What does HIPS stand for so I can read up on it?Quote:
I believe in whitelisting apps. That's why I run a HIPS, which doesn't allow anything that hasn't been authorized, to run, be that a legitimate program or malware. So my setup relies on Online Armor + EAM. With OA whitelisting and EAM behavioral detection I feel I am reasonably protected even against unknown, zero day, threats.
EAM is that Emsisoft Antimalware that you mentioned earlier or something else?
So about whitelisting. At what level does this occur? For example, my POS system has a credit card module and a debit card module. Will I need to make an exception for each of those or just for the overall POS product? And if I do need to make that exception, will it be something that requires me to plan and configure ahead? Or will it take the form of a popup that I can examine and make a decision on the fly?
EAM is Emsisoft AntiMalware, yes.
HIPS stands for Host Intrusion Prevention System.
The whitelisting is implemented by Online Armor. In its default configuration, it prompts you when running unknown programs, so that you can make a decision. So, it will prompt you for whatever modules it identifies as wanting to run. You can then confirm or reject and choose to have your option remembered. For system files, OA recognizes them usually automatically, so after an initial setup period, things just run smoothly.
Using a HIPS like OA is a great way to keep your system running just what you want it to run, so it is a good way to avoid malware, any malware, from infecting you. In many cases OA takes decisions on its own, when it can (safe programs or known threats), in other cases it prompts you to make a decision, but if you so configure OA, you can rest assured that non authorized, unknown programs won't be able to run.
If you are interested in testing it, OA has a 30 days trial period. It's a good way to see if it fits your needs and works properly in your environment. HIPS include their own firewall and OA does it too, replacing the Windows firewall with a better firewall and a much better interface - you can see what apps are connecting to where, whenever you want to, even with automatic IP resolution.
I think the whitelisting is something I will try implementing when I can be in the store for a couple of days. That will probably be sometime in May. Same goes for switching firewalls and AV/AM software if I decide to do so. I normally do all of my sysadmin work via RDP and changes to firewalls typically locks me out until I can fix it locally.
If you haven't I would recommend upgrading Malwarebytes to Pro version for active protection. It will work fine alongside MSE. It can be found for as little as $10 and you might want to consider Enterprise Edition. I would also recommend running Malwarebytes anti-rootkit once a week. Also use Keyscrambler to encrypt input.
I haven't upgraded to Malwarebytes Pro, but it's on my todo list. I don't know what their anti-rootkit product is. I'll see if I can find it on their website when I go to upgrade. Where do I find the $10 deal? Just Google for it?
How does Keyscrambler work? Does it only work with keyboards or does it scramble credit card swipers, too? If so I wonder if the swiper would still work correctly. And if not do I have the ability to bypass the scrambler?
watch deals websites like slickdeals or Woot community sourced deals where members post leaks to deals. Sometimes Tiger Direct has it, or Newegg.
As far as Keyscrambler, I don't think they have anything for POS but I would ask them. http://www.qfxsoftware.com/ks-window...yscrambler.htm
Thanks. I didn't know those places exist.
I use Win7 Ultimate and have used MSE for a long time. I added Tinywall firewall to the assortment along with web based Bitdefender. You have to be aware that Tinywall blocks all outbound unless they are specifically okay'd. You can set several levels with it though or easily disable or allow all outbound. Should some internet, or for that matter, local network function stop connecting then suspect Tinywall, it is just doing it's job. Had a recent Flash update which wasn't recognized, caused me a little grief until I checked my prime suspect, Tinywall. Though I'm new to The Lounge I'm 72yo and have been working on computers for over 30 years. I was in electronics before transisters got going. Time sure flies! Still like the Commodore 64 and had a Franklin ....Apple compatible computer. Seen many changes, still love these wonderful machines!
Thanks, I will also look into Tinywall. I have a couple of months before I need to commit to a major upheaval that includes firewall changes. The reason is that I will be 1200 miles from the store until sometime in May and I do everything via Remote Desktop. If I install a firewall remotely and it shuts me out, I have to get on a plane fast. And if it shuts down my outbound credit card processing it had better be a supersonic one!
I'm only 58 but I do remember going through the TV pulling and taking the tubes down to the Albertson's grocery store one at a time so I didn't get them confused, putting them in the big blue tube tester at the front of the store, and finally finding the bad one and replacing it. I was just a kid and really wanted to watch one of the moon landings. I had watched the repairman once before and it didn't look that hard. And it wasn't as long as it was just a dead tube. Can you imagine pulling out the chips in your TV and taking them down to the grocery store to be tested and to buy a replacement? It's a different world now. I also built my own computer from a Z80 in the days when that was the hottest chip going. That was left behind to buy an Osborne I "portable" computer, then I left the world of dinky little computers for the world of big, high performance computers. It was a real rush designing those guys. It was like designing Freightliner trucks to compete in NASCAR. Really big, really powerful, really fast servers and corporate database machines. All relative to that time, of course. I'm sure the PC on my desktop right now could probably outperform them easily.
How did that scanning tool work out ?
OK, both POS systems are checked with that scanner and both come back negative. That's good to know. Thanks, Sudo15
SlideShare. I hope you find it useful.