ReHIPS and Sysnative

Started by HJLBX, March 23, 2016, 11:05:04 PM

Previous topic - Next topic

HJLBX

Have you experienced any problems with ReHIPS and sysnative on 64 bit systems ?

This has been a real problem for some HIPS and HIPS-like programs.  Certain applications and events cannot be properly hooked because of sysnative - service creation for example.

If I recall correctly, ReHIPS does not suffer from this limitation because it does not attempt to monitor them.

Just asking so that I fully understand the upcoming release - and don't create a needless bug report.

ReHIPS uses User-Mode hooking - correct ?

Thanks !

Umbra

#1
no, ReHIPS don't use Hooks , it uses Windows own security mechanisms. it is explained in the extensively detailed brochure. That is why i had interests in ReHIPS

schelkunov

#2
QuoteHave you experienced any problems with ReHIPS and sysnative on 64 bit systems ?
We tested ReHIPS on several Windows versions, including x64. And also tested running applications from sysnative folder. No problems were found.

QuoteReHIPS uses User-Mode hooking - correct ?
ReHIPS doesn't use any hooks to provide security. Instead it uses well-tested, safe and secure Windows built-in access control mechanisms. Some user-mode hooks are indeed used but only for usability purposes and they do not affect security in any way.

HJLBX

Thanks schelkunov.  Thanks Umbra.

HJLBX

Can anyone provide download link to ReHIPS brochure ?

TIA

aDVll


HJLBX