Showing results for 
Search instead for 
Did you mean: 
Level 8

HIP exception

Dear friends

On My HIPS I have threat events that the signature is about TCP port scan and it is false positive. I want to fixed it by exception rule to not annoy it from blocking,

policy catalog>host intrusion prevention 8:IPS> IPS Rules>exception rule, here I do not know the meaning of executable parameters, I have remote ip  ,remote port, local ip,local port and threat ID =3700 in my threat log .but in this path I have only remote ip in my parameters.

Is this exception work correctly? or I should add more features? how does it know to not to block this remote ip from accessing to this local ip?

0 Kudos
1 Reply
Level 20

Re: HIP exception


                    I am marking this particular thread as 'Assumed Answered' and locking it. As it is basically a duplicate. Please refer to the following thread you posted

                     If you need it to be moved elsewhere, kindly apprise.

Thank you,


McAfee Volunteer
0 Kudos