HIPS - Limited program no longer connects to the internet

Hi there!

I’m running ‘FSX:Steam Edition’ with Limited rights on HIPS. However, it no longer connects to the internet, even though it’s set to “Allowed Application” on the Firewall.


Does anyone know how I can make it connect to the internet again?

Cheers!

The HIPS limited predefined ruleset is too restrictive to allow Internet access as it blocks assess to the windows socket interface file group and the windows registry. You can edit the rule and add the Windows socket interface file group to the allowed files/folder exclusions for protected files/folders access right, then add /tcpip/ to the allowed registry keys exclusions to protected registry keys access right.

Where can I find a general explanation of “limited” and “contained” HIPS rulesets?

Mostly here: HIPS Rule Sets, Access Rights and Protection Settings | Internet Security Help

Thanks.
It doesn’t go into detail.
Could you, or somebody else, say a couple words about the “limited” and “contained” HIPS rulesets?

I stayed with that one and this this: https://help.comodo.com/topic-72-1-766-9164-Active-HIPS-Rules.html

But there is detailed and particular explanation from futuretech on the various sets within the last week or so if you check out his postings

Go to HIPS rulesets and double-click on those rulesets to see what they are set to. You will see contained ruleset sets every access name to block, while limited sets some to allow, some to block, and others to ask, while also having specific allow/block exclusions under certain access rights.

Thanks.
Contained and limited are a relatively new features, correct?
Let’s say I am paranoid about MS Word, would it be appropriate to run it as limited? It’s okay with me that it will not connect to internet.

No those rulesets have been there since version 3.x and probably even before that, just the name of them have changed, allowed used to be called trusted and contained used to be called isolated. Yes you could use limited for word, although I would just create an auto-containment rule to always run word fully virutalized.

Last time I tried running MS apps virtualized, they crashed after a few minutes, because they could not connect to the license mechanism.

That’s what happens to the Office applications with anything more recent than about 2010. They do require Internet access quite often, unless bought as stand-alone

I have Office 2016 standard.
It can survive quite well without internet, it just can’t pull the new templates.
But virtualizing it makes it crash.

Yes - it reverts to more or less, their trial version w/o any enhancements - unless bought as a Boxed version

So “contained” is the strictest, then.
Is there a way to completely block a certain file from executing, even though there are a lot of them?
For instance, let’s say I want to block msbuild.exe, and it appears in a lot of different folders. I could make a HIPS rule for *\msbuild.exe and set it to “contained”. But can I completely block it?

It would only block it from doing other things but not block it from being executed, you would be better off to create an auto-containment rule and set the action to block.

Can you create an autocontainment rule with a wild card in the path?

If it belongs to a file group then yes.

Ah, so you mean to create a custom file group. That sounds good. :slight_smile: