Advice Request OSArmor and Exe Radar Pro -- temporary alternative?

Please provide comments and solutions that are helpful to the author of this topic.

Status
Not open for further replies.
shmu26

shmu26

Level 85
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Jul 3, 2015
8,153
Eddie Morra said:
1. COMODO and Kaspersky
2. Sandboxie
3. ReHIPS

1 - hardware-assisted and software-assisted virtualization.
2 - software-assisted virtualization.
3 - not really virtualization like 2 and definitely not 1.

Is this correct? :)
Click to expand...
It sounds correct to me. Let's hear what others say.
Practically speaking, the way Sandboxie does it, they often need to issue a new build when Windows updates, or when software updates. With ReHIPS, the updates usually do not cause breakage.
 
  • Like
Reactions: Eddie Morra
Moonhorse

Moonhorse

Level 38
Verified
Top Poster
Content Creator
Well-known
May 29, 2018
2,728
shmu26 said:
isolating your browser should not cause any problems, unless it puts you over the 10 isolated process limit on the demo version.

If I was you, I would first run ReHIPS in Standard mode, and get used to it, before enabling expert mode.
Click to expand...
Well the firefox were working fine, but i had too many chrome processes opened and it couldnt isolate chrome, wich caused some extensions to cut off. Learning mode seems nice, OSA probably easier to set up for noob like me. And OSA was pretty fast fixed for 1809 too,

Any other alternatives beside OSA, Re:hips
 
  • Like
Reactions: harlan4096 and shmu26
shmu26

shmu26

Level 85
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Jul 3, 2015
8,153
Moonhorse said:
Well the firefox were working fine, but i had too many chrome processes opened and it couldnt isolate chrome, wich caused some extensions to cut off.
Click to expand...
Yes, that happens with Chrome, in the demo version. There's not much you can do about that.
I have a beta license, but even so, I don't always isolate Chrome, because I think Chrome is secure enough, especially when I have ReHIPS monitoring vulnerable processes. So I would say, just un-isolate Chrome, and set it to inspect child processes.

As for other alternatives, why not try SRP? You can set it up default/allow, if you wish, and still block dozens and dozens of vulnerable processes (in SRP they are called "sponsors").
 
  • Like
Reactions: harlan4096 and Moonhorse
shmu26

shmu26

Level 85
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Jul 3, 2015
8,153
shmu26 said:
If anyone is having issues with these NVT products on Windows 10 1809, and is looking for a temporary alternative, you might want to check out ReHIPS 2.4, free version.
ReHIPS
There are no reported issues on Win 10 1809, and the FREE version -- AKA "demo" version -- will do a lot of the things that OSA and ERP do. (The only limitation of the demo version is how many isolated processes you can run in the same session.)
Hey, guys, I am not implying that ReHIPS is a bona fide replacement for your favorite NVT product, because that would be comparing apples to oranges. I am just saying that you can get much of the same protection, that's all...

Tip: If you use the free version, and you want your multi-process browser (Chrome, Firefox, etc) to work normally, you should set the main executables (the ones that are isolated by default) to these settings:

View attachment 199155

You can further tweak the browser protection, even on the free version, but that is beyond the scope of this post.
Click to expand...
If anyone out there is using ReHIPS demo version as an anti-exe, there are a couple rules you might want to tighten up:
Powershell_ISE
Bitsadmin

For both of them, change the rule to "Can Execute Sub-Programs: Alert".

You will find two of each, for every real user. Set them all to "Alert".
But I don''t do this for the rules in SYSTEM. It is recommended not to mess with SYSTEM rules.

If anyone has other suggestions for tightening up the ReHIPS default rules, please post.
 
  • Like
Reactions: silversurfer, harlan4096 and Gandalf_The_Grey
Status
Not open for further replies.

Similar threads

lokamoka820
    • Like
    • Hundred Points
    • Wow
New Update Windows 11 24H2: Cleanup is no longer deleting all temporary files
Replies
9
Views
478
Windows 11
pxxb1
P
Gandalf_The_Grey
    • Applause
    • Like
    • Thanks
New Update iPadOS 18 to Enable Alternative App Stores and Browser Engines in the EU
Replies
0
Views
217
macOS, iOS & iPadOS
Gandalf_The_Grey
Gandalf_The_Grey
Amnesia
    • Like
Advice Request Decade old Firewall hardware, a huge security risk or beneficial under the right usage?
Replies
9
Views
343
General Security Discussions
simmerskool
simmerskool

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top