cancel
Showing results for 
Search instead for 
Did you mean: 
ErinC
Level 9

HIPS 8 - blocking loopback despite rules

Jump to solution

Hi all,


Hopefully someone will help me out here and tell me where I'm going wrong with configuring the HIPS 8 rules.

I've configured (via ePO) a connection aware group of rules to be applied to a specific network by DNS suffix.

I do not wish to block any traffic for this network and have configured one rule called "allow all in/out"

The rule is configured as follows;

Description

     Name : Allow all in/out

     Action : Allow

     Direction : Either

     Status : Enabled

Network Options

     Network Protocol : Any Protocol

     Media Types : Wired, Wireless, Virtual

     Network Name : *Not configured*

Transport Options

     Transport protocol : All Protocols

Applications : *Not configured*

Schedule : *Not configured*

I find that local loopback traffic is being blocked under this connection aware group for some reason.  I've even tried entering a new rule under the connection aware group to specifically allow all traffic in/out to the IP range 127.0.0.1->127.255.255.255 yet this still doesn't work.


Anyone got any ide where I'm going wrong ?  Quite liking HIPS8 apart from this, it seems a good upgrade from version 7

0 Kudos
1 Solution

Accepted Solutions
ErinC
Level 9

Re: HIPS 8 - blocking loopback despite rules

Jump to solution

Looks like I didn't search enough for a solution before posting.

After posting the above I noticed a similar thread in the "More Like This" section https://community.mcafee.com/message/172595#172595


The fix is https://kc.mcafee.com/corporate/index?page=content&id=KB71230

It isn't so much a fix as a change to the way HIPS works. (changed from version 7 anyway.  Interestingly I found that a manually created rule to allow loopback via the 127.0.0.0/8 subnet allowed the access ok, but if I specified a range of IPs, like 127.0.0.1-127.255.255.255 then it wouldn't work!

on 05/09/11 11:23:17 CDT
0 Kudos
1 Reply
ErinC
Level 9

Re: HIPS 8 - blocking loopback despite rules

Jump to solution

Looks like I didn't search enough for a solution before posting.

After posting the above I noticed a similar thread in the "More Like This" section https://community.mcafee.com/message/172595#172595


The fix is https://kc.mcafee.com/corporate/index?page=content&id=KB71230

It isn't so much a fix as a change to the way HIPS works. (changed from version 7 anyway.  Interestingly I found that a manually created rule to allow loopback via the 127.0.0.0/8 subnet allowed the access ok, but if I specified a range of IPs, like 127.0.0.1-127.255.255.255 then it wouldn't work!

on 05/09/11 11:23:17 CDT
0 Kudos