Behaviour Blocker versus HIPS

Author	All Replies
MSE_fan @rogers.com	Behaviour Blocker versus HIPS What is the difference between a Behaviour Blocker and a HIPS. Thanks, MSE_fan
	to forum · permalink · 2013-02-26 21:07:46 ·

norwegian Premium join:2005-02-15 Outback Reviews: ·WestNet Broadband	»www.google.com/search?q=What+is+···ie=UTF-8 Homework? What specifics are you asking? -- The only thing necessary for the triumph of evil is for good men to do nothing - Edmund Burke
	to forum · permalink · 2013-02-27 09:25:05 ·
MSE_fan @rogers.com	I am a little bit confused: I tought that a HIPS is totaly different than a Behaviour Blocker but Emsi Soft (they have Mamutu) said that their Behaviour Blocker is in fact a HIPS.
	to forum · permalink · 2013-02-27 19:26:53 ·
norwegian Premium join:2005-02-15 Outback Reviews: ·WestNet Broadband 2 edits	IPS - Intrusion Prevention is actually hardware. HIPS can be software on a SOHO machine doing a similar job. Hardware: »en.wikipedia.org/wiki/Intrusion_···n_system »www.ciscopress.com/articles/arti···seqNum=3 »www.cisco.com/en/US/products/ps5···ome.html »www.sans.org/security-resources/···-ips.php Software: Sophos write up for their engine: »www.sophos.com/en-us/why-sophos/···ion.aspx Topics here: »Free HIPS program? »Differance between IPS in router and HIPS? »www.sans.org/security-resources/···ased.php It's a little cloudy to say that both are different items in a SOHO environment and the firmware/software engines that run hardware against that of software on your computer with their multi-layered detection modules may seem to have similar traits to the average user. I'm almost confusing myself. Hope it helps clear it up a little though as terminology and language gets a little over board at times. -- The only thing necessary for the triumph of evil is for good men to do nothing - Edmund Burke
	to forum · permalink · 2013-02-28 05:07:35 ·
planet join:2001-11-05 Oz kudos:1	My simplistic explanation would be for example a program such as ThreatFire (behavior blocker) which would monitor for code that might be malware related (heuristic) versus a program like Faronics Anti-Executable (HIPS) which prevents all non-white listed exe and dll files from running on your PC without your permission.
	to forum · permalink · 2013-02-28 11:28:36 ·
HELLFIRE join:2009-11-25 kudos:7	reply to MSE_fan (H)IPS is a wellknown and accepted terminology in IT. Behavior blocker... not so much. Or at least I've never come across it before. Got a link to this Mamutu software? Regards
	to forum · permalink · 2013-03-01 00:28:08 ·
MSE_fan @rogers.com	»www.mamutu.com/en/software/mamutu/
	to forum · permalink · 2013-03-01 06:25:05 ·
balloonshark Lets Go Mountaineers join:2006-08-11 WV	reply to MSE_fan I think a HIPS pretty much reports on everything that happens while a behavior blocker looks for patterns. -- If we quit voting, will they all just go away?
	to forum · permalink · 2013-03-01 10:43:47 ·
HELLFIRE join:2009-11-25 kudos:7	reply to MSE_fan quote: »www.mamutu.com/en/software/ids/ In addition, the Behavior Blocker can monitor and stop any of the following actions: Installation of new drivers and services Any kind of process manipulation like DLL-injection, code-injection, patching, termination, etc. Installation of new BHOs (Browser Helper Objects) Changes to your Internet Explorer configuration Hidden installations of software Changes to your Hosts file (redirects domains) Installations of debuggers on the system So in a very BROAD sense, you could argue this is a HIPS in that it resides on and protects on an endhost, but truth to tell it's all semantics to me. If you are security conscious, keep in mind the following truisms : a) security is a PROCESS not a product b) if it can be made by human hands, it can be broken by human hands c) security is best designed and done in multiple (decoupled) layers My 00000010bits. Regards
	to forum · permalink · 2013-03-03 14:52:49 ·

Broadband Tech > Security > Security > Behaviour Blocker versus HIPS