Thanks Dirhael, for pointing that out. You're correct indeed, WinPatrol is not a real HIPS. But I believe Comodo Firewall Pro is. I use it and it regularly bugs me with messages about changes to my registry, just like a real HIPS would.
CFP, or rather the Defense+ component, is indeed a proper HIPS that appears to be quite popular (can't really beat the price
) and solid. I tested it a while back, and came to the conclusion that it doesn't really suite me. It felt like I was using the digitized version of the boy who cried wolf
. To be fair, this is a common problem with any traditional HIPS, but at least some of them have tried to reduce the number of useless prompts by implementing things like community databases (tracks how people answers, then makes suggestions based on that) or add some form of behavioral analysis. My preferred way to deal with vulnerable applications (most programs facing the internet and other applications I'm not yet sure is safe to install/use) is to either sandbox them completely (SandboxIE
) or use a policy sandbox (Defensewall
). In extreme cases when it's very likely that installing a certain program may cause problems due to potential software conflicts, I may even use a virtual machine like VMware or Virtualbox to test before considering installing it on my main system.