cancel
Showing results for 
Search instead for 
Did you mean: 

Rule Block Potential Ransomware Requests

Jump to solution

Anyone had success importing this rule available in the Content Security portal? I tried to import into my laboratory appliance with version 7.5.2.9 following the instructions of the documentation and I received the message below. The subscribed lists are not imported.

1 Solution

Accepted Solutions

Re: Rule Block Potential Ransomware Requests

Jump to solution

Works OK on MWG 7.6.2.4

9 Replies

Re: Rule Block Potential Ransomware Requests

Jump to solution

Works OK on MWG 7.6.2.4

Re: Rule Block Potential Ransomware Requests

Jump to solution

Tks for your answer. Works fine for me too. I did a new download of the rule file and repeat the process to import with sucess.

Reliable Contributor catdaddy
Reliable Contributor
Report Inappropriate Content
Message 4 of 10

Re: Rule Block Potential Ransomware Requests

Jump to solution

​,

                 In your opinion can we consider this thread as 'Correctly Answered'?

Thank you,

Cliff

Consumer Products

Moderator

Cliff
McAfee Volunteer

Re: Rule Block Potential Ransomware Requests

Jump to solution

Yes, we can consider as correctly answered.

Reliable Contributor catdaddy
Reliable Contributor
Report Inappropriate Content
Message 6 of 10

Re: Rule Block Potential Ransomware Requests

Jump to solution

Thank you for the confirmation

All the Best,

-CD

Cliff
McAfee Volunteer

Re: Rule Block Potential Ransomware Requests

Jump to solution

Hi All,

Can across this thread. I am having a few problems importing the ruleset as well. It saves from the online ruleset library as a 50053.tar or a.gz file and when I try and import it I get an error saying "This is not a valid file"

Can somebody advise or put a link to the ruleset in xml format please?

Reliable Contributor asabban
Reliable Contributor
Report Inappropriate Content
Message 8 of 10

Re: Rule Block Potential Ransomware Requests

Jump to solution

Hello,

you need to extract the .tar.to in order to get an XML which can be imported.

Best,

Andre

Re: Rule Block Potential Ransomware Requests

Jump to solution

Can you please attach that ransomware rule set on this post.

Re: Rule Block Potential Ransomware Requests

Jump to solution

Simply add new McAfee maintained list and use in block rule as needed.

More McAfee Tools to Help You
  • How-to: Endpoint Removal Tool
  • Support: Endpoint Security
  • Visit: Business Service Portal
  • More: Search Knowledge Articles
  • ePolicy Orchestrator Support
  • The McAfee ePO Support Center Plug-in is now available in the Software Manager. Follow the instructions in the Product Guide for more.