Welcome to the Comodo Forum
Welcome,
Guest
. Please
login
or
register
.
December 28, 2009, 02:32:11 PM
1 Hour
1 Day
1 Week
1 Month
Forever
Login with username, password and session length
345761
Posts
38179
Topics
86725
Members
Latest Member:
vuk
more news...
Search:
Advanced search
|
Tag Cloud
Welcome to the Comodo Forum
Learn about Computer Security and Interact with Security Experts
HIPS (Host Intrusion Prevention Systems)
Please feel free to ask any questions to learn all about Computer Security.
« previous
next »
Pages:
[
1
]
Author
Topic: Please feel free to ask any questions to learn all about Computer Security. (Read 16029 times)
Melih
Comodo's Hero
Administrator
Comodo's Hero
Offline
Posts: 8373
Please feel free to ask any questions to learn all about Computer Security.
«
on:
December 30, 2006, 10:17:32 PM »
Here you will have access to the world's best security experts to help you learn all about Computer security!
feel free to ask!
Melih
Logged
Who is Melih? What is he trying to do?
--
Follow me on Twitter
alohA116k
Newbie
Offline
Posts: 2
Re: Please feel free to ask any questions to learn all about Computer Security.
«
Reply #1 on:
January 31, 2007, 10:56:33 AM »
Is there a way to prevent site scraping?
Logged
alohA116k
Newbie
Offline
Posts: 2
Re: Please feel free to ask any questions to learn all about Computer Security.
«
Reply #2 on:
January 31, 2007, 10:59:12 AM »
I received a number of warnings after my HackerGuardian scan. Is there a place to find solutions to warnings?
Logged
LeoniAquila
Still non-retired moderator but on vacation for a while
Global Moderator
Comodo's Hero
Offline
Posts: 6634
HIPS only for C: ?
«
Reply #3 on:
May 11, 2007, 09:25:14 AM »
Does CAVS 2 HIPS really monitor what you execute from other partitions than drive C? I store all my installation files for software on D, and ran a setup file some days ago - but there were no warning from HIPS (and I know the file was not in safe list because I tried to launch from C too and then a HIPS warning came up). Instead there were actually an error message from Windows XP: "NSIS Error - Error launching installer".
I don't know what's wrong, a month ago or so there were no problems launching setup files from D. Now I have to copy it all to C. Do you think HIPS would warn if this Windows installer error hadn't occured? I don't know how the HIPS technology works but I suppose it
would
warn if it got the chance?
Logged
Moderator LeoniAquila:
Aims to keep the forum a friendly place. Any concerns? Please send me a PM and/or review the
Forum Policy
.
salmonela
Computer Security Testing Group
Comodo's Hero
Offline
Posts: 496
COMODO Volunteer DEModerator
Re: Please feel free to ask any questions to learn all about Computer Security.
«
Reply #4 on:
October 25, 2007, 06:36:03 AM »
Quote from: Melih on December 30, 2006, 10:17:32 PM
Here you will have access to the world's best security experts to help you learn all about Computer security!
feel free to ask!
Melih
Please Mr. Melih , could you tell me on what hooks relies CPF3 in Vista 32 and Vista 64 bits , Ring0 or Ring3 or on combination of them , could you explain a little more on this in relation with Vista patch guard , please?
Logged
XP Pro SP3, Pentium4-3Ghz, 4×512Mb DDR, Ralink RT61 WLAN PCI adapter, ZyXEL P-660HW-D3 WLAN Router DSL modem
Bad English, I know...
Thanks
PLEASE DO NOT REPLY DUMB QUESTIONS/ANSWERS
KevinSL
Newbie
Offline
Posts: 14
Re: Please feel free to ask any questions to learn all about Computer Security.
«
Reply #5 on:
October 30, 2007, 09:16:10 AM »
I am not sure if this is the right forum to address my question but it does have to do with computer security, so here goes.....
I have been having trouble installing CAVS and the personal firewall on my Windows 2K Pro OS. While I can download the file and save it, when I try to install it, the download wizard never starts. I get the window to close all applications and when I press OK the box disappears but the wizard never starts. I have even gone into task manager and endded all applications. I have been able to install BOClean. I have had problems with other programs that I have tried to install. I worked for a company until about a year ago, whose computer IT guy had once boasted to me that he could get into anyones computer. Since I worked out of my home office 2 hours from headquarters, and frequently had to share files, attachments etc. I often wondered if they had planted a monitor. When I started having problems installing programs, I started looking around my computer. From the control panel, I went to Computer management, Local Users and Groups, Groups, and then Administrators. Under Administrators, I found four administrators listed that I never set up. They are \S-1-5-21-855903348-76970788-310601177-1005, \S-1-5-21-855903348-76970788-310601177-1020, \S-1-5-21-855903348-76970788-310601177-1038 and \S-1-5-21-855903348-76970788-310601177-500. They do not show up when I go to the Users and Passwords section in Control Panel. Not knowing what they are, I did not want to remove them, but I am concerned that someone may have created a back door to allow them admin rights on my computer.
