Do these configs differ in their default settings for HIPS and for Advanced Protection/Miscellaneous?
Okay, so Proactive mode turns on the “Enable enhanced protection mode” setting in HIPS.
Anything else?
“Protected Files” lists in addition :
- <FileGroup Name=“Windows Sockets Interface” UID=“{669FE316-BF72-4681-B45F-3DE490DD0AF9}”>
- <File DeviceName=“Executables” Flags=“1” UID=“{E6201B13-63A6-467A-99FC-75E2B5D01C66}”/>
“Pseudo COM Interfaces - Privileges” group lists in addition :
“Pseudo COM Interfaces - Important Ports” group lists in addition :
“%windir%\explorer.exe” is treated as Allowed Application.
Hope it helps.
great!
And now for another convoluted question: what happens if I install CFW, leave it in Firewall config, and then import my old settings, saved in a .cfgx file, which are from Proactive config?
Do I end up with Firewall, Proactive, or a mixed salad?
That’s what I did last time, but now, after reading your answer, I think it would be wiser to first switch to Proactive config, before importing my old settings. There is a lot going on under the hood in the HIPS department, so why mess with it?
Whenever you import a configuration you will asked to give it a name and if the same name already exists it will overwrite it. Then once it is imported you would need to activate the config and that will be the new config. In your case importing an older proactive config and activating it will cause CIS to be in proactive config.