Creating rules for blocked, but safe, applications is not user friendly: The rules creation wizard is buried in Settings There is no ability to allow an application from inside a block alert There is no ability to access the rules interface from inside the log (like NVT ERP) There is no Training Mode When run most recent beta, Isolation Mode blocked a whole bunch of system files and made system inoperable. In the end, I had to reset PC !
With ReHIPS 2.1.0 Beta we give a link to the FAQ. See question 10 there. 10. Sometimes I download files using a browser. Can I do it in a sandbox? Answer: Yes, you can. But please note that for your safety ReHIPS redirects file saving from the corresponding folder of the current user to a similar directory in the sandbox. For the same reason you cannot open these documents directly from the browser while working in a sandbox, For your convenience we recommend you reconfigure the folder in which files downloaded from the Internet by your browser are stored by default. When installing, ReHIPS creates a similarly named folder in the root directory. Usually, it has the full path C:\ReHIPS. This folder contains a subfolder Browser, which is specifically designed and adjusted for you to be able to save the downloaded documents and then easily find them. Reconfigure the folder for (by default) downloading in your browser on your C:\ReHIPS \ Browser and download the documents there. If you do not like the path C: \ ReHIPS \ Browser, you can create your own folder outside your user directory, set the path to it in your browser settings and configure it to allow access to this folder in the advanced settings of the ReHIPS isolated environment for your browser. Please note that the folder C:\ReHIPS\Browser is configured in such a way that programs running in the other sandboxes (for example, Acrobat Reader) have no access to it. This is done for security purposes (you can reconfigure this in the ReHIPS advanced settings, but we highly recommend not doing this because in this case it will violate the principles of isolation and the risk of your computer’s getting an infection seriously increases). Let’s assume you want to edit a document in the Browser folder using Microsoft Word which will be running in the sandbox. For operations with Microsoft Word documents when installing ReHIPS, a folder has been created which by default has the path: C:\ReHIPS\WinWord. Copy the document from the Browser folder into the WinWord folder and you will be able to work with it using Microsoft Word. Please bear in mind that the folders Browser, WinWord, Videos, etc. are considered to be operating folders for the corresponding isolated folders. i.e. Microsoft Word running in the sandbox can freely overwrite files in WinWord folder. Therefore, we do not recommend that you store all your documents in this folder. We recommend that you keep in the WinWord folder only those documents that you are working with at that time. Do you have official Windows build by Microsoft or some repack? All ReHIPS files are digitally signed with Microsoft Authenticode certificate and this situation seems to be very strange... One of our beta-testers has encountered it only once on some pirated Windows build. We don't know what was broken there. We had no problems with official windows builds ... Could you give us more information about environment you launch ReHIPS in? (Windows version, installed software, installed AV-software etc). Did you try to disable protection in the Main window or disable isolation mode? Enabling isolation mode is not recommended at first time of usage as it may block some useful software. ReHIPS Control Center should start without any restrictions in isolation mode too, so disable isolation mode if something goes sideways. If something went really wrong and OS became unusable, you can always boot in safe mode and disable ReHIPS Service thus disabling protection.
Ah, I think I get it. BUT, do you see the problem. Look at all you had to write to explain it. Way to complicated, and that will kill off many potential users. You guys are fighting an up hill battle against Sandboxie. Don't create more obstacles. Pete
We think an isolated application must not access the resources of the current User including his Download directory. Otherwise, it's an illusion of isolation. It's more psychological protection than a technical one. If "isolated" browser accesses current User's directory, it can overwrite an information there being compromised by exploit. For example, it can overwrite some executable files, config files etc.That is why we created special directories for isolated applications. Thanks for the feedback.We'll try to make ReHIPS more simple in use.
I agree. With Sandboxie the regular download folder is used, but in the sandbox. But Sandboxie has a very easy way to recover it.
I had this exact same problem. After configuring the software to what I thought would be a good starting point, I rebooted the machine. On login, Cortana was throwing an error telling me I had to sign out; it didn't force me though however. To remedy this I opened task manager and shut down the reHIPS service and client - opened notepad as admin and navigated to reHIPS hard configuration file. I forget what I had changed but I am leaning more toward "protected" mode. I think it was also XML - it's pretty intuitive; if you look for it, you will find it. How ever I found the software to be very confusing, I hope there is some work done on the GUI soon! Thanks! -nola
Hello all! We have grouped the remarks and suggestions from ReHIPS 2.1.0 beta-testers here. Everyone is welcome to discuss them.
You maybe interested link below: http://beta.re-hips.com/index-en.html ReHIPS 2.1.0 vs Ransomware (Enable subtitles) https://www.youtube.com/watch?v=KHzDXefMYR8
Salutations/Greetings! https://re-hips.com/en/news#news27 Click on more and watch the video! Feedback and comments on the above video?
i'm beta-tester for it, less complex that it looks like and at least it only relies on Windows mechanisms. the software is young but solid, just need to be more usable. it is a mix between an HIPS and a sandboxing software.
It can't be as easy as SD or Sbie , since it has an HIPS but we test it hard to give usability suggestions to the devs; and unlike some other vendors they really implement them, we saw our past suggestions become live in the current beta release.
Indeed , you have to wait a public (maybe beta) release. I will keep the members informed if something is released. They are actually working on usability. The security aspect seems to be ok at the moment. ReHIPS is heavily oriented on security , so the usability aspect is less prominent; it is why we work hard to give suggestions to make it user-friendly. We, closed-testers, are used to HIPS, sandboxes, and can give valuable infos to increase usability. But keep in mind that it is an HIPS using isolation techniques that doesn't requires kernel hooks, so it has to work in a certain way that have to reduce some usability to be fully efficient. However it can be used without the HIPS features , just the isolation. It is at the moment, i think, the modern successor of Geswall.
hi but it 100% free , because can't find a purchase page thanks there is a video ReHIPS 2.1.0 vs Ransomware ,it's interesting
i guess at the moment it is a free demo (with limited number of isolated programs) until the new version will be publicly released. I like the concept anyway, when fully operational , i can discard one or two products im currently using.
I downloaded the 2.1.0 beta from a Russian forum... When installed, it offers to upgrade to the final release, which can be had for $15.00 via Paypal. Full version has tech support and free updates are available for a year from purchase of a license. The beta only whitelists 10 programs - complete whitelisting is available in the full version. Its really an HIPS/anti-executable and easily configurable. Programs can be set up at first run to either run in a sandbox or in the Windows environment. Its a small useful HIPS and one can stop malware by simply blocking an unknown process from running.
The free beta is simple and stable. With its limited features, its powerful enough for home users. It will alert the user to any process running with an alert and the user can decide whether to deny or to allow it to run. There are three settings: expert, recommended and light. It can also be disabled in case of problems. Default is recommended and the software runs as a Windows service. Like a classical HIPS, it will show pop-ups as much as necessary. A good replacement for OA - which for now is still being updated on Windows 7. Commercial enterprises undoubtedly will cough up the $15.00 for more comprehensive protection.
