Author Topic: Host Intrusion Prevention System  (Read 64511 times)

0 Members and 1 Guest are viewing this topic.

BRANDONN2008

  • Guest
Re: Host Intrusion Prevention System
« Reply #120 on: April 01, 2011, 01:54:48 AM »
So what it sounds like is:

Sandbox (traditional (Sandboxie) or policy-based (Defensewall)) > Behavior Blocker > HIPS > nothing at all

Dieselman

  • Guest
Re: Host Intrusion Prevention System
« Reply #121 on: April 01, 2011, 02:00:07 AM »
Yes; I also have an AIS license for one of my computers and often remove OA and do beta testing of Avast! with that configuration.  Also run Avast! free and Windows 7 firewall on yet another computer as baseline.  But since OA has gotten pretty quiet for me (and I don't know why it doesn't for all users if you trust everything) not really intrusive.  If I still got lots of popups it would be fixed or gone.   I ran Kerio 2.1.5 for years before I ever even heard of a HIPS.  :)

Well the biggest downfall I see in OA is the fact that it runs 5 processes. That pathetic for a firewall. Heck NIS,KIS and CIS run 2 processes.

sded

  • Guest
Re: Host Intrusion Prevention System
« Reply #122 on: April 01, 2011, 02:45:35 AM »
Quote
Well the biggest downfall I see in OA is the fact that it runs 5 processes. That pathetic for a firewall. Heck NIS,KIS and CIS run 2 processes.
I don't know how they ended up with 5 processes.  Knowing Mike Nash and his organization I suspect it might have more to do with staffing than with architectural optimization.  But with modern computers (even my cheap one) having multithreads (4) and lots of RAM (4gB) I find it hard to get excited about those statistics.  In my experience there has always been  a trade between things like size, separation, speed, robustness that looked at all these constraints to give general guidelines and then did what was necessary.  But I am not a Windows programmer, so ???

sded

  • Guest
Re: Host Intrusion Prevention System
« Reply #123 on: April 01, 2011, 02:54:51 AM »
So what it sounds like is:

Sandbox (traditional (Sandboxie) or policy-based (Defensewall)) > Behavior Blocker > HIPS > nothing at all
I don't think it is quite that easy.  Depending on your usage, you may need the details of a HIPS for example.  But I think the important thing to remember is that the degree of difficulty really goes the opposite direction when you are thinking about the implementation process.  Dumping it on you is easy.  Policy completeness and figuring out what all those sandboxing results really meant is harder.  Rules may be overcome by innovative malware approaches more easily than HIPS warnings with experienced and alert users.  So the debate goes on.  :)

Dch48

  • Guest
Re: Host Intrusion Prevention System
« Reply #124 on: April 01, 2011, 05:23:09 AM »
Good points    Dch48. Although Comodo with D+ is pretty much worthless. I am also behind a 2Wire Gateway w full NAT.
It's not totally worthless without D+. What you get is a very good 2 way firewall that you can still configure in a number of different ways. What I didn't like is that even if you only install the Firewall from the downloaded Firewall installer, all the other components of the full CIS package, the AV, etc. are still present in the resulting folder in Program Files. They just don't do anything.

umbrapolaris

  • Guest
Re: Host Intrusion Prevention System
« Reply #125 on: April 01, 2011, 08:03:50 AM »
in addition, i want to say that for most people living in fully developped countries, they can buy a router or a external HD without much sacrifices. but dont forget that in some countries the cost for having this kind of equipment is difficult choice (having a desktop pc or even a laptop is already a big investment, some friends must borrow from their bank for 1 year just to have a good laptop; like we borrow from the bank to buy a car).

so if they want to be secure, they must have strong system. they cant just "reload an image", if they get infected they lose their data and a day to reinstall the system.

for info, im from France and i living in Vietnam.



Hermite15

  • Guest
Re: Host Intrusion Prevention System
« Reply #126 on: April 01, 2011, 11:31:59 AM »
 The greatest utility of HIPS today is probably for making YouTube videos.  

agreed  ;D

Dieselman

  • Guest
Re: Host Intrusion Prevention System
« Reply #127 on: April 01, 2011, 12:01:59 PM »
in addition, i want to say that for most people living in fully developped countries, they can buy a router or a external HD without much sacrifices. but dont forget that in some countries the cost for having this kind of equipment is difficult choice (having a desktop pc or even a laptop is already a big investment, some friends must borrow from their bank for 1 year just to have a good laptop; like we borrow from the bank to buy a car).

so if they want to be secure, they must have strong system. they cant just "reload an image", if they get infected they lose their data and a day to reinstall the system.

for info, im from France and i living in Vietnam.




If you can afford a computer then you can afford and external HDD at a fraction of the cost. Mine was only $89.

