ProSecurity v1.21 [HIPS software]

Discussion in 'other anti-malware software' started by PSDeveloper, Oct 28, 2006.

Thread Status:
Not open for further replies.
  1. PSDeveloper

    PSDeveloper Registered Member

    Joined:
    Sep 1, 2006
    Posts:
    93
  2. bellgamin

    bellgamin Registered Member

    Joined:
    Aug 1, 2002
    Posts:
    8,102
    Location:
    Hawaii
    This HIPS looks really really good. However, I am dubious of its lifetime license in view of such as TDS3, Ewido, etc.

    Concerning this sort of thing, Mr. Ilya Rabinovich (proponent of DefenseWall) commented on the infeasibility of lifetime licenses in THIS forum post. He made his comments in the context of answering a question as to why he does NOT offer a lifetime license but, instead, charges a small annual renewal/support fee. Mr. Rabinovich stated in part...
    In my view paying for a so-called Lifetime license is to invest in a shaky business model. Thus, I usually steer clear of lifetime licenses. In the case of ProSecurity I do so very reluctantly because this one seems to offer great potential.
     
  3. PSDeveloper

    PSDeveloper Registered Member

    Joined:
    Sep 1, 2006
    Posts:
    93
    Dear bellgamin: thanks for your suggestion, we are preparing to change the license as you said. This will been done within a few days. Of cause, all people who purchase before this will get a lifetime license.
     
  4. bellgamin

    bellgamin Registered Member

    Joined:
    Aug 1, 2002
    Posts:
    8,102
    Location:
    Hawaii
    I wish you the very best of luck. May you enjoy much success and prosperity.
     
  5. PSDeveloper

    PSDeveloper Registered Member

    Joined:
    Sep 1, 2006
    Posts:
    93
    Thank you very much!
     
  6. TECHWG

    TECHWG Guest

    i presume that forexample if you purchase 1.21 you will get all of 1.x updates ? and 2.0 will cost for the update ?
     
  7. PSDeveloper

    PSDeveloper Registered Member

    Joined:
    Sep 1, 2006
    Posts:
    93
    Yes, but if you purchase before we change the license, you can get lifetime updates for free.
     
  8. TECHWG

    TECHWG Guest

    ok! sweet. ya hear it folks. this is an investment and a "non-expencive" one at that. Buy now and get it forever all versions, or wait until its 100% matured and pay for it then what ever the price may be and get the usual standard licence scheem of most companies . . all sub versions in your range updates for example if you purchased v3.467 then all the 3.0 will be yours. As the Developer just stated if you get it now you will never have to worry about buying the new version.
     
  9. djg05

    djg05 Registered Member

    Joined:
    Apr 6, 2005
    Posts:
    1,565
    I have just installed PS after taking out SSM.

    I have found that unlike PG applications have everything enabled - global hooks etc. Surely this is not a safe thing to allow and features should only be allowed it deemed necessary.

    Also finding that the balloon alerts are staying on screen. They do go if the balloon option is unticked.

    Unlike SSM is does not nag you about unknown processes running but seems to accept that they are all legitimate. Since it defaults to learning mode on install it is assuming a safe system.

    I am running ver 1.21 on Win 2k sp4
     
  10. Stem

    Stem Firewall Expert

    Joined:
    Oct 5, 2005
    Posts:
    4,948
    Location:
    UK
    You will find the default global settings have a tick that is greyed out, this means "ask user", if the tick as a white background, this means allow.

    Yes, I had this problem.

    You will need to run in "learning mode" while you start all your applications (and perform a re-boot). If you untick learning mode too early, you will get many popups for all the dll`s that are loaded (if they are not auto blocked). But while in learning mode, you will receive no popups and all applications will be allowed to start, and all dll`s loaded (and remembered)
     
  11. djg05

    djg05 Registered Member

    Joined:
    Apr 6, 2005
    Posts:
    1,565
    Thanks Stem

    Should have looked more closely before I asked about the ticked boxes. A first sight they did look as though they enabled everything.

    I have just tried the APT kill program. I think in SSM if you protected a program that is what it did and did not ask further. With PS it asks for every Kill you try. It does give advice that it is dangerous but on Kill 8 you could easily allow as it does not identify it as dangerous. On Kill 12 it fails to protect. This was all done on Kerio 2.1.5
     
  12. Stem

    Stem Firewall Expert

    Joined:
    Oct 5, 2005
    Posts:
    4,948
    Location:
    UK
    I have not performed any sort of testing yet,... I only installed to have a quick play,.. I will have more time tomorrow to see how the program reacts to some testing.

    Did you try any of the SSM terminate tests?
     
