Host Intrusion Protection Software

[DasFox]

Many people are not familiar with Host Intrusion Protection Software (HIPS).

I think this would be a great post to show people another means of protection for the HOME user or small business. Granted many HIPS take a bit of knowledge, and user intervention to setup and configure, while others are simpler.

For those concerned with real protection, "Multi Layer" is the way, and adding a HIPS might be the trick you've been looking for.

Please share with us your list of favorites and why, a simple explanation will suffice.


Faronics Anti-Executable: (Not quite a true HIPS, still a good extra layer for those looking for something simple.)

http://www.faronics.com/html/AntiExec.asp

AE Demonstration Video:

http://www.faronics.com/tutor/AEMagic/AEMagic.html

Faronics Anti-Executable Test:

http://www.urs2.net/rsj/comput...s/Anti-Exec/index.html

 

[mechBgon]

Software For Windows ? Security

AnandTech Moderator
mechBgon

 

[DasFox]

WOW what's up with this place, I thought this was a HARDCORE geek forum, and SECURITY would be a HOT topic.

Where are ALL the replies? LOL...

 

[blackangst1]

Multilayer:

smoothwall
software firewall
AV/anti worm/anti rootkit (I think most AV are like this now)
ProcessGuard

 

[DasFox]

Originally posted by: blackangst1
Multilayer:

smoothwall
software firewall
AV/anti worm/anti rootkit (I think most AV are like this now)
ProcessGuard

We're talking about Windows, last time I checked Smoothwall was for Linux.

Thanks for your reply, but just listing some basics like you did is not helping anyone, can you PLEASE be more specific here to help others.


software firewall? (What firewall?)
AV/anti worm/anti rootkit? (What AV?)

Now ProcessGuard is Windows based...

Also I stated in the post for people to please share with their list of favorites and why.

THANKS

 

[lxskllr]

Originally posted by: DasFox

Originally posted by: blackangst1
Multilayer:

smoothwall
software firewall
AV/anti worm/anti rootkit (I think most AV are like this now)
ProcessGuard

We're talking about Windows, last time I checked Smoothwall was for Linux.

Smoothwall doesn't have anything to do with the O/S. It's software for a dedicated box used as a firewall.

 

[gsellis]

The one I use at work is not available for single point retail.

Cisco Security Agent.

 

[spidey07]

Another vote for cisco security agent. Incredible stuff.

Why? It works exactly as it should. The management and customization is also very powerful.

 

[DasFox]

Originally posted by: lxskllr

Originally posted by: DasFox

Originally posted by: blackangst1
Multilayer:

smoothwall
software firewall
AV/anti worm/anti rootkit (I think most AV are like this now)
ProcessGuard

We're talking about Windows, last time I checked Smoothwall was for Linux.

Smoothwall doesn't have anything to do with the O/S. It's software for a dedicated box used as a firewall.

Ahh I thought it was strictly a Linux firewall. Also a firewall isn't a true HIPS unless it was designed to be, and that is what I was talking about, COMPLETE HIPS solutions...

 

[DasFox]

Originally posted by: gsellis
The one I use at work is not available for single point retail.

Cisco Security Agent.

Did you read the first two lines of the post?

Many people are not familiar with Host Intrusion Protection Software (HIPS).

I think this would be a great post to show people another means of protection.

If you did why are you posting something like Cisco Security Agent, LOL...

gsellis please read next time, we are talking about a post more geared towards newbies and home based HIPS protection....

 

[DasFox]

anyone else?

 

[blackangst1]

Originally posted by: DasFox

Originally posted by: blackangst1
Multilayer:

smoothwall
software firewall
AV/anti worm/anti rootkit (I think most AV are like this now)
ProcessGuard

We're talking about Windows, last time I checked Smoothwall was for Linux.

Thanks for your reply, but just listing some basics like you did is not helping anyone, can you PLEASE be more specific here to help others.


software firewall? (What firewall?)
AV/anti worm/anti rootkit? (What AV?)

Now ProcessGuard is Windows based...

Also I stated in the post for people to please share with their list of favorites and why.

THANKS

As Ixskllr said, it's a standalone box that has nothing to do with my Windows box. It runs on a PII on a 100 meg HD. I set it up once and havent touched it since.

Software: Vista. I used to use Zonealarm and symantecs, but I found after ignoring all the bullshit FUD Vista's does EVERYTHING 3rd party firewalls do. Ive discussed this on other threads.

 

[blackangst1]

Originally posted by: DasFox

Originally posted by: lxskllr

Originally posted by: DasFox

Originally posted by: blackangst1
Multilayer:

smoothwall
software firewall
AV/anti worm/anti rootkit (I think most AV are like this now)
ProcessGuard

We're talking about Windows, last time I checked Smoothwall was for Linux.

Smoothwall doesn't have anything to do with the O/S. It's software for a dedicated box used as a firewall.

Ahh I thought it was strictly a Linux firewall. Also a firewall isn't a true HIPS unless it was designed to be, and that is what I was talking about, COMPLETE HIPS solutions...

it *IS* strictly a Linux firewall. It just runs on a seperate box. another way to look at it...if you have aCisco router as a hardware solution, it runs on Cisco IOS, not windows. The smoothwall is inbetween the Windows box and the cable modem-the same as any other router. Only difference is...it's 1000 times more configurable and better.

Well, maybe not 1000, but you get my point.

 

[spidey07]

Originally posted by: DasFox

Originally posted by: gsellis
The one I use at work is not available for single point retail.

Cisco Security Agent.

Did you read the first two lines of the post?

Many people are not familiar with Host Intrusion Protection Software (HIPS).

I think this would be a great post to show people another means of protection.

If you did why are you posting something like Cisco Security Agent, LOL...

gsellis please read next time, we are talking about a post more geared towards newbies and home based HIPS protection....

Do you not know what CSA is? It's probably the best HIPS out there.

It sits below the OS right above the kernal so any and all calls are inspected. Here's the data sheet on it.
http://www.cisco.com/en/US/pro...t0900aecd805baf46.html

 

[DasFox]

Originally posted by: spidey07

Originally posted by: DasFox

Originally posted by: gsellis
The one I use at work is not available for single point retail.

Cisco Security Agent.

Did you read the first two lines of the post?

Many people are not familiar with Host Intrusion Protection Software (HIPS).

I think this would be a great post to show people another means of protection.

If you did why are you posting something like Cisco Security Agent, LOL...

gsellis please read next time, we are talking about a post more geared towards newbies and home based HIPS protection....

Do you not know what CSA is? It's probably the best HIPS out there.

It sits below the OS right above the kernal so any and all calls are inspected. Here's the data sheet on it.
http://www.cisco.com/en/US/pro...t0900aecd805baf46.html

The post was more geared towards home, or small business that wouldn't be using something like this...

THANKS

 

[DasFox]

I use to think this was a Hardcore geek forum. I'm really surprised with how important security is that this has not been a big topic of discussion around here.

 

[DasFox]

post error...