About hips

Discussion in 'ESET NOD32 Antivirus/Smart Security Beta' started by dorgane, May 10, 2011.

Thread Status:
Not open for further replies.
  1. dorgane

    dorgane Registered Member

    Joined:
    Oct 17, 2007
    Posts:
    362
    hi,

    i have keep hips default configuration, just add "logs all blocked..."
    it is normal, i have many operation blocked ?


    View attachment hips.xml.txt


    thank you,
    and sorry for my bad english
     
  2. dorgane

    dorgane Registered Member

    Joined:
    Oct 17, 2007
    Posts:
    362
    hum,
    i have found the learning mode, i have switch...but there not notification when rules are creates (but thefirewall learning mode have notifications).


    edit :

    after this screen

    rule.jpg

    learning mode make duplication for one rule? :doubt:

    thank you
     
    Last edited: May 10, 2011
  3. kryptoncs

    kryptoncs Registered Member

    Joined:
    May 1, 2010
    Posts:
    3
    Put the HIPS config into Automatic mode. That will ensure more protection.
     
  4. dorgane

    dorgane Registered Member

    Joined:
    Oct 17, 2007
    Posts:
    362
  5. toxinon12345

    toxinon12345 Registered Member

    Joined:
    Sep 8, 2010
    Posts:
    1,180
    Location:
    Managua, Nicaragua
    In Automatic mode, rules should be created in a blacklisting approach (blocking operations), cause all others operations are allowed
    in policy-based mode, is the opposite: the rule set should be created using a whitelisting approach, cause all the others are forbidden

    and interactive mode, you should create a rule set using automatic decisions, cause all other operations are asked
     
  6. trjam

    trjam Registered Member

    Joined:
    Aug 18, 2006
    Posts:
    8,947
    Location:
    North Carolina
    Eset would be wise to contract with Mike Nash on rule creating for its HIPS.
     
  7. dorgane

    dorgane Registered Member

    Joined:
    Oct 17, 2007
    Posts:
    362
Thread Status:
Not open for further replies.