So my questions are:
1. If this is the wrong forum to address my questions, could you recommend the proper forum?
2. Are these administrators a normal part of Windows 2K Pro?
3. If someone gained control over my computer, could they have made changes to my Config file, Install Shield, register or what ever to prevent your product from installing?
4. Is there a way to log what my computer is doing, so that I can find out why the install wizard just terminates?
Thanks in advance for your suggestions.
Logged
MorphOS REBOL
Comodo's Hero
Offline
Posts: 820
Re: Please feel free to ask any questions to learn all about Computer Security.
«
Reply #6 on:
November 12, 2007, 12:30:18 PM »
I sincerely recommend you do a virgin OS install and reinstall clean versions of your fave programs, my friend. Then do a rechecking on what is in your fearing mind alien administration.
Best and most secure way to find out...
Cheers
Logged
zvaragabor
Comodo Loves me
Offline
Posts: 109
Re: Please feel free to ask any questions to learn all about Computer Security.
«
Reply #7 on:
December 21, 2007, 01:56:00 PM »
Is HIPS a "subgenre" of behavior blocking?
Cheers
«
Last Edit: December 21, 2007, 01:58:43 PM by zvaragabor
»
Logged
Luketan
Computer Security Testing Group
Comodo Loves me
Offline
Posts: 195
Re: Please feel free to ask any questions to learn all about Computer Security.
«
Reply #8 on:
January 01, 2008, 04:04:48 AM »
Quote from: zvaragabor on December 21, 2007, 01:56:00 PM
Is HIPS a "subgenre" of behavior blocking?
Cheers
Definitions differ, but most would say HIPS is the broader concept.
HIPS can use behavior blocking, sandboxing etc.
But the way it is used in forums like this, it seems that many would not count antivirus type products as HIPS.
But according to Gartner, anything that runs on the host machine (as opposed to on the servers) that protects your system *is* HIPS (look at what HIPS means and it make senses), so they would say antiviruses and personal firewalls are HIPS as well.
According to them there are 9 different styles of HIPS,
I wonder how the whole Comodo suite stacks up....
Sources
"Understanding the Nine Protection Styles of Host-Based Intrusion Prevention" MacDonald. Gartner. 27 May 2005
"Best Practices for Implementing Host-Based Intrusion Prevention Systems" MacDonald. Gartner. ,20 November 2006
"Host-Based Intrusion Prevention: Myths and Realities", MacDonald. Gartner. 27 November 2006
"Understanding Strengths and Weaknesses of Host-Based Intrusion Prevention Styles", MacDonald. Gartner. 30 January 2006
"How TruPrevent Works" PandaResearch ,24 May 2007
An Analysis of Approaches to Host Intrusion Prevention Prevx, 16 December 2005.
«
Last Edit: January 01, 2008, 04:07:27 AM by Luketan
»
Logged
Luketan
Computer Security Testing Group
Comodo Loves me
Offline
Posts: 195
Re: Please feel free to ask any questions to learn all about Computer Security.
«
Reply #9 on:
January 01, 2008, 04:14:06 AM »
I would also point out the term "behavior blocking" or "behavior blockers" is also under dispute.
"I still believe that identifying malicious software by comprehensive analysis of all behaviors is a better solution than just watching for
isolated actions
. When I tested ThreatFire 3 and Norton Anti-Bot, they did a great job of blocking real-world malware using this type of holistic analysis. And because they look at the program as a whole, they don't flag valid programs that happen to use some of the same techniques. But CFP's implementation of
single-action behavior blocking
is among the best I've seen, especially the option to switch into Installation mode."
http://www.pcmag.com/article2/0,2704,2240715,00.asp
Some (most from the AV world) would say "single action behavior blocking" would not count as behavior blocking/ behavior blockers at all. To them only threatfire type technology that tries to decide by itself whether a series of behavior (plus other heuristic rules) is malicious count as behavior blockers. The major of comodo defense+ would be called "system firewall"
Others disagree saying that there are two types of behavior blockers, "smart" or "dumb". Expert based behavior blocker versus policy based behavior blocker...
It's all semantics really, as long as you understand what is being discussed.
Logged
MorphOS REBOL
Comodo's Hero
Offline
Posts: 820
Re: Please feel free to ask any questions to learn all about Computer Security.
«
Reply #10 on:
January 02, 2008, 06:48:22 PM »
For all intelligent users out there, or, should I say, users that know at least a lil bit about their machine and how it works, I recommend using a HIPS that warns about every single thingie.
