- May 9, 2019
- 314
It's not surprising to get an alert like that, because ReHIPS does things that are unexpected and unusual. Its mechanisms are unique.yeah it was released a week a go, tried this program seemed ok but, got this on my pc from MBAE after View attachment 267739
ReHIPS is not malicious. But I can't tell from your screenshot whether ReHIPS triggered that alert or not.but is it a malicious thing or not
2 Permissive mode means by definition that it only applies rules in the data base, and does not monitor unknown processes. It would be ideal for someone who runs, let's say, Voodooshield, but she wants her browser and Office apps to run in isolation. With permissive mode, VS will take care of the unknowns, and RH will take care of the isolation.Although I dislike HIPS in general for various uninteresting reasons, I was curious if ReHIPS would change my mind in any way, so being a lonely person in a confusing world with time on her hands please allow a quickie critique:
ReHIPS is somewhat typical of the breed in that there are a number of security levels that can be chosen. The Learning mode is of obvious utility but one must be sure that during the extended learning process one should not even attempt to run an unknown application (which would defeat the point of this level).
The other available security levels (Permissive, Standard, Expert) are all what one would expect from a HIPS application. In order to test, on a Win 11 system with Defender disabled I proceeded to run a number of malicious files: a vbs worm, a script that shuts dwon windows firewall a python keylogger, Gryphon ransomware, and a java coded pony ransomware. For controls, I had installed Sophos Scan&Clean, and HiBit uninstaller. The results were as follows:
1). Expert Mode- as can be expected this is almost identical to a lockdown mode where every of the above test files were stopped prior to execution with an alert box asking the user how to proceed. This is fairly pointless as the ultimate purpose of a security application is to prevent malicious processes from occurring and not just throwing up its hands and essentially saying "maybe, maybe not...". In short, a setting that prevents everything prevents nothing.
2). Permissive mode- Indeed it was! Although allowing all of the legitimate applications, it also allowed all of the malicious stuff. As pointless as Expert mode, but far more dangerous.
3). Standard mode- This should be the sweet spot! Not too hot, not not too cold. Sadly this was not the case as the findings were identical to Expert mode (ask for everything) except Pony which happily trashed all the Documents and Photos available to trash.
So to sum up. if one wants to be confused and annoyed ReHIPS is your ticket. If you actually want system protection without the burden of guessing one should seek elsewhere for that answer.
It is not good at uninstalling itself, if you have other security products running. In such a case, you will need to do some manual deletion in the Users folder.ReHIPS is not a good product.
Make a good backup before installing it.
Pony had no issues al all (which actually was expected).n standard mode there won't be any Documents or Photos available for trashing
I am sure it didn't! But the brilliance -- or idiocy, depending on how you look at it -- of ReHIPS is the concept of separate user accounts for each isolated app.Pony had no issues al all (which actually was expected).
Right. Exactly my point. You have the "pony" file on your real desktop, in real user space.
I am trying out the new version, and so far it seems to be the best one yet. It is running surprisingly smoothly.
Although I dislike HIPS in general for various uninteresting reasons, I was curious if ReHIPS would change my mind in any way, so being a lonely person in a confusing world with time on her hands please allow a quickie critique:
ReHIPS is somewhat typical of the breed in that there are a number of security levels that can be chosen. The Learning mode is of obvious utility but one must be sure that during the extended learning process one should not even attempt to run an unknown application (which would defeat the point of this level).
The other available security levels (Permissive, Standard, Expert) are all what one would expect from a HIPS application. In order to test, on a Win 11 system with Defender disabled I proceeded to run a number of malicious files: a vbs worm, a script that shuts dwon windows firewall a python keylogger, Gryphon ransomware, and a java coded pony ransomware. For controls, I had installed Sophos Scan&Clean, and HiBit uninstaller. The results were as follows:
1). Expert Mode- as can be expected this is almost identical to a lockdown mode where every of the above test files were stopped prior to execution with an alert box asking the user how to proceed. This is fairly pointless as the ultimate purpose of a security application is to prevent malicious processes from occurring and not just throwing up its hands and essentially saying "maybe, maybe not...". In short, a setting that prevents everything prevents nothing.
2). Permissive mode- Indeed it was! Although allowing all of the legitimate applications, it also allowed all of the malicious stuff. As pointless as Expert mode, but far more dangerous.
3). Standard mode- This should be the sweet spot! Not too hot, not not too cold. Sadly this was not the case as the findings were identical to Expert mode (ask for everything) except Pony which happily trashed all the Documents and Photos available to trash.
So to sum up. if one wants to be confused and annoyed ReHIPS is your ticket. If you actually want system protection without the burden of guessing one should seek elsewhere for that answer.