ReHIPS

Discussion in 'sandboxing & virtualization' started by MrBrian, May 24, 2014.

  1. guest

    guest Guest

    obviously, if you use the demo, it won't start minimized; what you may do is disable "auto-start".
     
  2. jacemace

    jacemace Registered Member

    Joined:
    Sep 10, 2009
    Posts:
    78
    Uninstalled rehips - was slowing the internet to a crawl - would take a minute to load google in firefox - usually takes half a second - rehips really doesn't like firefox. in iexplore it wasn't really an issue - which is weird, because I find iexplore to be way less secure - especially when you can enable add-ons in firefox like noscript, ublock, umatrix, policeman, and others. One other weird thing - rehips was disabling the volume control on youtube in the iexplorer browser.
     
  3. hjlbx

    hjlbx Guest

    I had similar issues with firefox (cyberfox). I created the isolated environment rule manually, then closed cyberfox and re-opened it. It did get sorted out... but the initial launch was quirky. I had to copy the user profile to the isolated environment.

    You should report on ReCrypt forum - fixer would want to know about your experiences.
     
  4. jacemace

    jacemace Registered Member

    Joined:
    Sep 10, 2009
    Posts:
    78
    Thank you for posting hjlbx - I thought it was something to do with the user profile - I do not know how to do what you did. rehips is uninstalled, firefox internet browsing is back to full speed.

    The youtube volume being disabled in iexplorer was not related to rehips.
     
  5. jacemace

    jacemace Registered Member

    Joined:
    Sep 10, 2009
    Posts:
    78
    hjlbx - can you post a tutorial on the firefox user profile?
     
  6. hjlbx

    hjlbx Guest

    I don't have ReHIPS installed at the moment. From what I know ReCrypt added the rules needed for Cyberfox to run correcly isolated in beta version 2.2.0.

    Anyhow, I know this isn't what you want to hear, but it is not difficult:

    1. Right-click on Firefox desktop shortcut "Run isolated in ReHIPS"

    2. This will start the isolated environment creation wizard

    3. Make sure you check "Copy User Data or Profile" - I can't remember the wording

    4. Cyberfox will start in isolated environment and might mis-behave

    5. If you get the prompt to set Cyberfox as your default browser just click the X

    6. Close Cyberfox and restart

    7. You might have to do it a couple of times before Cyberfox loads correctly

    8. Once Cyberfox loads correctly, go to the isolated environment and untick "Copy User Data or Profile"

    IF your problem persists, then you should report it to fixer at ReCrypt forum. I can guarantee you he will get your issue sorted out...
     
  7. Rasheed187

    Rasheed187 Registered Member

    Joined:
    Jul 10, 2004
    Posts:
    17,546
    Location:
    The Netherlands
    Very interesting article. I hope to see ReHIPS launched soon, to see if it has a better approach to sandboxing than SBIE. From what I've seen so far, I doubt it. And it isn't only about security, usability is important too. I'm aware of the fact that certain attacks are still possible inside a virtual sandbox, but these were also design choices from the developers.
     
  8. NormanF

    NormanF Registered Member

    Joined:
    Feb 20, 2009
    Posts:
    2,874
    As an ae/sandbox, it leverages built-in Windows security mechanisms to lock down the system. Its very usable and you can allow or deny any running process.

    The designers wanted to keep it simple and that's where it succeeds.
     
  9. hjlbx

    hjlbx Guest

    Yes. ReHIPS does alter the desktop experience. Some users will not like it. It will be a matter of personal preference - but the physical system security it affords is 1st-rate.

    ReHIPS is essentially a restricted privileges\access rights sandbox (non-virtualized) using Windows' built-in protection mechanisms\policies.

    I think a lot of confusion happens because of the term sandbox - a lot of people associate sandbox with light virtualization because of Sandboxie.
     