For all others, I recommend so called "intelligent" Hips and "heuristic" proggies.
whatever they are. I am not here for advertising, am I?
cheers.
some prefer HIPS.
I prefer fine beer
Quoth the raven: Nevermore.
Logged
dcepalewis
Newbie
Offline
Posts: 4
Re: Please feel free to ask any questions to learn all about Computer Security.
«
Reply #11 on:
January 16, 2008, 10:51:22 AM »
Quote from: Melih on December 30, 2006, 10:17:32 PM
Here you will have access to the world's best security experts to help you learn all about Computer security!
feel free to ask!
Melih
HELP!! I KNOW I'M MOST PROBABLY DOING SOMETHING WRONG BUT WHENEVER I GO INTO "HIPS APPLICATION CONTROL" THEN MANAGE MANAGE ALLOW/BLOCK LIST, ALIST OF FILES IS LOADED ALL MARKED "BLOCKED" BUT BEFORE THE LIST CAN COMPLETE, AND WAY BEFORE I CAN ACTUALLY READ IT THE WHOLE PAGE DISAPPEARS!! I'VE NO CHANCE TO EITHER SEE WHICH FILES THEY ARE OR EVEN CONTEMPLATE WHICH TO SUBMIT OR NOT!
Logged
Ragwing
Global Moderator
Comodo's Hero
Offline
Posts: 3451
Re: Please feel free to ask any questions to learn all about Computer Security.
«
Reply #12 on:
January 16, 2008, 11:04:05 AM »
Quote from: dcepalewis on January 16, 2008, 10:51:22 AM
HELP!! I KNOW I'M MOST PROBABLY DOING SOMETHING WRONG BUT WHENEVER I GO INTO "HIPS APPLICATION CONTROL" THEN MANAGE MANAGE ALLOW/BLOCK LIST, ALIST OF FILES IS LOADED ALL MARKED "BLOCKED" BUT BEFORE THE LIST CAN COMPLETE, AND WAY BEFORE I CAN ACTUALLY READ IT THE WHOLE PAGE DISAPPEARS!! I'VE NO CHANCE TO EITHER SEE WHICH FILES THEY ARE OR EVEN CONTEMPLATE WHICH TO SUBMIT OR NOT!
Please start a new topic in
HIPS (Host Intrusion Prevention Systems)
and also write what HIPS software you are using.
And please don't write with capital letters all the time.
Cheers,
Ragwing
Logged
Forum Policy
FAQs
Tags:
Pages:
[
1
]
« previous
next »
Jump to:
Please select a destination:
-----------------------------
Want to help Comodo?
-----------------------------
=> Help Spread the Word - Official Comodo banners and logos
=> How can you help Comodo? (Please we do need you!)
===> Help spread the word! (Please read and help)
===> Comodo website issues for submitting website problems only
=> Please tell us your views and Vote here!
-----------------------------
General Category
-----------------------------
=> Melih's Corner - CEO Talk/Discussions/Blog
=> Comodo.TV - Our Internet Video Channel
===> Comodo.TV - News and Announcements
===> Comodo.TV - Program Lineup
===> Audience Feedback and Suggestions
=> Which Product do you want Comodo to develop next?
=> General Discussion (off topic) Anything and everything...
===> Member Confessions :-)
===> Funny Photos :-)
===> Cool Stuff
-----------------------------
Desktop Security Products
-----------------------------
=> Comodo Internet Security - CIS
===> Overview - CIS
===> Help - CIS
=====> Anti Virus Help
=====> Firewall Help
=====> Defense+ Help
=====> Install / Setup / Configuration Help
===> FAQ - CIS
=====> Anti Virus FAQ
=====> Firewall FAQ
=====> Defense+ FAQ
=====> Install / Setup / Configuration FAQ
===> Feedback/Comments/Announcements/News - CIS
===> Guides - CIS
=====> Anti Virus Guides
=====> Firewall Guides
=====> Defense+ Guides
=====> Install / Setup / Configuration Guides
=====> Video Guides
===> Wishlist - CIS
=====> Anti Virus Wishlist
=====> Firewall Wishlist
=====> Defense+ Wishlist
=====> GUI -Graphical User Interface - Wishlist
===> Bug Report - CIS
=====> Anti Virus Bugs
=====> Firewall Bugs
=====> Defense+ Bugs
=====> Other - General - GUI etc Bugs
=====> False Positive/Negative reporting - (Is this a malware that CIS has/not detected?)
