Jump to content

Use Of Wildcard Symbol For File Names In A HIPS Rule


Recommended Posts

I know this has been asked before and I thought it was supposed to be incorporated into NOD32 and Smart Security by now?

 

Appears the Endpoint versions support *.exe, etc. in target files and applications HIPS rules. I suspect Eset locked out this feature for the consumer versions. Is there anyway to unlocked this feature perhaps by XML directive command? Or, is it possible to get a copy of the Endpoint .bin file?

Link to comment
Share on other sites

Bump! I really need this feature folks to block crypto malware downloads. I have WIN 7 Home so I can't use SRP.

 

I have created a HIPS rule to prevent startups in susceptible directories but that doesn't protect me against scripts, .scr, and the latest variant payloads, .exx. Also, I am a bit old fashioned in that I believe in that old truism, "An ouch of prevention is worth a pound of cure." Hence, my desire to block target file writes in susceptible directories. And yes, I know what I am doing. All HIPS rules I create like this are "ask" mode. 

Link to comment
Share on other sites

Guest
This topic is now closed to further replies.
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...