Showing results for 
Search instead for 
Did you mean: 

HIPS Firewall Blocking Admin Share Access

Running into a HIPS firewall issue. Our system administrators need to be able to "C$" or "psexec.exe" into system file shares from time to time and are being blocked by the HIPS Firewall. Looking through the logs, the only issue that I see was "ms-ds" being blocked on port 445. To test it I created a rule to allow "ms-ds", No luck. I then tried to use learn mode to capture a specific signature I may be missing but it didn't give me anything useful that I could use. There are a bunch of SVCHOST.exe processes that are being blocked but I don't know if any of them are relevant. Any ideas anyone?

2 Replies
Reliable Contributor catdaddy
Reliable Contributor
Report Inappropriate Content
Message 2 of 3

Re: HIPS Firewall Blocking Admin Share Access

Discussion successfully moved from Support Forums to Host Intrusion Prevention

McAfee Volunteer
McAfee Employee ktankink
McAfee Employee
Report Inappropriate Content
Message 3 of 3

Re: HIPS Firewall Blocking Admin Share Access

What FW rule is blocking the traffic?  If it's the BLOCK ALL TRAFFIC rule, then try turning on Firewall Adaptive mode (not IPS signatures) to see if the FW will create rules to allow it.  Then you can add those rules to your policy.

KB67055 – How to troubleshoot a network facing application, or traffic is blocked by Host Intrusion Prevention firewall

More McAfee Tools to Help You
  • Subscription Service Notification (SNS)
  • How-to: Endpoint Removal Tool
  • Support: Endpoint Security
  • eSupport: Policy Orchestrator
  • Community Help Hub

      New to the forums or need help finding your way around the forums? There's a whole hub of community resources to help you.

    • Find Forum FAQs
    • Learn How to Earn Badges
    • Ask for Help
    Go to Community Help

    Join the Community

      Thousands of customers use the McAfee Community for peer-to-peer and expert product support. Enjoy these benefits with a free membership:

    • Get helpful solutions from McAfee experts.
    • Stay connected to product conversations that matter to you.
    • Participate in product groups led by McAfee employees.
    Join the Community
    Join the Community