ReHIPS and Shadow Defender

Started by Stephen, August 07, 2020, 09:17:04 AM

Previous topic - Next topic

Stephen

Has anybody tried this a combination of ReHIPS and Shadow Defender?

Are there any benefits or disadvantages? Does the PC performance suffer from such an arrangement?

Please note that I have no experience with Shadow Defender, but I have always been curious about how it works and I didn't find any recent discussion in the forum.

fixer

#1
I took a look at Shadow Defender some time ago. Well it was pretty a long ago, so something (or a lot) changed. It uses some kind of shadowing and then reverts changes back. Implemented most likely as a filesystem filter driver and snapshooting (snapshotting?). It may be convenient, but I'm not sure about security. Confidentiality? They don't try to protect it, you can send all the data outside. Integrity? Questionable. I didn't see it trying to block driver loading and it levels the field making their driver useless. With the same level of access you can always circumvent it.

On the other hand, I didn't notice any ReHIPS incompatibilities. Though I don't see any advantages either from security point of view.

Stephen

Thank you. I may try testing it for a bit if I get bored!  :D