  10. jacemace

    jacemace Registered Member

    Joined:
    Sep 10, 2009
    Posts:
    78
    Trying rehips again - as zemana anti-malware premium 90 day license expired, and the beta page for zemana is gone (not sure about google groups).
    Must apologize to rehips, as I think firefox was slow because of an ip proxy, not because of rehips - firefox is really fast and at its usual speed with rehips installed and running, but no proxy.
     
  11. guest

    guest Guest

    That is its beauty.
     
  12. harsha_mic

    harsha_mic Registered Member

    Joined:
    Mar 11, 2009
    Posts:
    815
    Location:
    India
    Maybe one day i will try this when its released to public.

    I have done brief read about it in its forum as you people suggested, and looks like i have some picture of it now. First of all thanks to you guys (@guest ,@SHvFl)

    So, here are some basic questions -
    - Would it be ok to run traditional AV along side it. (like Eset in my case) -- I believe it should work, as all i think it creates restricted user profiles for isolated programs..
    - Would it be advisable to have Anti-Exploit tools running along side it - I dont have a clue..
     
  13. guest

    guest Guest

    You are welcome ;)

    yes since ReHIPS isn't an AV, just a sandbox coupled with an HIPS. In the case of ESET (which also has an HIPS) , i personally would disable ESET one (i tried it long time ago and it was a pain ).


    i personally run HMPA alongside it without any issues.
     
  14. guest

    guest Guest

    @harsha_mic About AVs and ReHIPS (quoted from ReHIPS forum.)

    answer:

     
  15. harsha_mic

    harsha_mic Registered Member

    Joined:
    Mar 11, 2009
    Posts:
    815
    Location:
    India
    thanks to both of you @guest, @SHvFl

    I have registered in recrypt forum, and got the beta link. Will install over the weekend. And hoping i wouldn't run into any major issues. As i will be installing on my laptop directly :).

    Thanks! I personally run ESET HIPS in automatic mode. Just had a couple of rules for my firefox browser, if it tries to touch any other processes...
     
  16. harsha_mic

    harsha_mic Registered Member

    Joined:
    Mar 11, 2009
    Posts:
    815
    Location:
    India
    point taken! :thumb:

    I was searching for it. Is it bundled in the program?
     
  17. guest

    guest Guest

    yes
     
  18. harsha_mic

    harsha_mic Registered Member

    Joined:
    Mar 11, 2009
    Posts:
    815
    Location:
    India
    is it possible to just send me the help file. So that, before installing i could read it first..
     
  19. XhenEd

    XhenEd Registered Member

    Joined:
    Mar 31, 2014
    Posts:
    536
    Location:
    Philippines
    @guest
    Disabling ESET's HIPS would mean disabling its anti-exploit, advanced memory scanner, etc. :)
    I think if paired with ReHIPS, ESET's HIPS should just be in automatic mode, just like what @harsha_mic did. :)
     
  20. guest

    guest Guest

    i see; last time i used ESET was 2-3 years ago :D
     
  21. guest

    guest Guest

    by reading it before will not help you, since it is very specific with dedicated terms, you won't understand without the GUI open.
     
  22. guest

    guest Guest

    The manual is not a single pdf-file that can be read without installing ReHIPS.
    Code:
    hips_english.qch
    hips_english.qhc
     
  23. guest

    guest Guest

    After looking in the old ReHIPS v1.2 installation-file i had on my harddisc i can see "ReHIPS Admin Guide (eng).pdf" in it.
    I have it not installed at the moment, so i can read a little bit :thumb:
    It's good to keep old versions (just in case) :D
     
  24. guest

    guest Guest

    @mood no ReHIPS v1.2 and the actual beta is another world, just use the latest beta.
     
  25. harsha_mic

    harsha_mic Registered Member

    Joined:
    Mar 11, 2009
    Posts:
    815
    Location:
    India
    thanks. will install the latest build over the weekend (link provided by fixer) then, and read from there :)...
     
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.