MAG

  • Guest
Re: Host Intrusion Prevention System
« Reply #128 on: April 01, 2011, 03:04:04 PM »
The typical user will install new programs, see upgrades installed by existing programs, see some programs in new modes that were not previously accounted for, maybe even see some malware occasionally.  So now there might be dozens (hundreds?) of popups in say, a week,

This very accurately describes the behaviour I used to see from Comodo FW/D+ version 3 with default settings - and it lasted about a week on my system before I ditched it.

Version 5.3 with default settings (except sandbox disabled) has been very different for me. I get very few alerts - and really only for things I might expect - like Leaktest or avast beta installs. Other than that it is silent.

OK, my system leads a very dull life, never goes anywhere interesting, and gets very few new programs to play with. But it does get updates of all the usual stuff - FF, TB, Chrome, PSI, Cclean, MBAM, Rapport, Adobe, Revo, Winpatrol etc. Never a squeak from D+.

Guess (hope) I'm just lucky!

umbrapolaris

  • Guest
Re: Host Intrusion Prevention System
« Reply #129 on: April 01, 2011, 06:27:03 PM »
If you can afford a computer then you can afford and external HDD at a fraction of the cost. Mine was only $89.

will u pay an external HD the price of 1 months of your salary...? i think not.

an external HD is not necessary if u have a good protection.

why Avast is popular in middle-developped countries, because it is FREE.

Why almost all Windows XP there are all counterfeit, coz the genuine is too expensive.



Dieselman

  • Guest
Re: Host Intrusion Prevention System
« Reply #130 on: April 01, 2011, 06:29:48 PM »
LOL..............$89 is what make in an hour. I am not talking just about using an image on an external HDD as a means of protection. Its also a way of storying data and precious memories such as photos. Also having a system image is great when you have an internal HDD failure. Install your new internal HDD. Mount the stored image and your good as new. Think of an external HDD is life insurance. You don't think about the cost when it comes to your life right?

No matter you look at it................If you can afford a computer and a monthly ISP bill along with other things then you can afford an external HDD.
« Last Edit: April 01, 2011, 06:32:34 PM by Dieselman »

Offline Zyndstoff (aka Steven Gail)

  • Avast Evangelist
  • Massive Poster
  • ***
  • Posts: 2604
  • I can resist anything except temptation.
    • tex62
Re: Host Intrusion Prevention System
« Reply #131 on: April 01, 2011, 06:34:40 PM »
LOL..............$89 is what make in an hour.

What's so funny to LOL about? There are people on this earth, that don't live in such blessed conditions as we luckily do.
I think we should respect that.
7 x64 SP1, FF 8a Aurora, TB6, 6.0.1203 Free
Free MBAM Clear

umbrapolaris

  • Guest
Re: Host Intrusion Prevention System
« Reply #132 on: April 01, 2011, 06:35:29 PM »
LOL..............$89 is what make in hour.

FOR YOU  1 HOUR !  open your eyes and observe the rest of the world !  plz.

in china, africa, india, and many other countries; 89 US dollars is a month of salary, or even more.

p.s: i know the usefulness of an HDD. i have one.

+1 with zyndstoff.





« Last Edit: April 01, 2011, 06:37:53 PM by umbrapolaris »

Offline firzen771

  • Avast Evangelist
  • Poster
  • ***
  • Posts: 626
Re: Host Intrusion Prevention System
« Reply #133 on: April 01, 2011, 06:36:20 PM »
LOL..............$89 is what make in an hour. I am not talking just about using an image on an external HDD as a means of protection. Its also a way of storying data and precious memories such as photos. Also having a system image is great when you have an internal HDD failure. Install your new internal HDD. Mount the stored image and your good as new. Think of an external HDD is life insurance. You don't think about the cost when it comes to your life right?

No matter you look at it................If you can afford a computer and a monthly ISP bill along with other things then you can afford an external HDD.

i dont think u have any right to infer what peoples financial situation is and judge them on it in regards to this. who says the individual bought their computer? it could be a rather old PC as well. and perhaps the individual just barely afford their internet bill. you dont know people situation and their situation depending on where they are from can and will be quite different from yours. so what may seem like no big deal to you (purchasing an external HDD), could be an expense that simply isnt possible for their situation, other priorities may be present.
Windows 7 x64 / Windows Firewall OFF / UAC OFF
Real-Time: Avast Internet Security / WinPatrol

Dieselman

  • Guest
Re: Host Intrusion Prevention System
« Reply #134 on: April 01, 2011, 06:58:25 PM »
Listen...........Yes other countries make less income per capita. Thats not my point. What happens with most cases is that people call you saying my computer has crashed. You tell them that there HDD is failed and all there stored photos and documents are GONE. They say "What?" Then you reply "Dont you have anything backed up?". They always say "No". Thats my point. In today's world where most people store things on there computer you need a way to back that stuff up.