Author Topic: Host Intrusion Prevention System  (Read 66186 times)

0 Members and 1 Guest are viewing this topic.

Hermite15

  • Guest
Re: Host Intrusion Prevention System
« Reply #60 on: March 30, 2011, 10:47:23 PM »
HIPS sind Schnee von gestern Asyn ;)

... ie even the more geek oriented of us got fed up with HIPS, even with well automated like in Comodo Def+... it's just too intrusive, not mentioning that the amount of protection provided by HIPS is not proportional to the amount of intrusion - again, even as silent as it can be in some modes in Def+ ... the presence of all that checking in the background is just not justified.

 I do not use - currently - the behavior shield, but I'll probably end up using it when it proves to be efficient... as I prefer the approach. I definitely think that the future of OS's security will come with globally more simplification as far as the user interface is concerned. Give it a few years, and the young generation will have no idea what a HIPS was... it's never been popular anyway except for a few geeks, starting with SSM a few years ago... that was fun, just fun, nothing serious... fun until you realize that it's more fun to run an OS than to be constantly busy checking if it runs as expected ;D

Offline BJ_GeOrgE

  • Avast Evangelist
  • Sr. Member
  • ***
  • Posts: 350
  • prevention is better than cure
Re: Host Intrusion Prevention System
« Reply #61 on: March 30, 2011, 10:48:33 PM »
If you disable the HIPS in either OutPost,Online Armor or Comodo then you have comprised its ability to have leak proof detection. Especially Comodo since D+ is its strong point.

ok i have a question related to this post..i dont like HIPS coz of the pop ups and i dont find them necessary to be protected..i like to have only the MUST-HAVE security programs..so here is my question : i use Comodo firewall without Defense+ enabled,will that reduce the firewall security?the security of a FW doesnt depend on HIPS technology does it(fw acts kinda like HIPS anyway)?
OS:Windows 7 Professional 64-bit SP1
Antivirus: Avast Free v8.0.1497/Firewall: Windows Firewall/On Demand: Malwarebytes Free Edition/Other tools: CCleaner

Offline Asyn

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 76014
    • >>>  Avast Forum - Deutschsprachiger Bereich  <<<
Re: Host Intrusion Prevention System
« Reply #62 on: March 30, 2011, 10:52:12 PM »
HIPS sind Schnee von gestern Asyn ;)

Nicht für mich, Logos. ;)
Aber ich respektiere deine Meinung.
W8.1 [x64] - Avast Free AV 23.3.8047.BC [UI.757] - Firefox ESR 102.9 [NS/uBO/PB] - Thunderbird 102.9.1
Avast-Tools: Secure Browser 109.0 - Cleanup 23.1 - SecureLine 5.18 - DriverUpdater 23.1 - CCleaner 6.01
Avast Wissenswertes (Downloads, Anleitungen & Infos): https://forum.avast.com/index.php?topic=60523.0

Hermite15

  • Guest
Re: Host Intrusion Prevention System
« Reply #63 on: March 30, 2011, 10:53:03 PM »
HIPS sind Schnee von gestern Asyn ;)

Nicht für mich, Logos. ;)
Aber ich respektiere deine Meinung.


na gut ;)

MAG

  • Guest
Re: Host Intrusion Prevention System
« Reply #64 on: March 30, 2011, 11:12:27 PM »
Thanks all.

I think we've managed to generate a bit more light than heat this time around.

(wouldn't want to melt yesterday's snow).

Dieselman

  • Guest
Re: Host Intrusion Prevention System
« Reply #65 on: March 30, 2011, 11:17:16 PM »
If you disable the HIPS in either OutPost,Online Armor or Comodo then you have comprised its ability to have leak proof detection. Especially Comodo since D+ is its strong point.

ok i have a question related to this post..i dont like HIPS coz of the pop ups and i dont find them necessary to be protected..i like to have only the MUST-HAVE security programs..so here is my question : i use Comodo firewall without Defense+ enabled,will that reduce the firewall security?the security of a FW doesnt depend on HIPS technology does it(fw acts kinda like HIPS anyway)?

Yes . By disabling D+ you ruined Comdo's power. If that what you want to do that then just use Windows firewall.

Hermite15

  • Guest
Re: Host Intrusion Prevention System
« Reply #66 on: March 30, 2011, 11:24:41 PM »
If you disable the HIPS in either OutPost,Online Armor or Comodo then you have comprised its ability to have leak proof detection. Especially Comodo since D+ is its strong point.

ok i have a question related to this post..i dont like HIPS coz of the pop ups and i dont find them necessary to be protected..i like to have only the MUST-HAVE security programs..so here is my question : i use Comodo firewall without Defense+ enabled,will that reduce the firewall security?the security of a FW doesnt depend on HIPS technology does it(fw acts kinda like HIPS anyway)?

Yes . By disabling D+ you ruined Comdo's power. If that what you want to do that then just use Windows firewall.

you must be kidding... I don't use CIS but I have for years... no problem to use just the firewall and ignore the HIPS for those who don't want to; CIS firewall used alone is still a hundred times more powerful than Windows firewall (any version). Oh yeah I'm quite aware that Vista and Seven firewalls have an advanced interface  :D


ps: and no need to tell me about a thread on Wilders I heard of and read already ages ago.

MAG

  • Guest
Re: Host Intrusion Prevention System
« Reply #67 on: March 30, 2011, 11:26:39 PM »

She is a he, but never mind. ;D


Humble apologies - can't think what to say that wouldn't just make matters worse - so I'll stop digging this particular hole!

