011, 03:33:32 PM »
surprising i have to agree with DieselMan. you might not experience a conflict, but you will be much more prone to a conflict when operating 2 security software with a similar function since both are hooking the same areas of the system, and ther is a chance during a detection that problems could arise, such as BSOD's sometimes.

just like when running more than 1 AV, u might not experience a problem right away, but eventually and under the right circumstances its much more possible.

you people are taking the same stance that oil drillers seem to take, you dont notice any immediate downsides so you continue as is thinking what your doing can never be a problem, then when a problem occurs under the right circumstance, you end up with serious problems.

its better to be aware of the potential problems instead of thinking its all fine and dandy
« Last Edit: March 29, 2011, 03:36:46 PM by firzen771 »
Windows 7 x64 / Windows Firewall OFF / UAC OFF
Real-Time: Avast Internet Security / WinPatrol

Offline Asyn

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 76029
    • >>>  Avast Forum - Deutschsprachiger Bereich  <<<
Re: Host Intrusion Prevention System
« Reply #34 on: March 29, 2011, 03:36:35 PM »
@firzen771: See Reply #23...!!!
Thanks,
asyn
W8.1 [x64] - Avast Free AV 23.3.8047.BC [UI.757] - Firefox ESR 102.9 [NS/uBO/PB] - Thunderbird 102.9.1
Avast-Tools: Secure Browser 109.0 - Cleanup 23.1 - SecureLine 5.18 - DriverUpdater 23.1 - CCleaner 6.01
Avast Wissenswertes (Downloads, Anleitungen & Infos): https://forum.avast.com/index.php?topic=60523.0

Dieselman

  • Guest
Re: Host Intrusion Prevention System
« Reply #35 on: March 29, 2011, 03:36:45 PM »
surprising i have to agree with DieselMan. you might not experience a conflict, but you will be much more prone to a conflict when operating 2 security software with a similar function since both are hooking the same areas of the system, and ther is a chance during a detection that problems could arise, such as BSOD's sometimes.

just like when running more than 1 AV, u might not experience a problem right away, but eventually and under the right circumstances its much more possible.

Thank you. You can run almost everything side by side with no conflicts. The problem is who will decide to fight the malware when under an attack? Thats what you need to think about people.

Offline firzen771

  • Avast Evangelist
  • Poster
  • ***
  • Posts: 626
Re: Host Intrusion Prevention System
« Reply #36 on: March 29, 2011, 03:38:25 PM »
@firzen771: See Reply #23...!!!
Thanks,
asyn


for sure, its completely ur choice, i never said change your setup so dont take it that way. im making sure that other people are aware of the potential problems and that they arent misguided into thinking that no problems can occur by doing this.
Windows 7 x64 / Windows Firewall OFF / UAC OFF
Real-Time: Avast Internet Security / WinPatrol

Dieselman

  • Guest
Re: Host Intrusion Prevention System
« Reply #37 on: March 29, 2011, 03:40:53 PM »
Dont fear being infected. Prepare for it. I could careless if I get infected. Hence the system image. Avast misses something then MBAM may catch it. If MBAM misses it then HMP may catch it. If all other tools fail I can use Kaspersky Rescue CD or just mount a new image.

Offline Asyn

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 76029
    • >>>  Avast Forum - Deutschsprachiger Bereich  <<<
Re: Host Intrusion Prevention System
« Reply #38 on: March 29, 2011, 03:43:43 PM »
for sure, its completely ur choice, i never said change your setup so dont take it that way. im making sure that other people are aware of the potential problems and that they arent misguided into thinking that no problems can occur by doing this.

Ok, that's something completely different, then.
I can't speak for others, but I can handle my setup.
But Dieselman tries to teach me things, I don't need. ;D
asyn
W8.1 [x64] - Avast Free AV 23.3.8047.BC [UI.757] - Firefox ESR 102.9 [NS/uBO/PB] - Thunderbird 102.9.1
Avast-Tools: Secure Browser 109.0 - Cleanup 23.1 - SecureLine 5.18 - DriverUpdater 23.1 - CCleaner 6.01
Avast Wissenswertes (Downloads, Anleitungen & Infos): https://forum.avast.com/index.php?topic=60523.0

doktornotor

  • Guest
Re: Host Intrusion Prevention System
« Reply #39 on: March 29, 2011, 03:50:21 PM »
Well, I for one hope there won't be one included with Avast, like ever. People don't seem to really grok the purpose of behaviour shield/autosandbox, let alone HIPS. Not useful for average user.

Offline firzen771

  • Avast Evangelist
  • Poster
  • ***
  • Posts: 626
Re: Host Intrusion Prevention System
« Reply #40 on: March 29, 2011, 03:55:10 PM »
for sure, its completely ur choice, i never said change your setup so dont take it that way. im making sure that other people are aware of the potential problems and that they arent misguided into thinking that no problems can occur by doing this.

Ok, that's something completely different, then.
I can't speak for others, but I can handle my setup.
But Dieselman tries to teach me things, I don't need. ;D
asyn


u can handle it perhaps, but that doesnt change the fact that problems can arise and MOST people shouldn't follow suit
Windows 7 x64 / Windows Firewall OFF / UAC OFF
Real-Time: Avast Internet Security / WinPatrol

Dieselman

  • Guest
Re: Host Intrusion Prevention System
« Reply #41 on: March 29, 2011, 03:56:15 PM »
Exactly dok. HIPS is for advanced users. The reason companies like Avast and Symantec went with a BB is cause its more user friendly. A HIPS will ask you 50 million questions and people dont want pop ups.

MAG

  • Guest
Re: Host Intrusion Prevention System
« Reply #42 on: March 30, 2011, 07:40:49 PM »
Sorry to prolong the agony - but I am still interested in a balanced (perhaps even an avast) view on this.

Diesleman and Firzen seem to be implying that we should all turn off the HIPS component of our third party firewalls now that avast has a behaviour shield.

(if so, wouldn't avast have offered that advice when they rolled out the BS? maybe they did but I missed it.)

Anyway, Craigb seems to think the opposite, and Asyn is confident in her use of both - but then as she says, she knows what she's doing - I couldn't make that claim!

As you'll see from my signature, I had acquired both a HIPS and HIDS before BS was rolled out, and I'm happy with them both - they both prompt me on things I expect them to (which is not very often). Having said that, if the nett effect is decreased security if an attack ever comes, I would get rid of something.

(w764 bit users with comodo FW/D+have already had a conflict between comodo guard64.dll and avast BS that stopped windows loading - now resolved by a change to BS by PK. perhaps there are reasons not to run BS and HIPS even without any attack?)

Dieselman

  • Guest
Re: Host Intrusion Prevention System
« Reply #43 on: March 30, 2011, 08:02:26 PM »
Where did I say disable HIPS? I did not. There are plenty of firewalls without HIPS such as Windows 7 Firewall.

MAG

  • Guest
Re: Host Intrusion Prevention System
« Reply #44 on: March 30, 2011, 08:27:13 PM »
Where did I say disable HIPS? I did not. There are plenty of firewalls without HIPS such as Windows 7 Firewall.
Well, that's how I interpreted this (reply 17)
'BTW the way people you cannot use a HIPS and a BB together. Its one or the other.'

So since avast now has a behaviour shield, this seemed to suggest to me that you think the BS or the HIPS should go - wrong interpretation?