Jump to content
Kaspersky Support Forum

How do I configure HIPS /'Application Control?

Studynx

By Studynx
in Kaspersky Total Security

 Share

Recommended Posts

Studynx

Studynx

Posted
Posted

I have KTS. Premium, license activated. I can't find a HIPS option inside the settings. Also when I go to Application Control I don't see any way to configure it.

 

 

Studynx

Studynx

Posted
  • Author
Posted
20 minutes ago, Berny said:

@Studynx

Please see the comments from @Schulte  in this Topic

But then how do I do what they did in this thread:

 

image.thumb.png.eee3506e8c63bf8935bed5f594d16950.png

Schulte

Schulte

Posted
Posted

Hello @Studynx,

the settings in your screenhot refer to the new product line 'Kaspersky Standard/Plus/Premium'.
They allow a bit more user control, e.g. the automatic mode is disabled by unchecking the 'Perform recommended actions automatically' option. This allows you to extend or restrict the rights of your installed programs.
The same options exist in KTS, just in a different place (unfortunately I don't have KTS installed right now).

But the settings shown in the screenshot have nothing to do with the HIPS per se. This is always active and follows rules set by Kaspersky.
The difference is this: by default KTS decides what to do with a detection, in the other case you have to make the decision yourself.

Studynx

Studynx

Posted
  • Author
Posted
45 minutes ago, Schulte said:

Hello @Studynx,

the settings in your screenhot refer to the new product line 'Kaspersky Standard/Plus/Premium'.
They allow a bit more user control, e.g. the automatic mode is disabled by unchecking the 'Perform recommended actions automatically' option. This allows you to extend or restrict the rights of your installed programs.
The same options exist in KTS, just in a different place (unfortunately I don't have KTS installed right now).

But the settings shown in the screenshot have nothing to do with the HIPS per se. This is always active and follows rules set by Kaspersky.
The difference is this: by default KTS decides what to do with a detection, in the other case you have to make the decision yourself.

Thank you!

 

Can you please explain to me the Low Restricted group in Application Control? The official documentation says:

 

Quote

Applications that do not have a digital signature from a trusted vendor and are not listed in the Kaspersky Lab database of trusted applications. For these applications, there are restrictions on certain operations and user permission is required.

What are these certain operations specifically? 

Schulte

Schulte

Posted
Posted

Hi @Studynx,

to list all the differences of the groups is too long.
Restrictions exist e.g. for file accesses, registry accesses (read/change/create/delete), accesses to drives/network, start of other programs or subprograms...

You can compare it yourself:
open 'Manage applications' and call the settings for the groups with a mouse right click (caution: don't change anything!)

Spoiler

image.png.9dbb296c6c10b29a071a25f7646e1dd5.png

Spoiler

image.png.af70cd78e3e7dbe88020e8e4f9012df2.png

 

  • Like 1
Studynx

Studynx

Posted
  • Author
Posted
19 minutes ago, Schulte said:

Hi @Studynx,

to list all the differences of the groups is too long.
Restrictions exist e.g. for file accesses, registry accesses (read/change/create/delete), accesses to drives/network, start of other programs or subprograms...

You can compare it yourself:
open 'Manage applications' and call the settings for the groups with a mouse right click (caution: don't change anything!)

  Hide contents

image.png.9dbb296c6c10b29a071a25f7646e1dd5.png

  Hide contents

image.png.af70cd78e3e7dbe88020e8e4f9012df2.png

 

What does it mean - just like in your screenshot above - if there's the orange icon (Ask user) but it's not colored instead it's hallowed out? The green hallowed out icon means 'inherited' afaik but what about the same with the orange icon?

Schulte

Schulte

Posted
Posted

Hello @Studynx,

if the icon is displayed pale, it always means inheritance.

In my example, 'Operating system' has the 'Write' option set to 'Ask user'. The 'Startup settings', 'System files',.... inherit this setting. For inheritance it doesn't matter if 'Allow', 'Ask user' or 'Deny' is set, what is set for 'Operating system' applies by default to all options of this group.

However, you can change the rule for the subgroups (or their individual components) from 'Inherit' to 'Allow' or another option.
But this requires more than the basic knowledge, you can use it to make your system not only more secure but also unusable.

  • Like 3
Studynx

Studynx

Posted
  • Author
Posted
56 minutes ago, Schulte said:

Hello @Studynx,

if the icon is displayed pale, it always means inheritance.

In my example, 'Operating system' has the 'Write' option set to 'Ask user'. The 'Startup settings', 'System files',.... inherit this setting. For inheritance it doesn't matter if 'Allow', 'Ask user' or 'Deny' is set, what is set for 'Operating system' applies by default to all options of this group.

However, you can change the rule for the subgroups (or their individual components) from 'Inherit' to 'Allow' or another option.
But this requires more than the basic knowledge, you can use it to make your system not only more secure but also unusable.

It's best to leave everything at the default settings right? The only modification I've done to my KTS is that I set up a password that's required for every modification, eg for uninstalling KTS or making any changes which im not gonna do btw.

This way malware cant get rid of KTS I think, or am I wrong?

  • Like 2
Schulte

Schulte

Posted
Posted

Hi @Studynx,

the default KTS settings are a good balance between security and performance. However, Kaspersky offers experienced users the possibility to make deep changes. If you know exactly what the consequences are, you can turn one or the other adjusting screw for personal needs.

Setting a password is never a wrong thing to do. This way, no other user who has access to your computer can change important AV settings.

However, Kaspersky products also offer excellent self-protection. If this is activated (default setting), malware cannot change settings, parts of the program or the entire installation.

  • Like 1
harlan4096

harlan4096

Posted
Posted
11 hours ago, Studynx said:

But then how do I do what they did in this thread:

 

image.thumb.png.eee3506e8c63bf8935bed5f594d16950.png

I guess that pic was taken from my post at MalwareTips Forum ?

 

You can check also this one ?

  • Like 1
  • Thanks 1
Studynx

Studynx

Posted
  • Author
Posted
1 hour ago, harlan4096 said:

I guess that pic was taken from my post at MalwareTips Forum ?

 

You can check also this one ?

Hello, didn't know you were a mod on here. Thanks for your work, will check out!

  • Haha 1

Please sign in to comment

You will be able to leave a comment after signing in



Sign In Now
 Share
Go to topic listing


×
×
  • Create New...