Set up the HIPS for Maximum Security and Usability
This page explains on configuring the Host Intrusion Prevention System (HIPS) component of CIS to provide maximum security from the malicious programs that try to execute from within your system and to protect your system from data theft, computer crashes and system damage by preventing most types of buffer overflow attacks, prevent possible attacks from root-kits, inter-process memory injections, key-loggers and more.
To configure HIPS
-
Open 'Tasks' interface by clicking the green curved arrow at top right of the 'Home' screen
-
Open 'Advanced Tasks' by clicking ' Advanced Tasks' from the Tasks interface and click 'Open Advanced Settings'.
-
Click 'Security Settings' > 'Defense+ ' > 'HIPS' > 'HIPS Settings' from the left hand side pane
-
Select Enable HIPS
-
Choose 'Safe Mode' from the drop-down below it. Refer to HIPS Settings for more details on the Security Levels.
Monitoring Settings
-
Click 'Monitoring Settings' from the HIPS Settings interface
-
Make sure that all the check boxes are selected and click OK
Advanced Settings
-
Make the following settings under Advanced in the HIPS Settings interface
-
Optional – Enable 'Block all unknown requests if the application is not running'. Selecting this option blocks all unknown execution requests if Comodo Internet Security is not running/has been shut down. This is option is very strict indeed and in most cases should only be enabled on seriously infested or compromised machines while the user is working to resolve these issues. If you know your machine is already ‘clean’ and are looking just to enable the highest CIS security settings then it is OK to leave this box unchecked.
-
If you are using a 64-bit system, in order to maximize the security, it is important to select 'Enable enhanced protection mode (Requires a system restart)' – Enabling this mode will activate additional host intrusion prevention techniques in Defense+ to countermeasure extremely sophisticated malware that tries to bypass regular countermeasures.
Because of limitations in Windows 7 x64, some HIPS functions in previous versions of CIS could theoretically be bypassed by malware. Enhanced Protection Mode implements several patent-pending ways to improve HIPS in Defense+.