ReHIPS

Discussion in 'sandboxing & virtualization' started by MrBrian, May 24, 2014.

  1. imuade

    imuade Registered Member

    Joined:
    Aug 4, 2016
    Posts:
    668
    Location:
    Italy
    Thanks for the clarification :)
    I'm much more convinced that this process filtering is the real strength of ReHIPS, the isolation feature is a great add-on in case of doubts.
    I'll definitely try this configuration when I have time (well, when my wife gives me time :p ):
     
  2. shmu26

    shmu26 Registered Member

    Joined:
    Jul 9, 2015
    Posts:
    1,117
    ReHIPS is not over-the-top paranoid about scripts, vulnerable processes, etc. It's not as paranoid as all those advanced settings in OSArmor, or the full Excubits list. It is rather designed on the assumption that the user will isolate commonly abused applications, and it has rules that are strict enough to keep everything else safe.
     
  3. reasonablePrivacy

    reasonablePrivacy Registered Member

    Joined:
    Oct 7, 2017
    Posts:
    662
    Location:
    Member state of European Union
    It also does not install dirty kernel hooks, so it should not decrease stability of a system. It's especially important with nowadays Windows as a service/rolling-release model.
    It is also not cloud-connected, so it should respect your privacy.
     
  4. shmu26

    shmu26 Registered Member

    Joined:
    Jul 9, 2015
    Posts:
    1,117
    Right, it is compatible with Core Isolation, due to your first point, and it is completely independent of internet connection, due to your second point. It doesn't check your licence by internet every X number of days, or anything else.
     
  5. ReHIPS

    ReHIPS Developer

    Joined:
    Aug 29, 2014
    Posts:
    37
    Location:
    Europe
    Hello everyone.
    We recently made some ReHIPS benchmarking and reviewed requirements. May be interesting to know.

    Let's take a look at ReHIPS system requirements and then move to performance to find out how fast it can be. Keep in mind that all these numbers are approximate due to the volatile nature of measured properties. They were taken for the latest stable release ReHIPS 2.4.0 unless explicitly stated otherwise running on Windows 10 x86 version 10.0.17134.1 in a virtual machine.

    At first disk space requirements:
    -installer file is about 35Mb; it includes both x86 and x64 builds;
    -installed ReHIPS occupies about 65Mb of disk space, most of which (~90%) are standard runtime libraries; so the ReHIPS code itself is about 6Mb.

    Let's move to network requirements and usage for ReHIPS Corporate Edition which is able to operate remotely via network:
    -it can satisfiably work with 64 kbit/s network connection with 15% packets loss; it generates for about 400-600Kb of traffic per hour.

    Now let's take a look at RAM memory usage:
    -ReHIPS usually has 3 processes running: Service, Agent and Control Center that use around 4Mb, 1Mb and 22Mb of RAM respectively; so it roughly uses 27Mb of RAM; it can also operate in so-called "headless mode" with no Control Center running, in this case 5Mb of RAM is used.

    And last, but not least, some performance numbers.
    There is an internal benchmark.exe that simply starts 100 instances of itself and tells how much time it took. Some numbers for the latest stable release ReHIPS 2.4.0:
    100-300ms - no ReHIPS at all;
    1000-1100ms - Disabled ReHIPS, no Control Center running;
    1500-1600ms - Expert+Lock-Down Mode, no Control Center running;
    2600-2700ms - Expert Mode with Control Center running.

    And now some numbers for the latest unreleased yet ReHIPS 2.5.0 alpha.
    Expert Mode with Control Center running, process itself allowed, parenting is allowed with children inspection, all entries are in permanent database. It basically means all checks are made by maximum and nothing is skipped.
    1500-1600ms - with 1 processor.
    800-900ms - with 2 processors.
    700-800ms - with 2 processors, 2 cores each=4 cores.
    It means that Windows starts a process in ~2ms and ReHIPS does a full and complete check in ~8ms.

    Can your security solution beat these numbers?

    Best Regards, fixer.
     
  6. Mr.X

    Mr.X Registered Member

    Joined:
    Aug 10, 2013
    Posts:
    3,442
    Location:
    Mexico
    Thank you very much for such efforts @ReHIPS
     
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.