Set up HIPS for Maximum Security and Usability
The Host Intrusion Prevention System (HIPS) provides maximum security from malicious programs that try to execute on your system, protecting you from data theft, computer crashes and system damage. It prevents buffer overflow attacks, root-kits, inter-process memory injections, key-loggers and more.
Configure HIPS
- Click 'Settings' on the CIS home screen
- Click 'HIPS' > 'HIPS Settings'
- Select 'Enable HIPS'
Monitoring Settings
- Click 'Monitoring Settings' from the 'HIPS Settings' interface
- Make sure that all the check boxes are selected and click 'OK'
Advanced Settings
- Make the following settings under 'Advanced' in the HIPS Settings interface
- Enable adaptive mode under low system resources. Very rarely (and only in a heavily loaded system), low memory conditions might cause certain CIS functions to fail. Enable this option to instruct CIS to locate and utilize memory using adaptive techniques so that it can complete its pending tasks. However, enabling this option may reduce performance in even lightly loaded systems. (Optional)
- Block all unknown requests if the application is not running. Prohibits execution of unrecognized applications, even if CIS is not running/has been shut down. This is option is very strict indeed and in most cases should only be enabled on seriously infested or compromised machines while the user is working to resolve these issues. If you know your machine is already 'clean' and are looking just to enable the highest CIS security settings then it is OK to leave this box unchecked.