ThreatFire (HIPS)...

• 1Ovo se svidja korisniku: mcrule
  
  Registruj se da bi pohvalio/la poruku!

Da li se isplati drzati proizvod ovakvog tipa zajedno sa antivirusom u tandemu? Da li dobrim delom pojacava zastitu kao sto se prica o ovom programu?

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

[Link mogu videti samo ulogovani korisnici]

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Da, ali tema je stara tri godine...do sad su mogla brojna poboljsanja da se odrade...treba mi misljenje nekog iskusnog korisnika koji je vec imao prilike da barata sa ovim stvarcicama...

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Koristio sam ThreatFire,zajedno sa Nod32,jer na sajtu PC Tools,rekoše da se može kombinovati sa ostalim AV proizvodima.Međutim,previše mi je usporavao sistem,pa sam ga deinstalirao.

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Malware Defender. Dobijes funkcije HIPS + firewall. Po meni idealno da se kombinuje sa nekim AV software-om. Besplatan.

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Za ThreatFire sam cuo, ali za Malware Defender slabo...otkud to da ima tako malo HIPS programa??? Da li uopste vredi imati tako nesto na kompu ili je suvisno? Neki savet, najbolje resenje?

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Napisano: 07 Avg 2010 21:31

[Link mogu videti samo ulogovani korisnici]

[Link mogu videti samo ulogovani korisnici]

[Link mogu videti samo ulogovani korisnici]

Malware Defender is a HIPS (Host Intrusion Prevention System) with firewall. It is effective to protect your computer system from all forms of malware (viruses, worms, Trojans, adware, spyware, keyloggers, rootkits, etc.).

Malware Defender is also an advanced rootkit detector. It provides many useful tools that can be used to detect and remove already installed malware.

Whether you are an expert or not, Malware Defender is your choice to protect your system.

Key Features

Realtime protection system

* Monitors process, file and registry activity for suspicious behavior.
* Monitors network activity.
* Detects all forms of malware, whether known or unknown.
* Supports learning mode and silent mode.
* High performance and low resource usage.

Process manager screen shot

* Detects hidden processes and threads.
* Detects unsigned processes and modules.
* Kills processes and threads using advanced method.
* Suspends/resumes processes and threads.
* Unloads modules of processes.
* Closes handles of processes.

Kernel module manager screen shot

* Detects hidden kernel modules and kernel threads.
* Detects unsigned kernel modules.
* Kills, suspends and resumes kernel threads.
* Kills kernel DPC (Deferred Procedure Call) timers.

Hooks detector screen shot

* Detects and removes system service table hooks (SSDT hooks).
* Detects and removes Win32k service table hooks (shadow SSDT hooks).
* Detects and removes interrupt descriptor table hooks (IDT hooks).
* Detects and removes SYSENTER handler hook.
* Detects and removes kernel object hooks.
* Detects and removes kernel notify routines.
* Detects and removes kernel mode code hooks.
* Detects and removes user mode code hooks.
* Detects and removes global message hooks.
* Detects attached devices.
* Detects hooked driver dispatch routines (IRP hooks).

Autostart application manager screen shot

* Scans all known autostart locations.
* Detects hidden autostart entries.
* Detects newly added autostart entries.
* Undoes and redoes deletion of autostart entries.

File explorer screen shot

* Detects hidden files and folders.
* Shows and deletes NTFS Alternate Data Streams (ADS).
* Deletes in-use files.

Registry editor screen shot

* Full functional registry editor.
* Detects hidden registry entries.


System Requirements

* Windows 2000 (Service Pack 4)
* Windows XP (32-bit)
* Windows 2003 (32-bit)
* Windows Vista (32-bit)
* Windows 2008 (32-bit)
* Windows 7 (32-bit)

Note: This program is Freeware now, since it was bought by the Chinese security company used by almost all Chinese, "SAFE360" ....

Dopuna: 07 Avg 2010 21:33

Valjda neko od dve milijarde Kineza zna sta je dobro.

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

[Link mogu videti samo ulogovani korisnici]
[Link mogu videti samo ulogovani korisnici]

Ostali uglavnom dolaze uz Firewall. Svi kvalitetni FW programi imaju HIPS.

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Citat:Da li se isplati drzati proizvod ovakvog tipa zajedno sa antivirusom u tandemu?

Isplati se ukoliko se korisnik mal'ko razume u malware. Nekom koji ne zeli ni da procita pop-up prozor koji mu izadje nece biti od koristi. A i ako ga procita, treba znati da odgovori.



Citat:Da li dobrim delom pojacava zastitu kao sto se prica o ovom programu?
Da, HIPS-om je podignuta zastita, jer detaljnije kontrolises aplikacije (aplikacija moze da uradi "to", ne moze "to"). Imas bolji uvid u tome sta se dogadja na racunaru.
HIPS npr. treba da zaustavi keyloggers.

-> [Link mogu videti samo ulogovani korisnici]
-> [Link mogu videti samo ulogovani korisnici]
-> [Link mogu videti samo ulogovani korisnici]

Citat:
Top three is usually involving Comodo Internet Security, Outpost Security Suite and Online Armor Personal Firewall.. Those all have a strong HIPS component

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Kada vec pricamo na ovu temu...Avira Premium poseduje HIPS, zar ne? Otuda onako dobra detekcija i behavior block...