cancel
Showing results for 
Search instead for 
Did you mean: 
Highlighted
ErinC
Level 9
Report Inappropriate Content
Message 1 of 2

HIPS 8 - blocking loopback despite rules

Jump to solution

Hi all,


Hopefully someone will help me out here and tell me where I'm going wrong with configuring the HIPS 8 rules.

I've configured (via ePO) a connection aware group of rules to be applied to a specific network by DNS suffix.

I do not wish to block any traffic for this network and have configured one rule called "allow all in/out"

The rule is configured as follows;

Description

     Name : Allow all in/out

     Action : Allow

     Direction : Either

     Status : Enabled

Network Options

     Network Protocol : Any Protocol

     Media Types : Wired, Wireless, Virtual

     Network Name : *Not configured*

Transport Options

     Transport protocol : All Protocols

Applications : *Not configured*

Schedule : *Not configured*

I find that local loopback traffic is being blocked under this connection aware group for some reason.  I've even tried entering a new rule under the connection aware group to specifically allow all traffic in/out to the IP range 127.0.0.1->127.255.255.255 yet this still doesn't work.


Anyone got any ide where I'm going wrong ?  Quite liking HIPS8 apart from this, it seems a good upgrade from version 7

1 Solution

Accepted Solutions
ErinC
Level 9
Report Inappropriate Content
Message 2 of 2

Re: HIPS 8 - blocking loopback despite rules

Jump to solution

Looks like I didn't search enough for a solution before posting.

After posting the above I noticed a similar thread in the "More Like This" section https://community.mcafee.com/message/172595#172595


The fix is https://kc.mcafee.com/corporate/index?page=content&id=KB71230

It isn't so much a fix as a change to the way HIPS works. (changed from version 7 anyway.  Interestingly I found that a manually created rule to allow loopback via the 127.0.0.0/8 subnet allowed the access ok, but if I specified a range of IPs, like 127.0.0.1-127.255.255.255 then it wouldn't work!

on 05/09/11 11:23:17 CDT
1 Reply
ErinC
Level 9
Report Inappropriate Content
Message 2 of 2

Re: HIPS 8 - blocking loopback despite rules

Jump to solution

Looks like I didn't search enough for a solution before posting.

After posting the above I noticed a similar thread in the "More Like This" section https://community.mcafee.com/message/172595#172595


The fix is https://kc.mcafee.com/corporate/index?page=content&id=KB71230

It isn't so much a fix as a change to the way HIPS works. (changed from version 7 anyway.  Interestingly I found that a manually created rule to allow loopback via the 127.0.0.0/8 subnet allowed the access ok, but if I specified a range of IPs, like 127.0.0.1-127.255.255.255 then it wouldn't work!

on 05/09/11 11:23:17 CDT
More McAfee Tools to Help You
  • Subscription Service Notification (SNS)
  • How-to: Endpoint Removal Tool
  • Support: Endpoint Security
  • eSupport: Policy Orchestrator
  • Community Help Hub

      New to the forums or need help finding your way around the forums? There's a whole hub of community resources to help you.

    • Find Forum FAQs
    • Learn How to Earn Badges
    • Ask for Help
    Go to Community Help

    Join the Community

      Thousands of customers use the McAfee Community for peer-to-peer and expert product support. Enjoy these benefits with a free membership:

    • Get helpful solutions from McAfee experts.
    • Stay connected to product conversations that matter to you.
    • Participate in product groups led by McAfee employees.
    Join the Community
    Join the Community