How do you use the HIPS?

[pain of salvation 0]

How is the best way to use the HIPS feature for a better protection? Should I run it in learning mode for a few days and than change it to interactive mode (I'm sure my system is clean)? Does it makes NOD32 slower?

[marty_c 30]

Hi,

 

Here is some more information about HIPS, courtesy of the KB:

 

What is HIPS (Host-based Intrusion Prevention System) 

 

HIPS - Advanced setup

[Janus 210]

Hello , just some thoughts from me :-))

 

 

Don't know how familiar you are with HIPS, (host intrusion prevention system)?

but last time I tried Eset's HIPS system (just out of curiosity) in learning mode for 14 days. But still after 14 days, I were  bombarded with a storm of notifications. It went on for a couple of days, and in the end, I lay down flat on the floor, totally demoralized. Eset's HIPS system is for me only done to strengthen its self defense. I have also created my own rules, but I have to say , for a not so IT savvy, it can be a very steep learning curve. If I may come with a suggestion, and I know that this is probably not what you want to hear. Then I think that Eset's Hips is probably best left as it is in default mode. If you really want to strengthen your system, then focus more on image backup. I think your time will be better spent on this area.

 

 

 

Regards, Janus

Edited May 23, 2013 by Janus

[Marcos 5,071]

I'd suggest leaving HIPS mode in automatic mode. If you are computer savvy, you can define your own rules, e.g. make HIPS prompt you for an action when an application attempts to write to a run key. For instance, I use a rule to ask me before running an application for which no rule has been created yet.

[paulposition 2]

Hello, Personally, I disable the HIPS NOD32, to avoid the conflict with that of my firewall, Outpost Firewall Pro.