===> Virus/Malware Removal Assistance
===> Leak Testing/Attacks/Vulnerability Research
=> Comodo Time Machine - CTM
===> Frequent Asked Questions (FAQ)
=> Comodo Dragon - CD
=> Comodo Instant Malware Analysis Online - CIMA
=> Comodo Disk Encryption - CDE
===> Overview - CDE
===> Help - CDE
===> FAQ - CDE
===> Feedback/Comments/Announcements/News - CDE
===> Wishlist - CDE
===> Beta Corner - CDE
===> BUG Reports - CDE
=> Comodo Secure Email - CSE
===> Frequently Asked Questions (FAQ)
===> Feedback/Comments/Announcements/News about CSE
===> Bug Reports
===> Help for Comodo SecureEmail
=> Comodo TrustConnect - Securing the Wireless world!
=> Comodo EasyVPN - CEVPN
===> Frequently Asked Questions (FAQ)
===> Feedback/Comments/Announcements/News about Comodo EasyVPN
===> Bug reports
===> Help for Comodo EasyVPN
=> HopSurf (Bringing Internet to you)
=> Comodo Online Backup - COB
=> Comodo Backup - CB
===> Comodo Backup - FAQ
===> Comodo Backup - Help
=> Verification Engine - CVE
=> Comodo Vulnerability Analyzer - CVA
=> Comodo AntiSpam - CAS
-----------------------------
Desktop Utilities
-----------------------------
=> Comodo System Cleaner - File/Registry/Privacy Cleaner
=> Live PC Support (geeks ready to help 24/7/365)
-----------------------------
Enterprise Security
-----------------------------
=> Comodo Endpoint Security Manager
-----------------------------
Compliance
-----------------------------
=> PCI DSS Compliance
-----------------------------
Learn about Computer Security and Interact with Security Experts
-----------------------------
=> Computer Firewalls
=> Anti Virus/Malware Products/Other Security products
=> Free Virus/Spyware/Trojan/Malware Removal by Comodo Experts
=> HIPS (Host Intrusion Prevention Systems)
=> Anti Phishing solutions
=> Digital Certificates, Encryption and Digital Signing
=> General Security Questions and Comments (not product related)
-----------------------------
Free Services for End Users
-----------------------------
=> UserTrust - First Independent Website Rating - Empowering our users!
=> Hacker Guardian
=> Trustfax (free Trial) (online faxing)
-----------------------------
Free Products
-----------------------------
=> Link to Free Comodo Products
-----------------------------
International Comodo Forums
-----------------------------
=> International Comodo Forums
===> 汉语语言, 漢語語言 / Chinese Simplified, Traditional
===> Nederlands / Dutch
===> Francais / French
===> Deutsch / German
===> ελληνικά / Greek
===> Magyar / Hungarian
===> Italiano / Italian
===> Nihongo / Japanese
===> Norsk / Norwegian
===> Polski / Polish
===> Português/Portuguese
===> По-русски / Russian
===> Espanol / Spanish
===> Svenska / Swedish
===> Turkce / Turkish
===> Українська / Ukrainian
===> tiếng Việt / Vietnamese
===> Slovenský / Slovak
-----------------------------
Digital Certificates
-----------------------------
=> Code Signing Certificate
=> Content Verification Certificate
=> Email Certificate
=> SSL Certificate
-----------------------------
Web Server Products
-----------------------------
=> Two Factor Authentication for Web Applications
=> Trustlogo
-----------------------------
Other
-----------------------------
=> Forum Policy Violation Board
-----------------------------
Archive Boards
-----------------------------
=> Comodo Diskshield
=> Comodo Firewall
===> Feedback/Comments/Announcements/News
===> Help for v3
===> Help for v2
===> Frequently Asked Questions (FAQ) for Comodo firewall
===> Comodo Firewall Translations
===> Bug Reports
=> Comodo Anti-Viruspyware (CAVS)
===> Help for Comodo AntiVirus
===> FAQ for Comodo Anti-ViruSpyware
===> Feedback/Comments/Announcements/News about CAVS
=> Launch Pad (Discontinued)
=> Trusttoolbar (Discontinued)
=> Comodo Meet (Web Conferencing Product) (Discontinued)
=> User Anywhere (Remote Access product) (Discontinued)
=> Trustix Enterprise Firewall
=> ZTL
=> Comodo BOClean Anti-Malware
===> Announcements
===> Comodo BOClean Anti-Malware FAQ
=> Comodo Memory Firewall(Buffer Overflow Protection)
===> Comodo Memory Firewall Beta Corner
===> Help
===> Frequently Asked Questions (Comodo Memory Firewall)
===> Feedback/Comments/Announcements/News
=> i-Vault
=> Safesurf
Page created in 0.048 seconds with 16 queries.
Powered by SMF 1.1.11
|
SMF © 2006, Simple Machines LLC
Seo4Smf v0.2 © Webmaster's Talks
Design by
7dana.com