How put Outpost HIPS to work like a BB?

Discussion in 'other anti-malware software' started by s23, Jun 29, 2009.

Thread Status:
Not open for further replies.
  1. s23

    s23 Registered Member

    Joined:
    Feb 22, 2009
    Posts:
    263
    hey guys

    Need some opinions/points about the possibility of make this. In a first moment, i selected only some things that i think is more important. I selected the Low-level network access and network-enabled application launch options because the possibility of some pdf/word link launch something to access internet and the component control at max because in this way it alert about new dlls in process(like svchost.exe) and new/changed executables lauch. You guys have recomendation? This will make a decent work in protect the system?

    Thx in advance.
     

    Attached Files:

    • 1.jpg
      1.jpg
      File size:
      44.2 KB
      Views:
      209
    • 2.jpg
      2.jpg
      File size:
      35.9 KB
      Views:
      210
    • 3.jpg
      3.jpg
      File size:
      45 KB
      Views:
      211
  2. m00nbl00d

    m00nbl00d Registered Member

    Joined:
    Jan 4, 2009
    Posts:
    6,623
    If you want it to be more like a behavior blocker, then I'd set it to it's maximum settings, and then set it to automatically create rules for well known and digitally signed applications. Leaving only room for unknown processes alerts.

    Others may give their suggestions. Then, make your choice based on them.


    Regards


    P.S: I suggested what I suggested, because otherwise just leave it to alert you for everything. If you're saying that you want it to behave like a behavior blocker, then in my honest opinion, it would be the best thing to do. At least, is my way of seeing it.

    Cheers
     
  3. s23

    s23 Registered Member

    Joined:
    Feb 22, 2009
    Posts:
    263
    I see your point. Before create this topic, I tried disable the automatic rule creation and create my owns, and this make the system work slowly, mainly the system start. I tried too put it to create automatic rules and after some time i changed some application rules (only network rules-not changed any HIPS rule) and erased some network rules from explorer.exe, winlogon.exe and one or other process and after restart the system not work anymore (what is a very strange thing - What network rules have to do with this? i'm not in a LAN... so I erased pointless network rules and HTTP rules ). So i decided switch off part of the HIPS (turning it to behave like a BB - only warning to important things) and add Geswall or Defensewall maybe to be the main HIPS. For now i'm trialing various apps until find a good combination.
     
Loading...
Thread Status:
Not open for further replies.