Classical HIPS are proving to be poor against zero day exploits

**Maybay** · 24-12-2010

I wanted to write about this classical hips. i just wanted to say that it is no more effective against the latest malware attacks and also the latest exploits. This is proving to be very dangerous to mys system. Since after installing i have noticed several exploits in the system. The following are the three exploits that was found in my system
1- .lnk explot
2- dll execution exploit
3- zero day UAC byapss exploit
Now what should i do. How can thee exploits be treated please do let me know some good firewall's that i can turn to to protect my system.

**Amie** · 24-12-2010

Well looking at your situation .This was bound to be happen. These types of classical HIPS can only provide security to a particular level. This will not ensure total security of the system. The main disadvantage of the classical hips is that it has to work with what the operating system is built and so it gives the same result. Now when you talk about the sandboxes and policy based HIPS, they enforce strict rules in the system and they have own set of rules which will not allow such type of attacks to take place. So my advice would be to go with the sandboxes or the policy based HIPS. However this is just my advice, its upon you to think with which product you would like to go.

**HiSpeed** · 24-12-2010

Well talking about the issue let me say that appguard is on the same lines as the classical hips. These classical hips work on the same strategy as the appguard. However i think comodo has a much better security to offer. I was using this appguard and i am also facing the same problems. So i am thinking to switch to the comodo dragon. I think it will have much better security against the malwares attack as well as the exploits.

**Wguy2008** · 24-12-2010

According to me you must not go with the comodo as it is proved that it is not so effective against the latest attacks. I would definitely advice you to go with the new windows 7 advanced security firewall.This is much faster than many of the firewalls existing today. Upon that you can apply the safe admin UAC that will allow only the elevated signed programs added with a good antivirus program, it would be a very good option for your computer security. Thus you can avoid the attacks by setting up such programs. Do try with such settings and do let me know if it works.

**Maybay** · 25-12-2010

Well after reading your above posts i got a lot of information about the different firewalls available. So after reading through i am deciding to go with the Windows 7 advanced security. Simply because it is the fastest and also i had done some research work and did find some vital facts about the product. So i am deciding to go with he windows 7 advanced security. Anyways thanks for the efforts that you have put in. Really appreciate it.