Free HIPS (Host Intrusion Prevention System) and Application Firewalls
Free Application Monitoring Software, Rootkit Prevention and Host-based Intrusion Prevention Systems
Free HIPS (Host Intrusion Prevention System), Application Firewalls and Monitoring Software
Software that implement HIPS, or Host Intrusion Prevention System, allow you to monitor all applications, drivers, shared libraries (DLLs), and other activities that occur on your system. For example, in Windows, HIPS software often check when programs are loaded (whether in the foreground or invisibly, behind your back, in the background), when drivers are being installed or loaded by programs, when global hooks or keyboard hooks are inserted into your system, when code is injected into another process (that is, running program) by another program, etc. Some of them allow you to prevent such programs from running and also allow you to kill (terminate) any programs that may already be running. They may be useful, for example, in helping you detect when a rootkit, keylogger, spyware or trojan is being installed into your system. Such host-based prevention systems or application and system monitoring software often work beside your personal firewalls (for the network or Internet), antivirus software and anti-spyware and anti-malware tools.
Note that as a result of many free programs being discontinued, the list below may be empty (or near empty). If you're determined to look for a HIPS program, and can't find one below, try the free personal firewalls page as well; some personal firewalls may integrate a HIPS into their offering. In addition, a number of commercial antivirus software have folded some of the functionality of HIPS into their products (usually in a limited way, otherwise the software will require too much technical expertise for the average user, which is the demographic those products typically target).
Free HIPS (Host-based Intrusion Prevention System), Application and System Monitoring Software
- OSSEC Open Source Host-based Intrusion Detection System
OSSEC performs log analysis, integrity checking, rootkit detection, real-time alerting and active response. The Windows version also does registry monitoring. The program runs on Windows, Linux, FreeBSD, OpenBSD, NetBSD, Mac OS X, Solaris, HP-UX, AIX, and any POSIX-compliant operating system. It is open source and distributed under the GNU General Public License.
(Update: this program is no longer available.) Samurai is a system hardening tool with host intrusion Prevention (HIP) features. Once you enable the anti-rootkit option, it will warn you if a program tries to install a kernel driver.
How to Link to This Page
It will appear on your page as: