About hips

Discussion in 'ESET NOD32 Antivirus/Smart Security Beta' started by dorgane, May 10, 2011.

Thread Status:
Not open for further replies.
  1. dorgane

    dorgane Guest

    hi,

    i have keep hips default configuration, just add "logs all blocked..."
    it is normal, i have many operation blocked ?


    View attachment hips.xml.txt


    thank you,
    and sorry for my bad english
     
  2. dorgane

    dorgane Guest

    hum,
    i have found the learning mode, i have switch...but there not notification when rules are creates (but thefirewall learning mode have notifications).


    edit :

    after this screen

    rule.jpg

    learning mode make duplication for one rule? :doubt:

    thank you
     
    Last edited by a moderator: May 10, 2011
  3. kryptoncs

    kryptoncs Registered Member

    Joined:
    May 1, 2010
    Posts:
    3
    Put the HIPS config into Automatic mode. That will ensure more protection.
     
  4. dorgane

    dorgane Guest

  5. toxinon12345

    toxinon12345 Registered Member

    Joined:
    Sep 8, 2010
    Posts:
    1,200
    Location:
    Managua, Nicaragua
    In Automatic mode, rules should be created in a blacklisting approach (blocking operations), cause all others operations are allowed
    in policy-based mode, is the opposite: the rule set should be created using a whitelisting approach, cause all the others are forbidden

    and interactive mode, you should create a rule set using automatic decisions, cause all other operations are asked
     
  6. trjam

    trjam Registered Member

    Joined:
    Aug 18, 2006
    Posts:
    9,102
    Location:
    North Carolina USA
    Eset would be wise to contract with Mike Nash on rule creating for its HIPS.
     
  7. dorgane

    dorgane Guest

Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.