Forums
New posts
Search forums
News
Security News
Technology News
Giveaways
Giveaways, Promotions and Contests
Discounts & Deals
Reviews
Users Reviews
Video Reviews
Support
Windows Malware Removal Help & Support
Mac Malware Removal Help & Support
Mobile Malware Removal Help & Support
Blog
Log in
Register
What's new
Search
Search titles only
By:
Search titles only
By:
Reply to thread
Menu
Install the app
Install
JavaScript is disabled. For a better experience, please enable JavaScript in your browser before proceeding.
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an
alternative browser
.
Forums
Software
Security Apps
Other security for Windows, Mac, Linux
ReHIPS 2.6 is out
Message
<blockquote data-quote="cruelsister" data-source="post: 994750" data-attributes="member: 7463"><p>Although I dislike HIPS in general for various uninteresting reasons, I was curious if ReHIPS would change my mind in any way, so being a lonely person in a confusing world with time on her hands please allow a quickie critique:</p><p></p><p>ReHIPS is somewhat typical of the breed in that there are a number of security levels that can be chosen. The Learning mode is of obvious utility but one must be sure that during the extended learning process one should not even attempt to run an unknown application (which would defeat the point of this level).</p><p></p><p>The other available security levels (Permissive, Standard, Expert) are all what one would expect from a HIPS application. In order to test, on a Win 11 system with Defender disabled I proceeded to run a number of malicious files: a vbs worm, a script that shuts dwon windows firewall a python keylogger, Gryphon ransomware, and a java coded pony ransomware. For controls, I had installed Sophos Scan&Clean, and HiBit uninstaller. The results were as follows:</p><p></p><p>1). Expert Mode- as can be expected this is almost identical to a lockdown mode where every of the above test files were stopped prior to execution with an alert box asking the user how to proceed. This is fairly pointless as the ultimate purpose of a security application is to prevent malicious processes from occurring and not just throwing up its hands and essentially saying "maybe, maybe not...". In short, a setting that prevents everything prevents nothing.</p><p></p><p>2). Permissive mode- Indeed it was! Although allowing all of the legitimate applications, it also allowed all of the malicious stuff. As pointless as Expert mode, but far more dangerous.</p><p></p><p>3). Standard mode- This should be the sweet spot! Not too hot, not not too cold. Sadly this was not the case as the findings were identical to Expert mode (ask for everything) except Pony which happily trashed all the Documents and Photos available to trash.</p><p></p><p>So to sum up. if one wants to be confused and annoyed ReHIPS is your ticket. If you actually want system protection without the burden of guessing one should seek elsewhere for that answer.</p></blockquote><p></p>
[QUOTE="cruelsister, post: 994750, member: 7463"] Although I dislike HIPS in general for various uninteresting reasons, I was curious if ReHIPS would change my mind in any way, so being a lonely person in a confusing world with time on her hands please allow a quickie critique: ReHIPS is somewhat typical of the breed in that there are a number of security levels that can be chosen. The Learning mode is of obvious utility but one must be sure that during the extended learning process one should not even attempt to run an unknown application (which would defeat the point of this level). The other available security levels (Permissive, Standard, Expert) are all what one would expect from a HIPS application. In order to test, on a Win 11 system with Defender disabled I proceeded to run a number of malicious files: a vbs worm, a script that shuts dwon windows firewall a python keylogger, Gryphon ransomware, and a java coded pony ransomware. For controls, I had installed Sophos Scan&Clean, and HiBit uninstaller. The results were as follows: 1). Expert Mode- as can be expected this is almost identical to a lockdown mode where every of the above test files were stopped prior to execution with an alert box asking the user how to proceed. This is fairly pointless as the ultimate purpose of a security application is to prevent malicious processes from occurring and not just throwing up its hands and essentially saying "maybe, maybe not...". In short, a setting that prevents everything prevents nothing. 2). Permissive mode- Indeed it was! Although allowing all of the legitimate applications, it also allowed all of the malicious stuff. As pointless as Expert mode, but far more dangerous. 3). Standard mode- This should be the sweet spot! Not too hot, not not too cold. Sadly this was not the case as the findings were identical to Expert mode (ask for everything) except Pony which happily trashed all the Documents and Photos available to trash. So to sum up. if one wants to be confused and annoyed ReHIPS is your ticket. If you actually want system protection without the burden of guessing one should seek elsewhere for that answer. [/QUOTE]
Insert quotes…
Verification
Post reply
Top