Best Free Intrusion Prevention and Detection Utility for Home Use These days all users face a real risk of malicious programs secretly installing themselves on your computer. Anti-virus and anti-spyware products dramatically reduce the chance of infection but are not perfect. In particular they are prone to miss new malware products not yet included in their signature databases. They can also fail to detect malware programs that are cleverly disguised to avoid detection. To prevent these malevolent programs from slipping by your AV and anti-spyware programs you need additional defenses such as a Host based Intrusion Prevention program (HIPS). These programs pick up intruders by their behavior rather than by their characteristic fingerprint. They are not limited to detecting specific malware products but can target a wide range of interlopers. For the most part HIPS programs all work in a similar manner; they stop any suspicious behavior and then ask the user whether they want to allow it. This, as we shall see, can be a mixed blessing. Unfortunately most HIPS programs, including the popular free programs WinPatrol and Prevx, generate a lot of warning messages many of which are quite cryptic. These messages tend to alarm many less experienced users who feel there is something wrong and simply don't know how to respond. That's why these products are only suitable for the very experienced (and very patient). Thankfully a new generation of HIPS programs has emerged that use white lists, black lists, policies and behavior analysis rules along with other techniques to reduce the number of messages and the load on the user. A prime example of this class of product is the free Cyberhawk program from Novatix. I use it on one of my PC's and it only occasionally issues warnings and even then the warnings are usually real and need to be taken seriously. In essence it provides a vital additional layer of protection to my AV and anti-spyware scanners at little cost in terms of annoyance and no cost in terms of my wallet. It is the stand-out free product in the HIPS category. Note: A number of readers have reported browsing performance problems after installing Cyberhawk. I've not found that myself but be aware that this may be a problem on some PCs. There are some solid other contenders. Blink Personal from eEye [2] is a HIPS with a firewall as opposed to products like Comodo and ZoneAlarm Pro that are firewalls with HIPS. It's a useful tool for advanced users though I found Cyberhawk to be more effective and yet simpler to configure and use. Blink is also only free for non-commercial use.
Code:
[1] http://www.novatix.com/cyberhawk/ Freeware, Windows 2000 and later, 4.7MB[2] [2] http://www.eeye.com/html/products/blink/personal/index.html Free for personal use,Win2K and later 26.7MB
No comments:
Post a Comment