About hips

Discussion in 'ESET NOD32 Antivirus/Smart Security Beta' started by dorgane, May 10, 2011.

Thread Status:
Not open for further replies.
  1. dorgane
    Offline

    dorgane Registered Member

    hi,

    i have keep hips default configuration, just add "logs all blocked..."
    it is normal, i have many operation blocked ?


    View attachment hips.xml.txt


    thank you,
    and sorry for my bad english
  2. dorgane
    Offline

    dorgane Registered Member

    hum,
    i have found the learning mode, i have switch...but there not notification when rules are creates (but thefirewall learning mode have notifications).


    edit :

    after this screen

    rule.jpg

    learning mode make duplication for one rule? :doubt:

    thank you
    Last edited: May 10, 2011
  3. kryptoncs
    Offline

    kryptoncs Registered Member

    Put the HIPS config into Automatic mode. That will ensure more protection.
  4. dorgane
    Offline

    dorgane Registered Member

  5. toxinon12345
    Offline

    toxinon12345 Registered Member

    In Automatic mode, rules should be created in a blacklisting approach (blocking operations), cause all others operations are allowed
    in policy-based mode, is the opposite: the rule set should be created using a whitelisting approach, cause all the others are forbidden

    and interactive mode, you should create a rule set using automatic decisions, cause all other operations are asked
  6. trjam
    Offline

    trjam Registered Member

    Eset would be wise to contract with Mike Nash on rule creating for its HIPS.
  7. dorgane
    Offline

    dorgane Registered Member

Thread Status:
Not open for further replies.