About hips

Discussion in 'ESET NOD32 Antivirus/Smart Security Beta' started by dorgane, May 10, 2011.

Thread Status:
Not open for further replies.
  1. dorgane

    dorgane Registered Member


    i have keep hips default configuration, just add "logs all blocked..."
    it is normal, i have many operation blocked ?

    View attachment hips.xml.txt

    thank you,
    and sorry for my bad english
  2. dorgane

    dorgane Registered Member

    i have found the learning mode, i have switch...but there not notification when rules are creates (but thefirewall learning mode have notifications).

    edit :

    after this screen


    learning mode make duplication for one rule? :doubt:

    thank you
    Last edited: May 10, 2011
  3. kryptoncs

    kryptoncs Registered Member

    Put the HIPS config into Automatic mode. That will ensure more protection.
  4. dorgane

    dorgane Registered Member

  5. toxinon12345

    toxinon12345 Registered Member

    In Automatic mode, rules should be created in a blacklisting approach (blocking operations), cause all others operations are allowed
    in policy-based mode, is the opposite: the rule set should be created using a whitelisting approach, cause all the others are forbidden

    and interactive mode, you should create a rule set using automatic decisions, cause all other operations are asked
  6. trjam

    trjam Registered Member

    Eset would be wise to contract with Mike Nash on rule creating for its HIPS.
  7. dorgane

    dorgane Registered Member

Thread Status:
Not open for further replies.