I'm trying to install a new version of our juniper GINA SSL login, but I think that HIP is preventing that.
In the logs it says:
Attack type: Msgina registry key modified.
So I can't get the gina-login to work.
Can anybody tell me how I can bypass this or where I can configure HIP so it allows this this time.
PC: windows XP SP2
HIPS: v 7.0.0 build 1021 security content version 3159
McAfee: enterprise 8.7.0i version 5400.1158
SSL-box: juniper SSL SA 2500
Message was edited by: TMVW on 4/28/10 5:15:11 AM CDT
You can create an exception for this trigger under the HIPS rules policy and create an exception, or you can look for the event under reporting>Host IPS. Find the event, and create an exception for it from there. The other thing you can do but don't recommend is lower the signature severity or disable the sig.