NIS2009带有HIPS？

显示全部楼层 · 发表于 2008-9-25 23:00:09

看到高级设置中有这么一些设置，好像都是HIPS的一些方法，见下图，难道NIS2009带有HIPS？不过这部分并不能开启，不知道是什么原因，大家来讨论一下。

显示全部楼层 · 发表于 2008-9-25 23:03:20

自动程序控制关了就可以了。

显示全部楼层 · 发表于 2008-9-25 23:06:52

哦，谢谢LS的，看来我看得不够详细，这个确实是hips模块。

显示全部楼层 · 发表于 2008-9-25 23:26:44

这个功能不错啊

显示全部楼层 · 发表于 2008-9-25 23:31:22

简单的HIPS或者说是高级的间谍软件防护。。。

显示全部楼层 · 发表于 2008-9-26 00:32:59

可惜我不回用

显示全部楼层 · 发表于 2008-9-26 01:03:23

看上去好像是一个比较简单的Hips。

显示全部楼层 · 发表于 2008-9-26 06:26:03

事实是NIS2009的HIPS在SONAR里面，高度自动智能化~~~[:26:][:26:][:26:]

官方人员解答关于09产品的HIPS：
I work on the team that builds the Behavioral Detection engines and HIPS is a big part of that.

Simply put, HIPS (Host-based Intrusion Prevention System) engines monitor all applications running on the machine for suspicious behaviors. Some examples of suspicious behaviors are "Writing to the run key", "Registering a BHO",
"Modifying the etc/hosts files" etc. Most HIPS products will simply popup an alert telling the user that "application XYZ is writing to the RUN key. Allow or Block ?" The user then makes a decision and as you can imagine, more users aren't in a position to make this decision correctly.

NIS2009 has a smart HIPS technology where it will look at all the behaviors of the applications and run certain heuristics on the application to determine if its a good application or a malicious application. If found to be malicious, it will automatically remove the application from the machine without prompting the user with these difficult-to-answer questions. This technology is called SONAR.

Hope this helps.

Shane.

显示全部楼层 · 发表于 2008-9-26 06:30:56

SONAR不是诺顿360的启发么？

显示全部楼层 · 发表于 2008-9-26 06:50:32

我以前没发现咯。

[讨论] NIS2009带有HIPS？

本帖子中包含更多资源

回复 8楼 MINGLIHE 的帖子