After some internal discussion we decided to add additional checkbox to Settings, something like Disable separate desktops. It'll globally disable separate desktops graying out the corresponding checkbox in isolated environments. But most likely it'll be disabled by default. So we're always here, taking notes and listening to our potential customers even if we don't comment every suggestion So don't hesitate to contact me if you stumble upon any bugs or issues or should you have any questions or suggestions. Best Regards, fixer.
Yes, and I just set all vulnerable processes to "Alert" when started so they are under full control if something tries to execute them. Anyone did the same?
Lol, not an easy choice. all 3 are different products, not comparable: AG is SRP : based on policy you will set, it will auto-block exe/dlls/installers launched from user-space and prevent process hollowing to some extent (via its memory protection feature) . VS is an anti-exe + Ai & reputation system: i don't need to explain what it does, i think you know already. ReHIPS is a sandbox + application control: the application control module acting like an anti-exe with Parent/Child monitoring. if you don't mind combos , you can do: - AG + VS - AG + ReHIPS (my combo) , - VS + ReHIPS will have some redundant features unless you are fine with that and are able to tweak them both for better compatibility/usability.
Thanks for your advice. I realize that they are all different. Trying to make a choice as to which would be best for my setup. I don't my combos.
Hello everybody. Here comes RulesManager https://rehips.com/RulesManager 2.2.0.zip What is it? It's an extended and highly customizable RulesPack which was initially meant for domain corporate edition. I know, it doesn't look as nice and cute as main GUI and more like ReHIPS 1.0.0, but we'll take care of appearances later. It also slightly lags in development from main GUI, but it does its job and it's all that matters. As a sneak peek I'll tell you we'll replace RulesPack with this tool in the next major build. What to do with it? Put default.rdb and RulesManager32/64.exe (according to your OS bitness) in ReHIPS folder. RulesPack and RulesManager are interface-compatible, so ReHIPS will use RulesManager instead of RulesPack if it finds it and it'll use rules database from default file default.rdb. If you start RulesManager without any parameters, it'll show GUI. There you can open rdb file and settings file (this was meant to edit settings and distribute domain version with customized settings, but you won't need this feature). RDB file is Rules DataBase, you can edit it in any way adding new products, deleting or editing them, saving in separate rdb files, exchanging them, etc. It shows a tree similar to main GUI. The first level are products, the second one are files. Products (for example, Office) may consist of several files. Product is similar to isolated environment, one product=one isolated environment, may contain several files. When rules are being installed, files should be found and added to the ReHIPS database. There are 2 ways to find a file: it's a preinstalled file (like explorer.exe), it's found by path assembled from KNOWNFOLDERID https://msdn.microsoft.com/en-us/library/windows/desktop/dd378457(v=vs.85).aspx and hardcoded file path+name; and files that can be installed in random location (any installable software like Firefox), these are found by uninstall information from the registry (DisplayName value), the same name you can see in Control Panel-Uninstall Software, path is taken from InstallLocation registry value and is appended by hardcoded file path+name. Hardcoded paths support wilcards. Don't know if it makes much sense, try to take a look at predefined rules and feel free to ask if you have any questions. And there is one more non-familiar thing: Special Folders. When some software is installed (for example, Office), it may store settings in real user home profile folder or in HKCU registry hive. Being isolated this software won't have access to either of these locations. But we'd like to keep settings, so these settings have to be copied, that's what Special Folders are for, these folders and registry keys are copied from real user profile to ReHIPS user profile. Other than this quite complicated stuff, the rest is pretty much the same as in main GUI, same access rights, permissions, etc. Enjoy this release. And as usual, don't hesitate to contact me should you have any questions or suggestions. Best Regards, fixer.
Looks promising. This means it's going to be easier to export/import settings, correct? Worked fine now when I tested it!
Yeah. Of course. You edit rules in RulesManager and keep that setting stored. Also makes it easier to import community created rules which are hardened. It's opening up for better things! Looking forward to it!
Yes, RM is your tool to creates rules/IE then when you do a clean install of ReHIPS , just copy-paste your customized rdb file in installation folder and ReHIPS will load your rules/IE.
We sent emails to some companies like online security magazines, but this process takes some time. If you have any contacts or suggestions, I'd be grateful and glad to send them too. Best regards, fixer.
@ReHIPS but dont send it to PC Mag, they have no clues how to use any Application Control or HIPS softwares, they will trash ReHIPS
PC Mag is a magazine for noobs made by noobs, so don't expect them to understand or promote SRP , anti-exe , HIPS, etc... Why do you think they highly value BD...
Is anyone else having trouble downloading 2.2? I can't seem to grab the last 100 KB, and I've tried multiple times.
Well this is weird. I cannot download that file either; same issue. I can however download other files just fine, I just tried grabbing a random one from MajorGeeks. I am using Cyberfox. I wonder want the issue is, as it seems to only be that particular file. Slimjet also cannot download the file, with the reasoning being what you described; Chrome blocking malicious downloads. I wonder if that was what was happening in Cyberfox as well.