Offline Lisandro

  • Avast team
  • Certainly Bot
  • *
  • Posts: 67183
Re: Host Intrusion Prevention System
« Reply #68 on: March 30, 2011, 11:28:38 PM »
There should NEVER be a HIPS in Avast!. If it's ever added, I will switch products in a heartbeat to one that does not have HIPS.
Simplicity and user friendly are avast policy.
It does not seem to have a HIPS in the future: http://forum.avast.com/index.php?topic=64382.msg546016#msg546016

The HIPS component (D+) of Comodo was the single biggest reason why I stopped using their product. The terrible implementation of sandboxing was another factor.
I wouldn't manage a HIPS with that rigidness. I think it could be a good tool for advanced users. Also sandboxing. But, like you said, it depends strongly on how they are implemented.
The best things in life are free.

Offline Lisandro

  • Avast team
  • Certainly Bot
  • *
  • Posts: 67183
Re: Host Intrusion Prevention System
« Reply #69 on: March 30, 2011, 11:32:58 PM »
The article stated that HIPS monitors each activity that a program attempt and notifies the user. Registry mods, processes, etc. However, I would think that a Behavior Blocker would monitor the same type of things but just not bother the user with each detail.
HIPS is just a "every" activity is monitored and, if the user want, informed. To be informed is not essential for HIPS, but to be monitored.
Behavior is much more specific, based on specific rules. Right now, the avast Behavior shield has, as far I know, a limited action, few rules, released by the virus definitions. It can report whatever is suspicious. You see less popups because the few rules that are implemented, I think.
The best things in life are free.

Offline Lisandro

  • Avast team
  • Certainly Bot
  • *
  • Posts: 67183
Re: Host Intrusion Prevention System
« Reply #70 on: March 30, 2011, 11:35:39 PM »
I use Comodo firewall without Defense+ enabled,will that reduce the firewall security? the security of a FW doesnt depend on HIPS technology does it(fw acts kinda like HIPS anyway)?
The firewall is independent of the HIPS.
The best things in life are free.

Offline Lisandro

  • Avast team
  • Certainly Bot
  • *
  • Posts: 67183
Re: Host Intrusion Prevention System
« Reply #71 on: March 30, 2011, 11:39:12 PM »
you must be kidding... I don't use CIS but I have for years... no problem to use just the firewall and ignore the HIPS for those who don't want to; CIS firewall used alone is still a hundred times more powerful than Windows firewall (any version). Oh yeah I'm quite aware that Vista and Seven firewalls have an advanced interface  :D
+1
The best things in life are free.

Offline BJ_GeOrgE

  • Avast Evangelist
  • Sr. Member
  • ***
  • Posts: 350
  • prevention is better than cure
Re: Host Intrusion Prevention System
« Reply #72 on: March 31, 2011, 12:05:14 AM »
ok thanks a lot guys for answering my question and enlightening me about this.i'm aware that comodo is more effetive than windows firewall even without HIPS just wondering if without HIPS its less efective AS firewall..now i know..thanks again guys
OS:Windows 7 Professional 64-bit SP1
Antivirus: Avast Free v8.0.1497/Firewall: Windows Firewall/On Demand: Malwarebytes Free Edition/Other tools: CCleaner

Offline Asyn

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 76014
    • >>>  Avast Forum - Deutschsprachiger Bereich  <<<
Re: Host Intrusion Prevention System
« Reply #73 on: March 31, 2011, 12:15:28 AM »
She is a he, but never mind. ;D

Humble apologies - can't think what to say that wouldn't just make matters worse - so I'll stop digging this particular hole!

No problem, mag - Don't worry..! ;)
W8.1 [x64] - Avast Free AV 23.3.8047.BC [UI.757] - Firefox ESR 102.9 [NS/uBO/PB] - Thunderbird 102.9.1
Avast-Tools: Secure Browser 109.0 - Cleanup 23.1 - SecureLine 5.18 - DriverUpdater 23.1 - CCleaner 6.01
Avast Wissenswertes (Downloads, Anleitungen & Infos): https://forum.avast.com/index.php?topic=60523.0

Dieselman

  • Guest
Re: Host Intrusion Prevention System
« Reply #74 on: March 31, 2011, 12:30:08 AM »
People...................I used Comodo back in the days of version 2.4. D+ is what makes Comodo very strong and one of the top firewall along with Online Armor. Just go over to Matousec.com and see for yourself. Windows XP firewall was very poor as far as leak detection goes but Windows 7 firewall is very good. Keep in mind also that most people are behind a router/hardware firewall. So the only thing a software firewall can do for you is stop an outbound connection before it goes out. But by that time its too late anyways. I know Comodo very well and helped out in the forums a lot. At times I knew more then the mods and made a gaming thread. Ask any Comodo mod and they will tell you that if you disable D+ you weakin Comodo's ability to be leak proof. So for those on Windows 7 just use Windows 7 firewall and Avast. For those on XP use Comodo with D+ and Avast. XP users can disable Avast BB since its still needs to mature and D+ is stronger all day long. Why are so many of paranoid and think its better to pack on the security rather then think of a better solution.

Windows 7 64 bit is more security then XP 32 bit all day long. So relax people. Use the tools you already have and stop adding bloat to your system. As I have said over and over. I could careless if I get infected. Why................two words.

                       SYSTEM IMAGE
« Last Edit: March 31, 2011, 12:34:24 AM by Dieselman »