  13. djg05

    djg05 Registered Member

    Joined:
    Apr 6, 2005
    Posts:
    1,565
    Yes - with SSM it was rock solid and gave me a lot of confidence with it.

    There is another Kill program called DFK. There is a bit in Wilders here about it but I cannot get it to run on my machine so don't know how effective SSM would be. Seems that PG cannot resist it.
     
  14. starfish_001

    starfish_001 Registered Member

    Joined:
    Jan 31, 2005
    Posts:
    1,046


    Same problem here - confusing visual clues
     
  15. Stem

    Stem Firewall Expert

    Joined:
    Oct 5, 2005
    Posts:
    4,948
    Location:
    UK
    I meant, did you try the SSM termination tests on Prosecurity
    http://syssafety.com/leaktests.html
     
  16. djg05

    djg05 Registered Member

    Joined:
    Apr 6, 2005
    Posts:
    1,565
    No I hadn't. Now tried it and got in a bit of mess.

    PS did warn but I let it through to see what it might do and nothing seemed to happen. Do not know if it stopped it or not. Then unloaded PS and tried again with the same sort of result. I then found that I could not run any program from the partition SPT was run from.

    Did a reboot and when Win started it went into an endless loop of starting - logging off - starting etc.

    Have now done an image restore but have neither SSM or PS installed and am wondering which way to go. Currently I favour SSM but would like to know how it behaved with you on those two tests from SSM.
     
  17. Stem

    Stem Firewall Expert

    Joined:
    Oct 5, 2005
    Posts:
    4,948
    Location:
    UK
    Well this at the moment is more mature/stable,.. so possibly better for you untill more testing is done on Prosecurity, (and better help files)
    As I mentioned,.. I have not performed any tests on Prosecurity yet,.. I hope to have time tomorrow to run all these test.
     
  18. PSDeveloper

    PSDeveloper Registered Member

    Joined:
    Sep 1, 2006
    Posts:
    93
    Actually, I have tested ProSecurity with APT and SPT, it can block all termination ways, but maybe APT has updated after my testing? I will test this asap, and tell you the results. Thanks!
     
  19. PSDeveloper

    PSDeveloper Registered Member

    Joined:
    Sep 1, 2006
    Posts:
    93
    Dear djg05: I have downloaded the last version of APT, and tested it with Kill 8 and Kill 12, in the first case, ProSecurity simple popup a warning box of set/terminate, in the second case, at first APT let me input a process id to inject code and then it inject to the process to terminate destination process. I allowed it to write process memory and inject codes, and finally ProSecurity shows me the termination warning.
     
  20. Stem

    Stem Firewall Expert

    Joined:
    Oct 5, 2005
    Posts:
    4,948
    Location:
    UK
    Yes, I can confirm this,... I just ran 11 out of the 12 tests, ProSecurity intercepted/blocked all (kill 10 requires terminal services,.. so that did not run)
     
  21. PSDeveloper

    PSDeveloper Registered Member

    Joined:
    Sep 1, 2006
    Posts:
    93
    Thanks Stem!

    Maybe some HIPS softwares can't compatible well with ProSecurity, this may effect PS's function, so if you want to make a function testing, it's better to uninstall other HIPS softwares before testing.
     
  22. Longboard

    Longboard Registered Member

    Joined:
    Oct 2, 2004
    Posts:
    3,238
    Location:
    Sydney, Australia
    Hmm
    Looks impressive
    Looking forward to Stem's tests.

    Might this be overkill ? : but, will PS play with PrevX?

    (Choice btwn PG, SSM, and PS is taxing my tiny little brain)

    Thx.
     
  23. Stem

    Stem Firewall Expert

    Joined:
    Oct 5, 2005
    Posts:
    4,948
    Location:
    UK
    I must admit, I quite like this up to now
    I will run all tests,.. even the leaktests, just to see which one`s are intercepted

    Overkill I think

    I have always liked PG,.. but it is limited, dont get me wrong, it does what it says on the box, and it does this well. SSM, yes, very powerful, and this as been my choice for quite a while. I am looking now at PS, really just curious. It will be interesting to see how it performs, and how the product is further developed.
     
  24. gerardwil

    gerardwil Registered Member

    Joined:
    Jan 17, 2004
    Posts:
    4,750
    Location:
    EU
    Might be some overkill. I am running both at the moment without any probs.

    Gerard
     
  25. PSDeveloper

    PSDeveloper Registered Member

    Joined:
    Sep 1, 2006
    Posts:
    93
    Longboard: Gerard is an veteran user of PS. As he said, PS can work well with PrevX. Try PS now, you will like it more! :)
     
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.