Author Topic: ReHIPS and Shadow Defender  (Read 189 times)

Stephen

  • Jr. Member
  • **
  • Posts: 71
ReHIPS and Shadow Defender
« on: August 07, 2020, 09:17:04 am »
Has anybody tried this a combination of ReHIPS and Shadow Defender?

Are there any benefits or disadvantages? Does the PC performance suffer from such an arrangement?

Please note that I have no experience with Shadow Defender, but I have always been curious about how it works and I didn't find any recent discussion in the forum.

fixer

  • Administrator
  • Hero Member
  • *****
  • Posts: 1524
Re: ReHIPS and Shadow Defender
« Reply #1 on: September 08, 2020, 08:22:34 am »
I took a look at Shadow Defender some time ago. Well it was pretty a long ago, so something (or a lot) changed. It uses some kind of shadowing and then reverts changes back. Implemented most likely as a filesystem filter driver and snapshooting (snapshotting?). It may be convenient, but I'm not sure about security. Confidentiality? They don't try to protect it, you can send all the data outside. Integrity? Questionable. I didn't see it trying to block driver loading and it levels the field making their driver useless. With the same level of access you can always circumvent it.

On the other hand, I didn't notice any ReHIPS incompatibilities. Though I don't see any advantages either from security point of view.
« Last Edit: September 08, 2020, 11:45:44 pm by fixer »

Stephen

  • Jr. Member
  • **
  • Posts: 71
Re: ReHIPS and Shadow Defender
« Reply #2 on: September 08, 2020, 03:47:18 pm »
Thank you. I may try testing it for a bit if I get bored!  :D