HIPS and Firewall Modes

Discussion in 'ESET Smart Security' started by mzbcracker, Oct 6, 2012.

Thread Status:
Not open for further replies.
  1. mzbcracker

    mzbcracker Registered Member

    Joined:
    Apr 30, 2011
    Posts:
    13
    hi.i use ESET Smart Security 5 Trial.i used to use McAfee and Kaspersky.now i want to shift to ESET Smart Security 5.and i have some questions:
    1-how to make NOD32 to notify me when a new program connects to web.i've seen this feature in avast.i want nod32 Firewall to give me an alert when a program automatically connects to web for the first time.
    2-in firewall modes there is a mode names "Automatic modes with exceptions".and in its descriptions it's what we can see: the picture is attached
    my question is that does this mode block unsolicited incomming connections to firewall like automatic mode?? because i have not seen anything about blocking such unsolicited incomming connections in description.
    3-in HIPS settings it is set to "Automatic with rules".in help i found this : "Operations are enabled, except pre-defined rules that protect your system".what does it mean??what kind of operations are enabled??does it mean that HIPS allows anything except what we have Ruled??
    4-can NOD32 Detect injected files like illegal dll files that are injected to explorer.exe. or viruses that run in explorer.exe ?? and if yes where are settings? and if it's HIP that detect these files do i need to do something to activate that or change the Automatic HIP settings??
     

    Attached Files:

    • 1.png
      1.png
      File size:
      5.7 KB
      Views:
      245
  2. mzbcracker

    mzbcracker Registered Member

    Joined:
    Apr 30, 2011
    Posts:
    13
    hi.i have a trial nod.i want to decide to buy it.can you please guide me??
    those issues are very important for me.can anybody help??
     
  3. mzbcracker

    mzbcracker Registered Member

    Joined:
    Apr 30, 2011
    Posts:
    13
    if there isn't such feature in nod32 please tell me.i'm deciding to choose an antivirus.if there's no such option i wanna swtich to another av.please answer me.
     
  4. Marcos

    Marcos Eset Staff Account

    Joined:
    Nov 22, 2002
    Posts:
    14,374
    1, switch the firewall to interactive mode. When a communication for which no rule is defined is detected, you will be prompted for an action, with options to create a tempory or permanent rule for the communication (the rule can be customized to your likings).
    2, "Automatic mode with exceptions" works the same way as "Automatic mode", ie. it will allow all outgoing communication and block all non-initiated incoming communication unless an exception is made via a rule.
    3, it means that HIPS will allow all operations except those that are suspicious and might negatively affect your system protection.
    4, malicious dlls injected in running processes should be detected like any other malware, ie. by real-time protection, on-demand or startup scanners. It's also possible to create a HIPS rule that will notify you or prompt for an action upon injection attempt.
     
Thread Status:
Not open for further replies.