Alcyon's EQS RuleSets

Well deserved.

I'm already sort of doing that lately myself. Have to give my machine and me some time to come up for air once in a while. LoL

You definitely increased the value of this HIPS several-fold when you contributed those rules for users of it.

Brilliant Job!

 

Yeah some fresh air oversea in my case I don,t know exactly where yet.

 

@Alcyon

Under the BlackList Rules in the Application Protection settings, while experimenting, can you explain if this section is of the lowest priority or reason why whenever i endeavor to checkmark to activate any of these blacklists, you can still execute them anyway, but with a RED warning message every time. Some screenshots for you to better detail what is showing. Is this normal activity and why the indications? Only on Application Protection BlackLists does this exhibit in this manner.

Thanks EASTER

 

EASTER,

I'm still unable to reproduce the problem, even if i set the specific rules you've shown to "prompt and block" and activate their MD5 checkup. Once enabled, the nomal behavior of "block cmd.exe" and "block regedit.exe" is no prompts at all and even if you modify those rules, you should not always have these red MD5 modification messages. There's something wrong on your side but I can't tell exactly what yet.

Btw, there's a translation error in eqs and the blacklist section should instead be called "high-priority rules" as you can put whitelist & blacklist rules.

 

Good enough Alcyon, and thanks for your reply. I'll investigate THIS as time permits although this particular occurance in no way inhibits the OVERALL protections of EQS in any way, still is Rock Solid!!

I suspect theres a mismatch of not your rules but of versions i;m using since i'm using several releases on different machines.

Keep up the amazing effort and spring anything new again on us EQS loyals as you find them useful.

EASTER

 

There's nothing much left to do with v3.41... Perhaps an English pdf guide!

I've started a new project with Magic Shield (v4 Beta3) but I don't know when it'll be ready.

 

Good news, my English translation of EQSecure v4 Beta3 is almost done (with no Chinese characters left ).

Just to make everybody salivate a little:

 

P.E.R.F.E.C.T.

This HIPS wouldn't be the same without your ambitious efforts time and again. Looking forward to it.

Thanks Alcyon

EASTER

 

A VERY BIG THANK YOU to Alcyon. Thanks to your efforts, EQSecure and Returnil are the only security apps installed on my nLited XP machine. It runs lightning quick and very secure.

 

Same here, plus it'll be nice to finally have a full englich version minus the squares in the sandbox configs. Never been able to shake off those boxes or have the time to dissect the .xml's enough to rid this fabulous HIPS of these distortions.

I have however managed to dress up a lot of the alert information and double check and correct some things when they were not in sync where they needed to be.

It's still been worth all the effort to go over this HIPS and custom configure it to taste. Alcyon's rules need no adjustments IMO, just a matter of which ones to apply and fit rules to suit areas of additional LOCKDOWNS.

Gotta luv that blacklist, a better SRP then windows own one which i found bugs in. Not EQS however. Works like a charm.

@Alcyon, be sure to throw us a nice surprise along the way again. You seem to have that uncanny knack. LoL

EASTER

 

Something strange happened while translating so please be patient. It'll take more time than I thought. Btw, as English isn't my native language, I'll need help for the final touch. Please give me one more week.

 

Take the time you think is needed Alcyon.

Shoot, a week is but a moment in time around here anyway.

Best of luck,

EASTER