MrZork 1 Posted October 24, 2022 Share Posted October 24, 2022 I plan to use these two modules in interactive mode, creating rules as I go, but I think it may also be useful to have access to any public libraries of rules, if they exist, so I can simplify what I'm trying to do by adding some rules up front (after I review them). In particular, I'd like to lock down Windows 10 as far as possible in a way that allows manually enabling/disabling rules to, for example, allow Windows Update to run. With my current firewall, I prevent svchost.exe from accessing the web with a rule, but I can disable it as needed. Are there any public libraries of ESET Firewall and HIPS rules on this forum or elsewhere? Link to comment Share on other sites More sharing options...
Administrators Marcos 4,714 Posted October 24, 2022 Administrators Share Posted October 24, 2022 You can create extra HIPS rules to improve prevention against ransomware and other script threats, however, the rules may block also execution of legitimate scripts: https://support.eset.com/en/kb6119 Link to comment Share on other sites More sharing options...
MrZork 1 Posted October 24, 2022 Author Share Posted October 24, 2022 I'm aware of how to manually create rules. What I was asking is whether a person or group has posted or published a set of Firewall and/or HIPS rules for built-in Microsoft Windows processes. (The Firewall rules would be the most important.) Presumably, these rules would be in a form that I can import easily. Link to comment Share on other sites More sharing options...
czesetfan 22 Posted October 24, 2022 Share Posted October 24, 2022 For corporate customers, ESET Protect templates are available for download at the link above. For individual customers I assume there is nothing like that. 🥴 Of course unofficial configurations can be tracked down on other forums. But their promotion or support cannot be in line with official company policy. The safest way is therefore to learn and manually create rules for HIPS and Firewall, which are then no problem to transfer to another PC. 👍 Link to comment Share on other sites More sharing options...
MrZork 1 Posted October 25, 2022 Author Share Posted October 25, 2022 (edited) It's not a question of "learning to create rules" - I'm able to create rules for the Firewall and HIPS. The point of of a public library would be document which processes to target, and which associated protocols and IP addresses (for Firewall rules). It seems obvious that any public rule library posted here by users, or elsewhere, unless officially posted by ESET, would be "use at your own risk," but so is most advice from users here. It would save me considerable time, I think, starting from a known list of rules, rather than having to create them, one-by-one, for each Windows process as it attempts to phone home or whatnot. Edited October 25, 2022 by MrZork Link to comment Share on other sites More sharing options...
czesetfan 22 Posted October 26, 2022 Share Posted October 26, 2022 Yes, it would certainly help many to be able to download a pre-build set of rules for HIPS and Firewall. I even read somewhere a request to be able to import the rules for HIPS and Firewall separately, not just as a complete configuration file that changes all ESET settings. Link to comment Share on other sites More sharing options...
Recommended Posts